Professional Documents
Culture Documents
www.fincen.gov 31 CFR Chapter X BSAs new home. As of March 1, 2011 the BSA has moved from 31 CFR 103 to its new home in Chapter X. FFIEC BSA Examiners Manual NCUA ARIES Exam Questionnaire
A group of laws designed to assist the government in its efforts to monitor, prevent, and prosecute money laundering and other financial crimes. 1970 Bank Secrecy Act (aka Currency & Foreign Transactions Act Established recordkeeping and reporting requirements for individuals and financial institutions. 1986 Money Laundering Control Act Imposed criminal liability on individuals and financial institutions that knowingly support or assist in money laundering activities. Required the establishment of programs to monitor and report such activities. 1990 Financial Crimes Enforcement Network (FinCEN) is created.
1992 Annunzio-Wylie Anti-Money Laundering Act Strengthened sanctions and Treasurys enforcement role. 1994 Money Laundering Suppression Act Further enhanced Treasurys enforcement role. 1996 The development of the Suspicious Activity Report. 2001 USA PATRIOT Act Response to the terrorist attacks of 9/11.
Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism
BSA/AML Basics
Must be commensurate with an institutions BSA/AML risk level Must be reviewed and approved annually
A regular periodic BSA/AML risk assessment (generally performed annually) Annual independent review of the credit unions BSA/AML compliance program
Can be conducted by in-house personnel, if independent from BSA/AML processes (e.g. Supervisory Committee) Can be conducted by outside audit firm or League staff
BSA/AML Basics
Must be provided the tools and training to effectively manage the institutions BSA/AML program Must be in a position of authority sufficient to manage the BSA/AML program
Annual training for all staff and volunteers as appropriate for job duties and responsibilities
BSA/AML Basics
Internal policies, procedures, and controls to ensure compliance with all aspects of the BSA/AML laws. Transaction Monitoring & Information Reporting
Currency Transaction Reports Suspicious Activity Reports Monetary Instrument Log PATRIOT ACT Section 314(a) PATRIOT ACT Section 326 Customer (Member) Due Diligence
BSA/AML Basics
Enforcement by Financial Crimes Enforcement Network (FinCEN), an agency of the Treasury Department Regulatory oversight by NCUA and BFI, depending on charter type. Often the NCUA will take the lead on BSA examinations even in state-chartered credit unions for reasons of safety and soundness Penalties can be civil, criminal, or both and may range from $500 into the millions for specific and systemic BSA violations
Pacific National Bank - $355,000,000 in assets, bank owned by the government of Ecuador
Adequately identify, monitor, and report suspicious activity Conduct sufficient due diligence Adequately audit high risk areas and transactions
Failure to implement effective AML program with regard to foreign accounts Failure to establish internal policies and controls Failure to designate individual responsible for day-today compliance with BSA/AML rules
Lack of internal controls Unqualified BSA personnel Lack of training Deficient independent testing
Each credit union is required to have a compliance program that includes: a system of internal controls to ensure ongoing compliance testing for compliance by the credit union or outside party a compliance officer responsible for monitoring day-to-day compliance training for appropriate employees. The written BSA compliance policies and procedures should be updated to reflect changes in the credit unions BSA risk assessment as well as any changes to the regulations. NCUA ARIES Exam Questionnaire
Risk Assessment
The credit unions risk assessment should consider the following factors during the risk identification process:
The risk assessment should be periodically reviewed and updated, particularly when new products, services, members and geographic locations are added.
The risk assessment process should determine the credit unions inherent risk (quantity of risk), how internal controls mitigate (reduce) risk exposure, and whether the remaining level of risk exposure is appropriate for the credit union. While fully offsetting all BSA/AML risk would be prohibitively expensive for most financial institutions, there should be a reasonable relationship between the level of unmitigated risk and resources devoted to BSA/AML.
NCUA ARIES Exam Questionnaire
Report all currency transactions over $10,000 Must be filed within 25 days of the transaction Report must include:
Name Social Security Number & ID number Physical address Occupation Date of transaction Type of transaction Amount of transaction(s) rounded up to nearest dollar
CTR Continued
Deposits aggregated for any business day Withdrawals aggregated for any business day Deposits and withdrawals NOT aggregated All joint owners of an account into which a deposit is made must appear on the CTR.
True also for businesses. All beneficial owners of the business should appear on the CTR.
A recent conversation with FinCEN revealed that for withdrawals from joint accounts only the member we know will benefit must appear on the CTR.
