BSA/AML Student Exercises Dec. 2022

IV. System of Internal Controls The Bank will maintain an effective BSA, AML and OFAC internal control structure, including suspicious activity monitoring and reporting. Proper Internal controls have been implemented to adhere with all the requirements of the BSA laws, regulations and the Bank Secrecy Act/Anti Money Laundering Examination Manual. www.ffiec.00v/bsa aml infobase/default.htm V. Independent Audits It is the policy of the Bank to conduct an independent annual audit by internal and/or external auditors to ensure complete adherence of the Bank Secrecy Act. Results of this audit will be reported to the Board of Directors Audit/Compliance Committee and the BSA Compliance Officer. Senior Management and the BSA Compliance Officer will take appropriate action to correct any exceptions found as a result of the audit. The Bank's external auditors will conduct an objective independent evaluation of the Bank's written BSA/AML and OFAC Compliance Program, perform testing for specific compliance with the BSA, and evaluate pertinent management information systems (MIS) and the quality of risk management for all banking operations, departments and subsidiaries. The audit shall include all requirements specified by the BSA laws and regulations, as well as the BSA Examination Manual. www.ffiec.gov/bsa aml infobase/default.htm VI. Designation of BSA Officer The Board of Directors is responsible to appoint a BSA Compliance officer on an annual basis, The Board of Directors has designated Kelli Bowen to serve as the BSA Compliance Officer (BSA/AMUOFAC Officer) all decisions made by The Board of Directors must be noted in the board minutes. The Board of Directors has granted the BSA Compliance Officer with the authority, subject to the approval and supervision of the Board of Directors and Senior Management, to develop and administer a program that provides for Bank Secrecy Act compliance and training. This includes assuming full responsibility for all Bank Secrecy Act policy statements and procedures. The BSA Compliance Officer is required to be fully knowledgeable of the BSA and all related regulations, and also understand the Bank's products, services, customers, geographic locations, and the potential money laundering and terrorist financing risks associated with those activities . VII. Training of all Staff Personnel The Bank is required to ensure that all personnel receive training on the directives of the Bank Secrecy Act on a scheduled basis. All employees of the bank will be trained annually. Training will include regulatory requirements and the Bank's internal BSA, AML and OFAC policies, procedures and processes. The Bank's training program will provide training for all personnel whose duties require knowledge of the BSA, and the training is to be tailored to the person's specific responsibilities. Additional trainings may be via email or hard copy of the training materials. In addition, an overview of the BSA, AML and OFAC requirements are to be provided to new staff during the employee orientation process conducted by the Human Resources Department. Documentation of personnel trained, and the dates of training will be maintained by the BSA Department. Considering the frequent changes to the law and the BSA requirements, the BSA Compliance Officer will attend several external training sessions annually. In addition, other designated members of the BSA Department and Bank management will periodically attend educational programs related to the Bank Secrecy Act as well.

For Training Purposes Only

Page 6