BSA/AML Examination Manual - ffiec

More documents

Recommendations

Info

Automated Clearing House Transactions — Overview originated by the accountholder sending funds (payer), while an ACH debit transaction is originated by the accountholder receiving funds (payee). Within the ACH system, these participants and users are known by the following terms: • Originator. An organization or person that initiates an ACH transaction either as a debit or credit. • Originating Depository Financial Institution (ODFI). The Originator’s depository financial institution that forwards the ACH transaction into the national ACH network through an ACH Operator. • ACH Operator. An ACH Operator processes all ACH transactions that flow between different depository financial institutions. An ACH Operator serves as a central clearing facility that receives entries from the ODFIs and distributes the entries to the appropriate Receiving Depository Financial Institution. There are currently two ACH Operators: FedACH and Electronic Payments Network (EPN). • Receiving Depository Financial Institution (RDFI). The Receiver’s depository institution that receives the ACH transaction from the ACH Operators and credits or debits funds from their receivers’ accounts. • Receiver. An organization or person that authorizes the Originator to initiate an ACH transaction, either as a debit or credit to an account. Third-Party Service Providers A third-party service provider (TPSP) is an entity other than an Originator, ODFI, or RDFI that performs any functions on behalf of the Originator, the ODFI, or the RDFI with respect to the processing of ACH entries. 172 The National Automated Clearing House Association – The Electronic Payments Association (NACHA) Operating Rules define TPSPs and relevant subsets of TPSPs that include “Third-Party Senders” and “Sending Points.” 173 The functions of these TPSPs can include, but are not limited to, the creation of ACH files on behalf of the Originator or ODFI, or acting as a sending point of an ODFI (or receiving point on behalf of an RDFI). Risk Factors The ACH system was designed to transfer a high volume of low-dollar domestic transactions, which pose lower BSA/AML risks. Nevertheless, the ability to send highdollar and international transactions through the ACH may expose banks to higher BSA/AML risks. Banks without a robust BSA/AML monitoring system may be exposed 172 Third-party service provider is a generic term for any business that provides services to a bank. A thirdparty payment processor is a specific type of service provider that processes payments such as checks, ACH files, or credit and debit card messages or files. Refer to the expanded overview section, “Third-Party Payment Processors,” page 209, for additional guidance. 173 When independent TPSPs contract with independent sales organizations or other third-party payment processors, there may be two or more layers between the ODFI and the Originator. FFIEC BSA/AML Examination Manual 200 8/24/2007
Automated Clearing House Transactions — Overview to additional risk particularly when accounts are opened over the Internet without face-toface contact. ACH transactions that are originated through a TPSP (that is, where the Originator is not a direct customer of the ODFI) may increase BSA/AML risks, therefore making it difficult for an ODFI to underwrite and review Originator transactions for compliance with BSA/AML rules. 174 Risks are heightened when neither the TPSP nor the ODFI performs due diligence on the companies for whom they are originating payments. Certain ACH transactions, such as those originated through the Internet or the telephone, may be susceptible to manipulation and fraudulent use. Certain practices associated with how the banking industry processes ACH transactions may expose banks to BSA/AML risks. These practices include: • An ODFI authorizing a TPSP to send ACH files directly to an ACH Operator, in essence bypassing the ODFI. • ODFIs and RDFIs relying on each other to perform adequate due diligence on their customers. • Because ACH processing is highly efficient and more automated than individual funds transfers, there are fewer opportunities for human review of individual transactions. Risk Mitigation The BSA requires banks to have BSA/AML compliance programs and appropriate policies, procedures, and processes in place to monitor and identify unusual activity, including ACH transactions. Obtaining customer due diligence (CDD) information is an important mitigant of BSA/AML risk in ACH transactions. Because of the nature of ACH transactions and the reliance that ODFIs and RDFIs place on each other for OFAC reviews and other necessary due diligence information, it is essential that all parties have a strong CDD program for regular ACH customers. For relationships with TPSPs, CDD on the TPSP can be supplemented with due diligence on the principals associated with