CREDIT UNIONS
AREAS OF SPECIALIZATIONRESOURCESCONTACT US
CREDIT UNION ADVISOR
Credit Unions > Resources > Credit Union Advisor > 2007 Fall Issue

Common Findings From Anti-Money Laundering Practices — Are You At Risk in Any of These Areas?
 by John Mull, Regulatory Compliance Specialist
Credit Union Advisor, 2007 Fall

Anti-Money Laundering (AML) regulations and the Bank Secrecy Act (BSA) continue to be hot topics in the current regulatory environment. In our interactions with credit unions over the last several years, a number of areas have been identified as opportunities for improvement. To help you monitor your BSA/AML programs and procedures, we felt it would be helpful to share with you the list of common findings that we have been seeing. We believe you will find it beneficial to review your policies and procedures in light of these common findings and see if any adjustments to your activities are warranted.

AML/BSA and OFAC Risk Assessments

  • Identification of relevant risk factors is incomplete.
  • Description of the credit union’s involvement with a risk factor is limited and does not provide sufficient detail to evaluate potential risk.
  • Mitigating controls are not identified for the risk factors.
  • Mitigating controls are inconsistent with the level of risk associated with a risk factor.
  • The process to periodically review or update the risk assessment is not formalized.
  • Communication with the Board of Directors on either the initial risk assessment or subsequent changes to the risk assessment could be improved.

BSA/AML Policy and Procedures

  • The current version of the BSA/AML policy has not been reviewed and approved by the Board of Directors.
  • The BSA/AML policy does not comprehensively acknowledge relevant regulatory requirements or the financial institution’s specific policies related to BSA compliance.
  • Policy and procedures do not reflect risks or controls identified in the various risk assessments conducted.
  • Procedures provide definition only of regulatory requirements and do not identify the process to implement the requirements.
  • Documented procedures are not readily available to staff responsible for execution of the process.
  • The BSA officer does not have sufficient authority to pursue BSA/AML compliance administration issues.

Customer Identification Program (CIP)

  • No discussion of reliance on other financial institutions or other third parties to perform CIP procedures where applicable.
  • Incomplete discussion of the procedures that should be used when the primary identification documents identified by the financial institution are not available (either the account cannot be opened or specified secondary forms of identification can be used).
  • CIP procedures are not executed for members added to an account after the account is opened.
  • Incomplete information is obtained on secondary owners not present at account opening.
  • Identification document information is not recorded.
  • The resolution of discrepancies related to information obtained during the CIP is not documented.

Customer Due Diligence (CDD)

  • CDD program documentation is incomplete or nonexistent.
  • No formal process has been implemented to evaluate and assign risk ratings.
  • Monitoring is not being done at the frequency designated in the CDD program.
  • Lack of documentation to evidence execution of the monitoring process or the conclusions reached as a result of the review.
  • No formal process has been implemented to evaluate risk ratings previously assigned.

Suspicious Activity Reports (SAR)

  • Limited or no documentation of the procedures for identifying and referring suspicious activity.
  • Limited or no documentation of investigations that resulted in a conclusion that a SAR was not warranted.
  • Narratives do not provide sufficient detail of the nature of the suspicious activity.
  • Documentation related to SARs is not maintained in a secure location.
  • Monitoring of the activity of members that are the subject of SARs is not executed.
  • SARs are not filed in a timely manner.

Training

  • Staff required to receive training do not participate in required components.
  • Training materials are outdated or do not cover relevant areas of regulation based on the individual’s job responsibilities.
  • No training is provided to the Board of Directors.
  • Limited or no documentation is maintained to support execution of the training program.
  • Policies and relevant procedures implementing policy and regulatory requirements are not included in training sessions.
  • The BSA officer and staff primarily responsible for BSA/AML compliance program administration do not participate in training opportunities necessary to enhance or maintain their level of proficiency.

Currency Transaction Reports (CTR)

  • CTRs are not submitted where required.
  • CTRs are not submitted in a timely manner or information is inaccurate.
  • Account numbers of affected accounts are not identified.

Currency Transaction Report Exemptions

  • Limited or no documentation is maintained to support the initial exemption or the annual review process.
  • Limited or no documentation is maintained of the review for suspicious activity for exempt persons.
  • The annual review procedures are not consistent with regulatory requirements and guidance.
  • Evidence to support submission of biennial renewals is not retained.
  • Biennial renewals are not submitted in a timely manner.

Monetary Instrument Record-keeping

  • Transactions subject to the record-keeping requirements are not identified, resulting in a failure to record the required information.
  • Information required for sales to non-members is not recorded.
  • BSA/AML policy (and/or associated procedures) does not reflect the prohibition on the sale of monetary instruments to non-members.

Wire Transfer Record-keeping

  • Information required for transactions executed for non-members is not recorded.
  • BSA/AML policy (and/or associated procedures) does not reflect the prohibition on the execution of wire transfer requests from non-members.

OFAC

  • Relevant participants in transactions are not compared to the OFAC lists.
  • Database comparisons are not being done or executed at the frequency identified in policy/procedures.
  • Procedures are incomplete or not documented.
  • Implementing procedures are incomplete for transactions identified as being subject to screening requirements.

We realize the rules and regulations for BSA/AML compliance are complex, and that compliance in some areas may be easier than in others. Even though there have not been recent changes to the BSA/AML regulations, it is important that you continually review your processes and procedures to apply enhancements and refinements which will ensure the most efficient and effective compliance.

John Mull has more than 23 years of financial institutions experience, including extensive regulatory experience as a manager of the compliance function for a large Midwest regional bank. He also has experience as an operations analyst and IRA operations manager. John can be contacted at 616.643.4078.

Downloads

Credit Union Advisor, 2007 Fall Issue.pdf

2008 Plante & Moran, PLLC. All rights reserved PMSecure File Exchange | Disclaimer | Privacy Policy | email webmaster
TO DOWNLOAD DOCUMENTS YOU MAY NEED TO INSTALL ADOBE ACROBAT TO ENHANCE EXPERIENCE YOU MAY NEED TO INSTALL FLASH