Financial institutions operating in the US Federal or state governments Entities acting with governmental authority
Exemption Criteria
Entities listed on major national exchanges must be exempted using a form DOEP. An annual review of eligibility must be conducted and suspicious activity monitoring is still required Non listed businesses must meet the following:
Conduct at least 5 reportable transactions per year Maintain an account for two months (less if based on detailed risk analysis No more than 50% of gross income from prohibited activities File DOEP Annual review of eligibility Ongoing suspicious activity monitoring and reporting
Prohibited Activities
Serving as a financial institution or agents of a financial institution Purchase or sale of motor vehicles, aircraft, or farm equipment Chartering of ships, buses, or aircraft Gaming of any kind (except licensed parimutuel betting at race tracks)
Auctioning of goods Practice of law, accountancy, or medicine Investment advisory services & banking Real estate brokerage Pawn brokerage Title insurance and real estate closing services Trade union activities
Credit unions are required to file Suspicious Activity Reports under the following conditions:
Insider abuse of any amount Any Federal criminal violations of $5,000 or greater when a suspect can be identified Any Federal criminal violations of $25,000 when a suspect cannot be identified Computer Intrusion
Transactions of $5,000 or more involving potential money laundering and/or Bank Secrecy Act violations if:
The credit union knows, suspects, or has reason to suspect that: The transaction involves funds from illegal activities and is designed to hide or disguise the true nature of the funds The transaction is designed to avoid BSA reporting The transaction has no apparent business purpose and cannot be adequately explained by investigation
If a suspect is identified 30 days from the date activity is determined to be suspicious If no suspect was identified 60 days from the date activity is determined to be suspicious. If the activity giving rise to the SAR continues, new SARs must be filed every 90 days
SAR Examples
A business member who suddenly starts making large cash deposits. A member who asks about the limit on filing a CTR report and then makes a transaction for an amount just under $10,000.00. A member who frequently exchanges small bills for large bills. Frequent cash deposits under $10,000 into accounts with low average balances. ATM cash deposits that are below the specified threshold. Businesses that do not normally generate cash in normal course of operation, making numerous cash transactions. An unusual cash deposit for a member given their account history and activity. The transaction has no business purpose or apparent lawful purpose or is not one that the member would normally be engaged in and the Credit Union knows of no reasonable explanation for the transaction after examining all available facts. Loan fraud, including large payment amounts, lies on loan applications, mortgage (both residential and business) loan fraud
The filing and content of SARs are to be considered secret. The Bank Secrecy Act regulations prohibit the disclosure of the existence and/or content of any SAR filing. Discussions within the credit union should be limited to those with a direct involvement in the identification of the activity or the preparation of the SAR.
SAR Resources
www.fincen.gov
SAR Narrative Guidance SAR Tips and Trends SAR Powerpoint Presentation
Currency dealer or exchanger Check Casher Issuer of travelers checks, money orders, stored value Seller or redeemer of travelers checks, money orders, stored value Money transmitter All except money transmitters subject to $1,000 for any person on any day rule. All money transmitters are MSBs regardless of activity level day = business day = day communicated to members that their transactions will normally post
FinCEN requires all MSBs to be registered If an MSB is not registered and is a member of your credit union you have a SAR filing responsibility. Check the MSB list at http://www.fincen.gov/financial_institutions/m sb/msbstateselector.html
Record all cash purchases of cashiers checks, travelers checks and money orders in the amounts of $3,000 - $10,000 Required info: Name Address Date of Birth ID # Amount of transaction Type of instrument Number of instrument Date of purchase Most credit unions do not have to keep a physical log because they do not offer these products to non-members. If you do, you will probably need to keep a log.
Requires financial institutions to respond to periodic requests for account/member information from the international law enforcement community. Credit unions must:
Identify an employee as the 314(a) point of contact. This person is listed as such on the 5300. Compare the 314(a) biweekly list against the CUs membership. Any matches must be communicated to the requesting officer/agent within 12 days of the request.
Section 314(b) provides for voluntary sharing of information with other financial institutions. A CU must complete a free registration process. There is no requirement to participate in this program.
Requires financial institutions to: Implement reasonable procedures to verify the identity of any person seeking to open an account. Maintain records of the information used to verify the persons identity. Determine whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the FI by any government agency. Provide the consumer opening a new account with notice of the information collection requirement.
At a minimum, must obtain and maintain records of the following for each new member: Name Date of birth (for individuals) Address (physical address is required) Identification number
Social Security Number Individual Tax Identification Number Passport Number and Country of Issuance An Alien Identification Card Number Number and Country of Issuance of any other foreign government issued ID
"The cornerstone of a strong BSA/AMLprogram is adoption and implementation of comprehensive MDD policies, procedures, and processes for all members, particularly those that present a higher risk for money laundering or terrorist financing. The objectiveshould be to allow the credit union the predict with relative certainty the types of transactions the member is likely to engage.
