Bank Secrecy Act (BSA) and Anti-Money Laundering (AML ...€¦ · Policy and Program for BancStar,...
Transcript of Bank Secrecy Act (BSA) and Anti-Money Laundering (AML ...€¦ · Policy and Program for BancStar,...
1
Bank Secrecy Act (BSA) and Anti-Money Laundering (AML)
Policy and Program for BancStar, Inc. Affiliated Banks Reviewed and Approved by Board of Directors on:
Bank Star One 09/18/14
Bank Star 09/26/14
Bank Star of the BootHeel 09/29/14
2
Table of Contents
PURPOSE AND POLICY STATEMENT .................................................................................................................... 3
BOARD OF DIRECTOR RESPONSIBILITY ............................................................................................................. 3
DESGINATION OF BANK SECRECY ACT OFFICER ............................................................................................. 4
INDEPENDENT TESTING OF BSA/AML PROGRAM............................................................................................. 5
TRAINING FOR PERSONNEL ................................................................................................................................... 5
NOTICE TO EMPLOYEES .......................................................................................................................................... 5
RISK ASSESSMENT .................................................................................................................................................... 6
CURRENCY REPORTING REQUIREMENTS (CTRs).............................................................................................. 6
EXEMPT TRANSACTIONS FROM CTR REQUIREMENTS ................................................................................... 7
MONETARY INSTRUMENT RECORDKEEPING .................................................................................................... 9
WIRE TRANSFER RECORDKEEPING REQUIREMENTS .................................................................................... 10
CUSTOMER IDENTIFICATION PROGRAM (CIP) ................................................................................................ 12
MONEY LAUNDERING ......................................................................................................................................... 128
CUSTOMER DUE DILIGENCE (CDD)/ENHANCDED DUE DILIGENCE (EDD)- .............................................. 19
POTENTIAL HIGH RISK ENTITIES ........................................................................................................................ 20
BENEFICIAL OWNERSHIP (COLLECTED ON ALL APPLICABLE ACCOUNTS) ............................................ 21
OFFICE OF FOREIGN ASSETS CONTROL (OFAC) POLICY .............................................................................. 21
AUTOMATED CLEARING HOUSE (ACH/IATs) - THIRD PARTY PROCESSORS ............................................ 23
SUSPICIOUS ACTIVITY REPORTS (SAR) ............................................................................................................. 24
SAR FILING ON CONTINUING ACTIVITY ........................................................................................................... 26
DECISIONS NOT TO FILE SARs ............................................................................................................................. 26
LAW ENFORCEMENT REQUESTS......................................................................................................................... 26
INFORMATION SHARING- 314(a) .......................................................................................................................... 27
INFORMATION SHARING- 314(b) .......................................................................................................................... 28
MONEY SERVICES BUSINESSES (MSBs) ............................................................................................................. 29
3
PURPOSE AND POLICY STATEMENT
It is the purpose of this policy to serve as a guide to each of BancStar, Inc. Affiliated Banks:
Bank Star, Bank Star One and Bank Star of the BootHeel (the Bank) personnel in developing an
understanding of and an approach to compliance with the Bank Secrecy Act (BSA) regulation
and Anti-Money Laundering (AML) related laws and requirements.
The BSA mandates financial institutions to maintain reports and information as follows:
Currency Transaction Reports (CTRs)
Suspicious Activity Reports (SARs)
Customer identification information (CIP)
Cash purchases of monetary instruments of between $3,000.00 to $10,000.00 (Monetary
Instrument Log)
Funds transfer recordkeeping (Wire Transfers) in amounts above $3,000.00
Information sharing requests pursuant to 314(a) and 314(b)
It is the policy of this Bank to comply with the BSA and related laws and regulations as
applicable. The BSA requires financial institutions to obtain information, maintain records, and
file specific reports for various types of financial transactions. These reports are filed in
accordance with applicable law and are used by the federal government and other law
enforcement agencies in the prevention of criminal, tax, and regulatory evasion and
investigations or legal proceedings in the prosecution process. Additionally, the requirements of
the BSA are ultimately intended to detect, report, and prevent money laundering activities at, to,
or through a financial or other institution. This Bank will not knowingly be used for money
laundering activities; will require proper identification of all persons conducting business with
the institution; will conduct the Bank’s business in conformity with high ethical standards to
ensure risks are mitigated; will not provide banking services to any non‐U.S. bank that does not
have a physical presence in any country and that is not a regulated affiliate; and will co‐operate
with law enforcement authorities within the confines of applicable law. Personnel under the
Bank’s employ are to report any known or suspected violations to the Bank Secrecy Act Officer
so appropriate action can be taken. The Bank has a written compliance program to monitor
compliance with the record keeping and reporting requirements of said act and regulations which
program may be amended by the Compliance Officer from time to time upon the advice and
consent of the Board of Directors.