the TPSP and, as necessary, on the originators. Adequate and effective CDD policies, procedures, and processes are critical in detecting a pattern of unusual and suspicious activities because the individual ACH transactions are typically not reviewed. Equally important is an effective risk-based suspicious activity monitoring and reporting system. In cases where a bank is heavily reliant upon the TPSP, a bank may want to review the TPSP’s suspicious activity monitoring and reporting program, either through its own or an independent inspection. The ODFI may establish an agreement with the TPSP, which delineates general TPSP guidelines, such as compliance with ACH operating requirements and responsibilities and meeting other applicable state and federal 174 A bank’s underwriting policy should define what information each application should contain. The depth of the review of an originator’s application should match the level of risk posed by the originator. The underwriting policy should require a background check of each originator to support the validity of the business. FFIEC BSA/AML Examination Manual 201 8/24/2007
Page 1 and 2:
Bank Secrecy Act / Anti-Money Laund
Page 3 and 4:
Table of Contents EXPANDED EXAMINAT
Page 5 and 6:
INTRODUCTION Introduction This Fede
Page 7 and 8:
Background Introduction In 1970, Co
Page 9 and 10:
Introduction institutions, such as
Page 11 and 12:
Introduction proliferation of weapo
Page 13 and 14:
Introduction Although the motivatio
Page 15 and 16:
Scoping and Planning — Overview C
Page 17 and 18:
Scoping and Planning — Overview T
Page 19 and 20:
Scoping and Planning — Examinatio
Page 21 and 22:
Scoping and Planning — Examinatio
Page 23 and 24:
BSA/AML Risk Assessment — Overvie
Page 25 and 26:
Page 27 and 28:
Analysis of Specific Risk Categorie
Page 29 and 30:
Page 31 and 32:
BSA/AML Risk Assessment — Examina
Page 33 and 34:
BSA/AML Compliance Program — Over
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
BSA/AML Compliance Program — Exam
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
Developing Conclusions and Finalizi
Page 47 and 48:
Developing Conclusions and Finalizi
Page 49 and 50:
Customer Identification Program —
Page 51 and 52:
Customer Information Required Custo
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Transaction Testing Customer Identi
Page 59 and 60:
Page 61 and 62:
Customer Due Diligence — Overview
Page 63 and 64:
Customer Due Diligence — Examinat
Page 65 and 66:
Suspicious Activity Reporting — O
Page 67 and 68:
Page 69 and 70:
Law Enforcement Inquiries and Reque
Page 71 and 72:
Timing of a SAR Filing Suspicious A
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Suspicious Activity Reporting — E
Page 79 and 80:
Suspicious Activity Reporting — E
Page 81 and 82:
Currency Transaction Reporting —
Page 83 and 84:
Currency Transaction Reporting —
Page 85 and 86:
Currency Transaction Reporting Exem
Page 87 and 88:
• Operating a pawn brokerage. Cur
Page 89 and 90:
Currency Transaction Reporting Exem
Page 91 and 92:
Information Sharing — Overview In
Page 93 and 94:
Information Sharing — Overview su
Page 95 and 96:
Information Sharing — Overview es
Page 97 and 98:
Copies of section 314(a) requests.
Page 99 and 100:
Purchase and Sale of Monetary Instr
Page 101 and 102:
Page 103 and 104:
Funds Transfers Recordkeeping — O
Page 105 and 106:
Funds Transfers Recordkeeping — O
Page 107 and 108:
Responsibilities of Beneficiary’s
Page 109 and 110:
Funds Transfers Recordkeeping — E
Page 111 and 112:
Foreign Correspondent Account Recor
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Private Banking Due Diligence Progr
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Special Measures — Overview minim
Page 135 and 136:
Examination Procedures Special Meas
Page 137 and 138:
Foreign Bank and Financial Accounts
Page 139 and 140:
International Transportation of Cur
Page 141 and 142:
Office of Foreign Assets Control
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154: Enterprise-Wide BSA/AML Compliance
Page 159 and 160: Corporate management. Enterprise-Wi
Page 161 and 162: Foreign Branches and Offices of U.S
Page 167 and 168: Examination Procedures Parallel Ban
Page 169 and 170: Correspondent Accounts (Domestic)
Page 175 and 176: Correspondent Accounts (Foreign)
Page 177 and 178: Correspondent Accounts (Foreign)
Page 179 and 180: U.S. Dollar Drafts — Overview U.S
Page 181 and 182: U.S. Dollar Drafts — Examination
Page 183 and 184: Payable Through Accounts — Overvi
Page 185 and 186: Payable Through Accounts — Examin
Page 187 and 188: Payable Through Accounts — Examin
Page 189 and 190: Risk Mitigation Pouch Activities
Page 191 and 192: Pouch Activities — Examination Pr
Page 193 and 194: Electronic Banking — Overview lin
Page 195 and 196: Examination Procedures Electronic B
Page 197 and 198: Funds Transfers — Overview and on
Page 199 and 200: Funds Transfers — Overview busine
