BSA/AML Student Exercises Dec. 2022

POLICY DESCRIPTION, AUTHORITY AND SCOPE

I. Penalties All employees must be aware of the penalties for money laundering. Substantial civil and criminal penalties are provided in the law for failure on the part of the Bank or any employee to report or supply information, and for filing a false or fraudulent report, or for an employee to knowingly engage in a financial transaction which involves the proceeds of unlawful activities. Individuals, including bank employees, convicted of aiding and assisting in money laundering face up to 20 years in prison for each money laundering transaction. Businesses, including banks and individuals, face fines up to the greater of $500,000 or twice the value of the transaction. Any property involved in the transaction or traceable to the proceeds of the criminal activity, including loan collateral, personal property, under certain conditions, entire bank accounts (even if some of the money in the account is legitimate) may be subject to forfeiture. In addition, to such penalties, regulators have the authority to revoke the charter or terminate the deposit insurance of a bank convicted of money laundering and BSA violations. The BSA/AMUOFAC Compliance Program is designed to avoid such violations and to assure compliance with the Bank's reporting responsibilities. Under no circumstances shall employees discuss these procedures with customers or provide customers with any advice as to the manner in which reporting requirements can be avoided. II. BSA/AML/OFAC COMPLIANCE PROGRAM General goals of the Bank's BSA Program consist of: 1. Developing a BSA/AML/OFAC risk profile of the Bank to design effective risk-based internal controls. 2. A system of internal controls to ensure ongoing compliance based on the BSA Risk Assessment. 3. Independent audits to ensure ongoing compliance conducted by either Bank personnel or a third party entity consultant. 4. Designation of a Bank Secrecy Act Officer responsible for coordinating and monitoring day to day compliance. 5. Training of all Bank personnel on an annual basis. III. BSA Risk Assessment The Bank has developed a risk assessment that identifies the Bank's BSA/AML and OFAC risk profile. Our risk assessment consists of the following: • Assessment of new products, services, assessment of targeted customers, entities and geographic locations. • The risk assessment program is an ongoing process. It is the responsibility of the Board of Directors and Senior Management to ensure the Bank's risk assessment is updated annually to identify changes in the Bank's risk profile (i.e., when new products and services are introduced, existing products and services change, high risk customer's open and close accounts, or the Bank expands through mergers and acquisitions). The BSA/AML Compliance Program was developed based on our risk assessment.

For Training Purposes Only

Page 5