BOARD OF DIRECTOR RESPONSIBILITY
The Bank’s BSA program, including any policy or procedure, will be reviewed and approved at
least annually by the Board of Directors (“the Board” or “Board”). The Board is ultimately
responsible for the BSA policy and procedure oversight, implementation, and execution.
4
DESGINATION OF BANK SECRECY ACT OFFICER
The Bank has designated the following employees as the Bank Secrecy Act Officers:
Bank Star – Tammy LaCrone
Bank Star One – Meagan Kick
Bank Star of the BootHeel – Tracie Wagner
Each BSA Officer will have reporting responsibility directly to the Bank’s President or
Cashier. This designated Officer, or any successor who may be appointed by the President is
responsible for all matters pertaining to the requirements and regulations of the BSA and has the
authority to conduct internal audits to insure compliance with the Act. These audit procedures
are in addition to the Bank’s normal BSA audit, which is generally performed by an outside
consultant or firm, and for which the BSA Officer is responsible for overseeing. Duties include,
but are not limited to:
Review of all exemptions granted by the bank for the filing of Currency Transaction Reports
(CTRs)
Oversight of the BSA compliance program, including policies and procedures, in order to
recommend any necessary changes in the Bank’s compliance program and report such
deficiencies to the Bank’s Board of Directors
Review CTRs either before or shortly after they are submitted to the IRS to ensure accuracy
Implement changes in the written compliance program, when necessary, to maintain
compliance with the Act (subject to Board review and approval)
Assist in developing an employee training program and monitoring to ensure appropriate
personnel are trained through materials adequate to carry their responsibilities under the Act
Monitoring various reports and activities conducted at, to, or through the Bank to ensure
actual or possible violations are identified for reporting purposes
Assist any and all Bank personnel to ensure adherence to the policies and procedures herein
Periodically verify daily teller transaction reports are reviewed by appropriate supervisor for
detection of reportable transaction or possible suspicious activity
Periodically review transactions conducted at, to, or through the Bank regarding exempt
customers allowed under the provisions of the Act to ensure suspicious activity is monitored
appropriately and all activity is reported as necessary
Periodically review and analyze the totals of cash shipments to and from the Federal Reserve
Bank or correspondent banks. The analysis should disclose unusual currency flows which
should be further investigated, for example, a significant increase in the use of large bills
over the past twelve months
Periodically review the monetary instrument log to insure that required entries have been
recorded
Ensure all reports filed and maintained by the Bank are restricted to appropriate personnel
responsible to the requirements of the BSA
5
INDEPENDENT TESTING OF BSA/AML PROGRAM
Independent testing of the BSA program will be conducted at least annually by an independent
party. This party could be an internal employee of the Bank or Holding Company as long as that
individual remains independent of the BSA program.
TRAINING FOR PERSONNEL
As required, all Bank personnel and the Bank’s Board will receive on-going training pursuant to
their responsibilities regarding the Bank Secrecy Act and other applicable laws implementing the
BSA. This training will be provided to ensure personnel has an adequate understanding of their
responsibilities under the BSA and, as a general matter, will be required at least annually. New
employees should receive BSA training, sufficient for their job duties, within a reasonable time
of their hire date. Documentation of these meetings will be maintained by the Bank Secrecy Act
Officer or designee. The training will also convey this Bank’s policies and procedures pertaining
to its and its employees responsibilities under the BSA. Practical exercises on situations the
employees may face will be a part of the training. Employees will be given information on the
characteristics of money laundering schemes and the importance of the currency transaction
reporting requirements. Employees will be trained to handle not only routine situations but also
problem cases. Personnel will also be informed of the severe penalties for violations of the BSA
and their individual liability under those provisions.
NOTICE TO EMPLOYEES
Penalties for money laundering and terrorist financing can be severe. A person convicted of
money laundering can face up to 20 years in prison and a fine of up to $500,000.00. Any
property involved in a transaction or traceable to the proceeds of the criminal activity, including
property such as loan collateral, personal property, and, under certain conditions, entire bank
accounts (even if some of the money in the account is legitimate), may be subject to forfeiture.
