BSA-AML Examiner School Case Study eBook

Internal Use Only

TRANSACTIONS OF EXEMPT PERSONS

Yes/No or N/A

Comments and description of mitigating controls

Does the bank have policies, procedures, and processes (internal controls) related to its process for exempting customers from CTR filing? Does the bank have policies and procedures in place to identify Phase I and Phase II exempt persons, which are exempt from the requirement to report currency transactions in accordance with the Money Laundering Suppression Act of 1994? If the bank chooses to use the exemption process, does it designate an exempt person by filing a one-time Designation of Exempt Person (DOEP) report (filed electronically through the BSA E-Filling System)? Yes Does the bank review the eligibility of an exempt person that is a listed public company, a listed public company subsidiary, a non-listed business, or a payroll customer to determine whether such person remains eligible for an exemption at least annually? Yes Does the bank take reasonable and prudent steps to identify an exempt person and document the basis for their conclusions and their compliance with the Transactions of Exempt Persons regulation? Yes Does the bank consider and maintain materials and other supporting information that allow it to substantiate that the decision to exempt the customer from currency transaction reporting was based upon a reasonable determination that the customer derives no more than 50 percent of annual gross revenues from ineligible business activities? Yes Yes Yes

Moderate Satisfactory

Assign Inherent Risk → Assign Controls Rating → Assign Residual Risk → Assign Overall Trend →

3 2 2

Limited

Summary of Risk Ratings:

Stable

No change in risk from previous years.

INFORMATION SHARING

Yes/No or N/A

Comments and description of mitigating controls

Does the bank maintain comprehensive policies, procedures, and processes for responding to section 314(a) requests?

Yes

Upon receipt of information request, does the bank conduct a one-time search of its records to identify accounts or transactions of a named suspect and report any positive matches to FinCEN within 14 days? Yes Does the bank maintain adequate procedures to protect the security and confidentiality of requests from FinCEN, similar to section 501 of the Gramm-Leach-Bliley Act for the protection of its customer's nonpublic personal information? Yes If the bank chooses to participate in voluntary information sharing authorized under section 314(b) of the USA Patriot Act, did it notify FinCEN of its intent to engage in information sharing and that it has established adequate procedures to protect the security and confidentiality of the information? N/A

Moderate Satisfactory

Assign Inherent Risk → Assign Controls Rating → Assign Residual Risk → Assign Overall Trend →

3 2 2

Limited

Summary of Risk Ratings:

Stable

The Bank's CCO has assumed responsibility for reviewing and fulfilling 314A Requests. No change in risk from previous years. PURCHASE AND SALE OF CERTAIN MONETARY INSTRUMENTS RECORDKEEPING Does the bank have policies, procedures and processes in place to maintain records of a bank check or draft, cashier’s check, money order, or traveler’s check for $3,000 or more in currency?

Yes/No or N/A

Comments and description of mitigating controls

Yes Yes

Does the bank retain the records of monetary instrument sales for five years?

Limited

Assign Inherent Risk → Assign Controls Rating → Assign Residual Risk → Assign Overall Trend →

2 2 2

Satisfactory

Limited

Summary of Risk Ratings:

Stable