Page 201 and 202: Examination Procedures Funds Transf
Page 203: Automated Clearing House Transactio
Page 207 and 208: Automated Clearing House Transactio
Page 209 and 210: Transaction Testing Automated Clear
Page 211 and 212: Electronic Cash — Overview Using
Page 213 and 214: Third-Party Payment Processors —
Page 215 and 216: Third-Party Payment Processors —
Page 217 and 218: Purchase and Sale of Monetary Instr
Page 219 and 220: Brokered Deposits — Overview Brok
Page 221 and 222: Examination Procedures Brokered Dep
Page 223 and 224: Privately Owned Automated Teller Ma
Page 225 and 226: • Expected account activity, incl
Page 227 and 228: Privately Owned ATMs — Examinatio
Page 229 and 230: Nondeposit Investment Products —
Page 231 and 232: Nondeposit Investment Products —
Page 233 and 234: − Holdings in excess of the custo
Page 235 and 236: Insurance — Overview its insuranc
Page 237 and 238: Examination Procedures Insurance In
Page 239 and 240: Concentration Accounts — Overview
Page 241 and 242: Concentration Accounts — Examinat
Page 243 and 244: Lending Activities — Overview bus
Page 245 and 246: Trade Finance Activities — Overvi
Page 247 and 248: Risk Mitigation Trade Finance Activ
Page 249 and 250: Trade Finance Activities — Overvi
Page 251 and 252: Private Banking — Overview Privat
Page 253 and 254: Customer Risk Assessment Private Ba
Page 255 and 256:
Private Banking — Overview determ
Page 257 and 258:
Offshore entities. Cash-intensive b
Page 259 and 260:
Trust and Asset Management Services
Page 261 and 262:
• The type of trust or agency acc
Page 263 and 264:
Transaction Testing Trust and Asset
Page 265 and 266:
Nonresident Aliens and Foreign Indi
Page 267 and 268:
Nonresident Aliens and Foreign Indi
Page 269 and 270:
Politically Exposed Persons — Ove
Page 271 and 272:
Politically Exposed Persons — Ove
Page 273 and 274:
Politically Exposed Persons — Exa
Page 275 and 276:
Embassy and Foreign Consulate Accou
Page 277 and 278:
Embassy and Foreign Consulate Accou
Page 279 and 280:
Non-Bank Financial Institutions —
Page 281 and 282:
Page 283 and 284:
Page 285 and 286:
Page 287 and 288:
Professional Service Providers —
Page 289 and 290:
Professional Service Providers —
Page 291 and 292:
Non-Governmental Organizations and
Page 293 and 294:
Non-Governmental Organizations and
Page 295 and 296:
Business Entities (Domestic and For
Page 297 and 298:
Risk Factors Business Entities (Dom
Page 299 and 300:
Page 301 and 302:
Page 303 and 304:
Cash-Intensive Businesses — Overv
Page 305 and 306:
Appendix A: BSA Laws and Regulation
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Appendix B: BSA/AML Directives Appe
Page 313 and 314:
Web Sites Appendix C: BSA/AML Refer
Page 315 and 316:
Appendix C: BSA/AML References •
Page 317 and 318:
Appendix D: Statutory Definition of
Page 319 and 320:
Appendix E: International Organizat
Page 321 and 322:
Appendix F: Money Laundering and Te
Page 323 and 324:
Page 325 and 326:
Privately Owned Automated Teller Ma
Page 327 and 328:
Page 329 and 330:
Funds Transfers Appendix F: Money L
Page 331 and 332:
Appendix G: Structuring However, tw
Page 333 and 334:
Appendix H: Request Letter Items (C
Page 335 and 336:
Page 337 and 338:
Page 339 and 340:
Expanded Examination Procedures App
Page 341 and 342:
Parallel Banking _ List any paralle
Page 343 and 344:
Page 345 and 346:
Page 347 and 348:
Page 349 and 350:
Page 351 and 352:
Appendix I: Risk Assessment Link to
Page 353 and 354:
Appendix J: Quantity of Risk Matrix
Page 355 and 356:
Appendix K: Customer Risk versus Du
Page 357 and 358:
When did the suspicious activity ta
Page 359 and 360:
Low No history of OFAC actions. No
Page 361 and 362:
Appendix O: Examiner Tools for Tran
Page 363 and 364:
Appendix O: Examiner Tools for Tran
Page 365 and 366:
Signature Cards Appendix P: BSA Rec
Page 367 and 368:
Name and address of the beneficiary
Page 369 and 370:
Appendix P: BSA Record Retention Re
Page 371 and 372:
Acronym or abbreviation Full name E
Page 373 and 374:
Acronym or abbreviation Full name N
Page 375 and 376:
Appendix R: Enforcement Guidance Ap
Page 377 and 378:
Appendix R: Enforcement Guidance As
Page 379 and 380:
Appendix R: Enforcement Guidance ex
Page 381 and 382:
Appendix R: Enforcement Guidance FF
Page 383 and 384:
Backfiling. See Currency Transactio
Page 385 and 386:
overview, 165-167 request letter it
Page 387 and 388:
money services businesses, 279 nond
Page 389 and 390:
Export Administration Act of 1979,
Page 391 and 392:
Index 314(a) record searches, 88 Cu
Page 393 and 394:
Index for a BSA/AML compliance prog
Page 395 and 396:
guidance on providing banking servi
Page 397 and 398:
247, 253, H-15 Offshore Financial C
Page 399 and 400:
Page 401 and 402:
trade finance activities, H-14 trus
Page 403 and 404:
enterprise-wide, 149-150, 152, 153
Page 405:
U United Nations, 7, 137 Updating O
show all

BSA/AML Examination Manual - ffiec

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?