Pursuant to various statutes, banks and individuals may incur criminal and civil liability for
violating anti-money laundering and terrorist financing laws. For instance, pursuant to 18 USC
1956 and 1957, the U.S. Department of Justice may bring criminal actions for money laundering
that may include criminal fines, imprisonment, and forfeiture actions. In addition, the Bank may
be at risk for losing its charter and Bank employees risk being removed and barred from banking.
Moreover, there are criminal penalties for willful violations of the BSA and its implementing
regulations under 31 USC 5322 and for structuring transactions to evade BSA reporting
requirements under 31 USC 5324(d). For example, a person, including a Bank employee,
willfully violating the BSA or its implementing regulations is subject to a criminal fine of up to
$250,000 or five years in prison, or both. A person who commits such a violation while
violating another U.S. law, or engaging in a pattern of criminal activity, is subject to a fine of up
to $500,000.00 or 10 years in prison, or both. If the Bank violates certain BSA provisions,
including sections 31 USC 5318(i) or (j), or special measures imposed under section 31 USC
5318A, it could face criminal money penalties up to the greater of $1 million or twice the value
of the transaction.
6
The penalties for violations are enumerated by the Internal Revenue Service (a department of the
Treasury Department) at the following website address:
http://www.irs.gov/irm/part4/irm_04-026-007.html#d0e77
RISK ASSESSMENT
The Bank has adopted an AML Risk Assessment and OFAC Risk Assessment that are consistent
with the FFIEC BSA/AML Examination Manual and consider the Bank’s products, services,
customer base and geographic locations. These risk assessments shall be maintained by the BSA
Officer.
The risk assessment is an on-going process and will be updated and adjusted when new account
types/products are introduced, existing products change, new geographic locations are served
either through expansion or through mergers/acquisitions, and, absent such changes, at least
every 12 – 18 months.
CURRENCY REPORTING REQUIREMENTS (CTRs)
The Bank must file a Currency Transaction Report (CTR) for each transaction in currency
(deposit, withdrawal, exchange, or other payment or transfer) of more than $10,000.00 by,
through, or to the Bank. Certain types of currency transactions need not be reported, such as
those involving “exempt persons,” a group which can include retail or commercial customers
meeting specific criteria for exemption. Multiple currency transactions totaling more than
$10,000.00 during any one business day are treated as a single transaction if the Bank has
knowledge that they are by or on behalf of the same person. Transactions throughout the Bank
should be aggregated when determining multiple transactions. Types of currency transactions
subject to reporting requirements individually or by aggregation include, but are not limited to,
denomination exchanges, individual retirement accounts (IRA), loan payments, automated teller
machine (ATM) transactions, purchases of certificates of deposit, deposits and withdrawals,
funds transfers paid for in currency, and monetary instrument purchases.
A FinCEN CTR must be filed by the 15th calendar day after the day of the transaction and in
accordance with FinCEN Currency Transaction Report (FinCEN CTR) Electronic Filing
Requirements.
More Specific Procedures for Personnel Preparing the Filing of CTRs
1. Transactions which involve more than $10,000.00 in currency must be reported using the
Currency Transaction Report (CTR) through the e-filing system
2. A currency transaction is defined as a transaction involving the physical transfer of
currency from one person to another. A transaction in currency does not include a
transfer of funds by means of bank draft, wire transfer, or other written order that does
not include the physical transfer of currency.
7
3. Currency includes the coin and currency of the United States or of any other country,
which circulates in, and is customarily used and accepted as money in the country in
which it is issued.
4. Currency transactions over $10,000.00 with foreign financial agencies such as banks,
currency exchange dealers, and securities dealers must also be reported.
5. Multiple transactions by or for any person which in any one day total more than
$10,000.00 should be treated as a single transaction if the bank is aware of them and
therefore must be reported. The Bank must make a reasonable effort to obtain the
information required to complete the CTR. FinCEN released the FinCEN Currency
Transaction Report Electronic Filing Requirements which provides detailed instruction
for completing the fields on the CTR.
6. Banks must also report shipments outside or into the United States of more than
$10,000.00 in currency or other monetary instruments; and any interest in financial
accounts in a foreign country. For these rare instances, contact the BSA Officer for
guidance
Recordkeeping: copies of CTRs shall be maintained for a period of 5 years from the date of
the report.
