BSA-AML Examiner School eBook

Bank Secrecy Act Assessment

The BSA/AML program and compliance with related laws and regulations is deficient. Apparent violations of five sections of Part 326 and two sections of Part 353 of the FDIC Rules and Regulations, as well as five sections of the Treasury Department's FinCEN 31 CFR Chapter X, are cited. Management and the Board have not implemented appropriate policies and procedures that meet the requirements for compliance with the BSA. Based on the level of deficiencies identified within the program, an apparent violation to Part 326.8(b)(1) of the FDIC Rules and Regulations is cited for failure to implement a BSA program that complies with the recordkeeping and reporting requirements. Refer the Violations of Laws and Regulations pages for further details. The following weaknesses require immediate attention from management and the Board to ensure compliance with the BSA/AML requirements. BSA OVERSIGHT The Board appointed former Head Teller to BSA Officer in May 2015. BSA Officer lacked the prerequisite skill set, did not fulfill the Board's expectations and requirements of the position, and did not properly oversee compliance of the program. Audit Firm identified a number of weaknesses and apparent violations during the December 2015 Independent Review; however, former BSA Officer did not implement corrective action to ensure the program complied with the BSA and related laws and regulations. The Board and senior management should have reviewed the findings of the BSA Independent Review and ensured corrective action was implemented; however, the Board and senior management failed to do so. Furthermore, former BSA Officer did not ensure that employees received the necessary training on internal BSA policies and procedures, as evidenced by the number of exceptions identified at this examination. New customer account CIP forms were not thoroughly completed by employees and necessary information was not obtained. The BSA Officer failed to implement an effective CDD Program and suspicious activity monitoring program as recommended at the May 2014 FDIC examination and as required by the December 2014 Consent Order. An apparent violation of Part 326.8(c)(3) of the FDIC Rules and Regulations is cited for failure to designate an individual to adequately and effectively oversee the BSA compliance program. See the Violations of Laws and Regulations pages for further details. BSA Officer was terminated in June 2016. CEO stated that Interim BSA Officer will be the designated BSA Officer and will receive additional training to ensure her success in the role. He stated that this will be presented for Board approval at the August 19, 2016 meeting. He further commented that Operations Officer will be the designated back-up BSA Officer until staffing levels are at an acceptable level. BSA TRAINING PROGRAM The BSA training program is inadequate and ineffective as outlined on the Examination Conclusions and Comments pages as well as the Violations of Laws and Regulations pages. The Board and management must ensure that appropriate personnel are trained in all applicable aspects of the BSA. Training should include regulatory requirements and the bank's internal BSA/AML policies, procedures, and processes. At a minimum, the bank's training program must provide annual training for all personnel whose duties require knowledge of the BSA. The training should be tailored to the person's specific responsibilities. In addition, an overview of the BSA/AML requirements should be given to new staff during employee orientation. Training should encompass information related to applicable business lines. The BSA officer should receive periodic training that is relevant and appropriate given changes to regulatory requirements as well as the activities and overall BSA/AML risk profile of the bank.

47