The concept of MDD begins with verifying the members identity and assessing the risks associated with the member. Processes should also include enhanced MDD for higher risk members and ongoing due diligence for the entire membership.
Record Retention
BSA generally requires record retention of 5 years from the date of creation of the record MIP (PATRIOT ACT 326) requires
Member name, address, date of birth, ID number must be kept for 5 years following the closing of the account Documents relied upon to verify the members identity must be retained for 5 years from the date of the creation of the record
Money Laundering
Moving dirty money (funds from illegal enterprises) through financial systems to disguise the origin of the funds and make them appear legal or clean.
Placement: Physically placing bulk cash proceeds. (e.g. making a deposit into a credit union account) Layering: Separating the proceeds of criminal activities from their origins through layers of complex financial transactions. (e.g. buying big ticket items such as securities, cars, travel tickets often placed in someone elses name to further distance the criminal from the cash.) Integration: Providing an apparent legitimate explanation for the proceeds. (e.g. business investments or transactions)
Financial institutions are prime targets for money launderers based on the many products and services offered that can be used to facilitate all three stages of money laundering.
Placement = deposit accounts (savings, money market, share certificates) Layering = purchase of monetary instruments for use in purchasing big ticket items (money orders, cashiers checks, travelers checks) and using wire transfers to move money around the country and the world Integration = cash used as down payment for real estate (loan obtained through credit union), investments in securities offered through CUSOs, obtaining business accounts for front businesses
Refusal or reluctance to proceed with or abrupt withdrawal of a transaction after learning of CTR filing Refusal or reluctance to provide required information or identification Structured or recurring non-reportable transactions Multiple transactions in even dollar amounts Transactions structured to lose the paper trail Suspicious movement of funds between institutions Non-local address
Multiple accounts for a single member High activity volume with low balances Share certificates used as collateral for loans Loan payments by third parties Disbursement of loan proceeds by multiple credit union checks Replacement of monetary instruments (e.g. purchasing travelers checks with a money order) Monetary instruments purchased with large amounts of cash
OFAC is a division of the U.S. Treasury Department. OFAC administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals against targeted foreign countries, terrorist, international narcotics traffickers, and those engaged in activities related to the proliferation of weapons of mass destruction.
OFAC continued
OFAC can impose controls on transactions and freeze foreign assets in U.S. jurisdiction. In order to accomplish these goals OFAC has compiled a number of lists of nationals and other entities with whom FIs are prohibited from doing any sort of business. Each OFAC enforced sanction has different restrictions as determined by the federal government and often by order of the President.
Balkans Related Belarus Burma Cote dIvoire Counter Narcotics Trafficking Counter Terrorism Cuba Democratic Republic of Congo Diamond Trading Iran
Iraq Related Former Liberian Regime of Charles Taylor Lebanon Libya Non Proliferation Somalia Sudan Syria Zimbabwe
OFAC continued
Non-compliance with OFAC sanctions can result in personal penalties of up to $1,000,000 or 12 years in jail!
Include OFAC compliance in your BSA/AML program Checks the names of payees for all Cashiers Checks and Wire Transfers against the OFAC master list(s). All new account applicants are checked against the master list(s) prior to providing services. The entire membership is checked against the OFAC master list(s) periodically, or as frequently as the list(s) are updated.
Recent Developments
Trends & Changes in Bank Secrecy Act and Anti-Money Laundering Regulations, Requirements, and Procedures
BSA formerly lived at 31 CFR 103 As of March 1, 2011 can now be found at 31 CFR Chapter X
No substantive change to the forms or filing procedure. The only update is to code citations in the instructions.
Technical changes were proposed to both forms, with a comment period that ended March 28th. The changes are made to support FinCENs move to all electronic processing.
New guidance allows SAR information sharing with domestic affiliates provided that the affiliate is also subject to SAR filing requirements, is linked to the filing entity by common ownership and is not itself the subject of the SAR.
Former Speaker of the House Tom DeLay convicted on money laundering and conspiracy charges. Sentenced to three years in prison Utah bank official charged with money laundering for accepting payments from online gambling companies to process transactions South Korean police say they've arrested a farmer for allegedly hiding about $10 million in cash in a garlic field. Police say his relatives made the money by running an illegal Internet gambling site. Digital currency, stored value cards, internet gambling, virtual life all possible avenues for money laundering
Summary
BSA Requirements
Board approved policy Annual risk assessment Annual training BSA Officer Annual independent review
Insider abuse any $$ $5,000 when suspect idd $25,000 w/o suspect Computer intrusion Money Laundering, Terrorist Financing, BSA avoidance
The End