EXEMPT TRANSACTIONS FROM CTR REQUIREMENTS
Exempt Transactions: U.S. Treasury regulations have historically recognized that the
routine reporting of some types of large currency transactions does not necessarily aid law
enforcement authorities and may place unreasonable burdens on banks. Consequently, a
bank may exempt certain types of customers from currency transaction reporting. There are
two types of exemptions allowed under the BSA. They are commonly referred to as “Phase
I” and “Phase II” exemptions. When certain conditions and criteria are met, the Bank is not
required to file CTRs on those customers meeting the criteria.
The Bank will keep a record of each exemption granted and the reason for each exemption
in a centralized list. The "exemption list" must include the name, complete street address,
type of business, taxpayer identification number, and account number of each customer
(whether a business entity or a government agency) whose transactions have been
exempted.
Phase I
FinCEN’s rule identifies 5 categories of Phase I exempt persons:
1. A bank, to the extent of its domestic operations
2. A federal, state, or local government agency or department
3. Any entity exercising governmental authority within the United States
4. Any entity (other than a bank) whose common stock or analogous equity interests are
listed on the New York Stock Exchange or the American Stock Exchange or have been
designated as a NASDAQ National Market Security listed on the NASDAQ Stock
8
Market (with some exceptions)
5. Any subsidiary (other than a bank) of any “listed entity” that is organized under U.S. law
and at least 51% of whose common stock or analogous equity interest is owned by the
listed entity
Filing an Exemption: Banks must file a one-time Designation of Exempt Person form
(FinCEN Form 110) to exempt each eligible listed public company or eligible subsidiary
from currency transaction reporting. The form must be filed with the IRS within 30 days
after the first transaction in currency that the bank wishes to exempt.
Banks do not need to file a Designation of Exempt Person form for Phase I-eligible
customers that are banks, federal, state, or local governments, or entities exercising
governmental authority. Nevertheless, a bank should take the same steps to assure itself
of a customer’s initial eligibility for exemption, and document the basis for the conclusion,
that a reasonable and prudent bank would take to protect itself from loan or other fraud or
loss based on misidentification of a person’s status. Exemption of a Phase I entity covers all
transactions in currency with the exempted entity, not only transactions in currency
conducted through an account.
Annual Review: The information supporting each designation of a Phase I-exempt listed
public company or subsidiary must be reviewed and verified by the Bank at least once per
year. Annual reports, stock quotes from newspapers, or other information, such as
electronic media will be used to document the review. Banks does not need to confirm the
continued exemption eligibility of Phase I customers that are banks, government agencies,
or entities exercising governmental authority.
Phase II
A business that does not fall into any of the Phase I categories may still be exempted under the
Phase II exemptions if it qualifies as either a “non-listed business” or as a “payroll customer.”
A “non-listed business” is defined as a commercial enterprise to the extent of its domestic
operations and only with respect to transactions conducted through its exemptible accounts and
that: (i) has maintained a transaction account at the exempting bank for at least two months or
prior to the passing of two months’ time if the bank undertakes a risk-based analysis of that
customer that allows it to form and document a reasonable belief that the customer has a
legitimate business purpose for conducting frequent large currency transactions; (ii) frequently
engages in transactions in currency with the bank in excess of $10,000.00; and (iii) is
incorporated or organized under the laws of the United States or a state, or is registered as and
eligible to do business within the United States or a state.
FinCEN has identified the following businesses or types of businesses that cannot qualify for an
exemption under the BSA (commonly referred to as “Ineligible Businesses”) if 51% or more of
the business’s revenue is derived from the following activities:
Serving as a financial institution or as agents for a financial institution of any type
9
Purchasing or selling motor vehicles of any kind, vessels, aircraft, farm equipment, or
mobile homes
Practicing law, accounting, or medicine
Auctioning of goods
Chartering or operation of ships, buses, or aircraft
Operating a pawn brokerage
Engaging in gaming of any kind (other than licensed pari-mutuel betting at race tracks)
Engaging in investment advisory services or investment banking services
Operating a real estate brokerage
Operating in title insurance activities and real estate closings
Engaging in trade union activities
Engaging in any other activity that may, from time to time, be specified by FinCEN
Payroll Customers
A “payroll customer” is defined solely with respect to withdrawals for payroll purposes
(meaning deposit activity is not exempt) from existing exemptible accounts and as a person who:
(i) has maintained a transaction account at the bank for at least two months or prior to the passing
of two months’ time if the bank undertakes a risk-based analysis of that customer that allows it to
form and document a reasonable belief that the customer has a legitimate business purpose for
conducting frequent large currency transactions; (ii) operates a firm that regularly withdraws
more than $10,000.00 in order to pay its U.S. employees in currency; and (iii) is incorporated or
organized under the laws of the United States or a state, or is registered as and is eligible to do
business within the United States or a state.
