Compliance Blog

Do you remember those books that allowed you to "choose your own adventure?"  You'd read a scenario, and then you'd have to make a decision.  Decision A might have you turn to page 45, while decision B might lead you to page 36.  Well, here's a new BSA version for your enjoyment.

Credit Union X has a member who works at a law firm with a bi-weekly paycheck of $750. Member regularly goes to Las Vegas (at least one time each month) and withdraws between $2,000 and $4,000 from the point-of-sale machines. Member then comes back to to Credit Union X and deposits cash into Member's account.  The amount of this deposit is $200 to $1000 more than the amount Member withdrew in Vegas.

Choose your own adventure.  What would you do in response to this scenario?  I look forward to your comments. 

(If you received this as an email, you'll have to click on the title above to make a comment.  Simply click the title, and then scroll down through the blog entry to the comment section.)

***

The FDIC Office of Inspector General has released Report AUD-08-003, which is titled "FDIC's Implementation of the USA Patriot Act."  You may access it here.  It is a good read for BSA officers.  Here are two areas I would like to highlight.

1. The FDIC looked at CIP programs.  Page 11 of this report shows violations following an audit of 24 FDIC-regulated entities.   The most common violation? Failure of non-documentary procedures to address certain situations, such as where an individual is unable to present an unexpired government-issued identification document or where the customer opens an account without appearing in person.
2. The FDIC also looked at risk assessments.  They were a bit unnerved after finding that 8 of the 24 institutions closely based their risk assessment on Appendix J (Risk Matrix) of the FFIEC BSA AML Examination Manual.  In their words: We determined that 8 of the 24 financial institutions had used Appendix J, or a modified version of Appendix J, for their risk assessments. Although the manual recognizes that there are many formats that banks may use to effectively document a risk assessment, Appendix J, which is provided for examiner use—not institution use—did not provide for a detailed assessment of the risk factors listed above. The inclusion of Appendix J in the manual may give the impression to financial institutions that this format is acceptable and covers all risk categories and factors that should be assessed by institutions. Therefore, DSC should propose changes to Appendix J to clarify that it is not intended to be used by financial institutions in lieu of performing a comprehensive BSA/AML risk assessment.

For credit unions that want to audit their own CIP program or risk assessments, this FDIC document is good stuff.