Filing Time Frames: After the Bank has decided to exempt a Phase II customer, the Bank must
file a Designation of Exempt Person form with the IRS within 30 days after the first transaction
in currency that the Bank plans to exempt.
Annual Review: The information supporting each designation of a Phase II exempt person must
be reviewed and verified by the Bank at least once per year. The Bank will document the annual
review. Moreover, consistent with this annual review, the Bank will review and verify at least
once each year that management continually monitors these Phase II accounts for suspicious
transactions.
Revoking Exempt Status: In the event a designated Phase I or Phase II customer loses their
exempt status, the Bank will begin filing CTRs for applicable transactions beginning on the date
the Bank became aware of or had knowledge to the customer’s loss of status. A form revoking
such status is no longer required by FinCEN and filing CTRs on previously exempted customers
is indication of the loss of the status.
MONETARY INSTRUMENT RECORDKEEPING
The Bank is required to verify the identity of persons purchasing monetary instruments using
currency (cash) in amounts between $3,000.00 and $10,000.00, inclusive, and to maintain
records of all such sales. The Bank will either verify that the purchaser is a customer with a CIP
profile including identifying information on record or verify the identity of the purchaser by
10
viewing a form of identification that contains the customer’s name and address and that the Bank
accepts as a means of identification when opening an account for a new customer. Additionally,
the Bank must obtain additional information for purchasers who do not have a CIP profile
including identifying information on record.
When the purchaser is a customer with a CIP profile including identifying information the
following will be recorded:
1. Name of the purchaser
2. Date of purchase
3. Types of instruments purchased
4. Serial numbers of each of the instruments purchased
5. Dollar amounts of each of the instruments purchased in currency
6. Specific identifying information, if applicable (i.e. “current customer” or “CIP on file”)
When the purchaser is not a customer with a CIP profile including identifying information
the following will be obtained recorded:
1. Name of the purchaser
2. Address of the purchaser
3. Social Security or alien identification number of the purchaser
4. Date of birth of the purchaser
5. Date of the purchase
6. Types of instruments purchased
7. Serial numbers of each of the instruments purchased
8. Dollar amounts of each of the instruments purchased
9. Specific identifying information for verifying the purchaser’s identity (e.g., state of
issuance and number on driver’s license)
If the purchaser cannot provide the required information at the time of the transaction or through
the Bank’s own previously verified records, the transaction should be refused.
Recordkeeping: The records of monetary instrument sales must be retained for 5 years and be
available to the appropriate agencies upon request.
WIRE TRANSFER RECORDKEEPING REQUIREMENTS
For each payment order in the amount of $3,000.00 or more that the Bank accepts as the
originating party, the Bank must obtain and retain the following records:
Name and address of the originator
Amount of the payment order
Date of the payment order
Any payment instructions
Identity of the beneficiary’s institution
As many of the following items as are received with the payment order:
1. Name and address of the beneficiary
11
2. Account number of the beneficiary
3. Any other specific identifier of the beneficiary
If the originator is not an established customer of the Bank, the Bank must collect and retain the
additional information depending on if the payment order was submitted in person or not.
Wire Payment Orders For Non-Established Customer (Not Made In Person)
If a payment order is not made in person, the Bank must obtain and retain the following records:
Name and address of the person placing the payment order
The person’s TIN (e.g., SSN or EIN) or, if none, the alien identification number or
passport number and country of issuance, or a notation in the record of the lack thereof,
and a copy or record of the method of payment (e.g., check or credit card transaction) for
the funds transfer. If the Bank has knowledge that the person placing the payment order
is not the originator, the Bank must obtain and record the originator’s TIN (e.g., SSN or
EIN) or, if none, the alien identification number or passport number and country of
issuance, or a notation of the lack thereof
Wire Payment Orders For Non-Established Customer (Made In Person)
If the payment order is made in person, the Bank must verify the identity of the person placing
the payment order before it accepts the order. If it accepts the payment order, the Bank must
obtain and retain the following records:
Name and address of the person placing the order
Type of identification reviewed
Number of the identification document (e.g., driver’s license)
The person’s taxpayer identification number (TIN) (e.g., Social Security number (SSN)
or employer identification number (EIN)) or, if none, the alien identification number or
passport number and country of issuance, or a notation in the record of the lack thereof.
If the Bank has knowledge that the person placing the payment order is not the originator,
the Bank must obtain and record the originator’s TIN (e.g., SSN or EIN) or, if none, the
alien identification number or passport number and country of issuance, or a notation of
the lack thereof
Generally, it is the policy of this Bank NOT to place or accept wire transfers for non-customers.
The above referenced guidelines are applicable in the rare event that a wire transfer is conducted
for a non-customer.
12
Travel Rule Requirements For Wire Transfers Of $3,000.00 Or More
For funds transmittals of $3,000.00 or more, the Bank must include the following
information in the transmittal order at the time that a transmittal order is sent to a receiving
financial institution:
Name of the transmittor, and, if the payment is ordered from an account, the account
number of the transmittor
Address of the transmittor
Amount of the transmittal order
Date of the transmittal order
Identity of the recipient’s financial institution
Either the name and address or the numerical identifier of the transmittor’s financial
institution
As many of the following items as are received with the transmittal order:
1. Name and address of the recipient
2. Account number of the recipient
3. Any other specific identifier of the recipient
Retrievability of Wire Transfers: Information retained must be retrievable by reference to the
name of the originator. When the originator is an established customer of the Bank and has an
account used for funds transfers, information retained must also be retrievable by account
number (31 CFR 103.33(e)(4)).
Recordkeeping: Records will be maintained for 5 years from date of transmittal.
See “Wire Transfer Procedures” for additional information.
CUSTOMER IDENTIFICATION PROGRAM (CIP)
The Customer Identification Program of this Bank has been adopted and implemented as
required by Section 326 of the USA PATRIOT Act of 2001. The BSA officer will be
responsible for the ongoing oversight of the Customer Identification Program.
Bank Star has established and implemented the following procedures:
A. Identity Verification Procedures
This Bank has reviewed and considered the types of accounts available, methods available for
opening accounts and the types of identification available and has established the following risk-
based procedures in an effort to form a reasonable belief that the Bank knows the true identity of
each customer.
13
For purposes of this policy, a “customer” is defined as a person (whether an individual or entity)
that opens a new account and an individual who opens a new account for (a) a person who lacks
legal capacity, such as a minor; or (b) an entity that is not a legal person, such as a civic club.
Each named person on a joint account is considered a customer under this policy. However, a
customer does not include the following types of persons:
a person that has an existing account with this Bank provided that the Bank has a
reasonable belief that it knows the true identity of the person
a financial institution regulated by a federal functional regulator or a bank regulated by a
state bank regulator
a department or agency of the United States, of any State, or of any political subdivision
of any State
any entity established under the laws of the United States, of any State, or of any political
subdivision of any State, or under an interstate compact between two or more States, that
exercises governmental authority on behalf of the United States or any such State or
political subdivision
any entity whose common stock or analogous equity interests are listed on the New York
Stock Exchange or the American Stock Exchange or whose common stock or analogous
equity interests have been designated as a Nasdaq National Market Security listed on the
Nasdaq Stock Market (except stock or interests listed under the separate “Nasdaq Small-
Cap Issues” heading).
Signatories on non-individual accounts, unless the non-individual customer cannot be
verified in accordance with the procedures described below.
An “account”, for purposes of this policy, is defined as a formal banking relationship established
to provide or engage in services, dealings, or other financial transactions including a deposit
account, a transaction account, a credit account, or other extension of credit. An account also
includes a relationship established to provide a safety deposit box or other safekeeping services,
or cash management, custodian and trust services. Accounts acquired through merger,
acquisition or purchase, will generally not be covered under this policy unless circumstances
dictate that additional due diligence is warranted.
Identifying Information Required to be Obtained
Prior to opening a new account, this Bank will obtain and record the following identifying
information from each customer:
For individuals* - For CIP purposes, the Bank will obtain the customer’s:
Name
Date of birth
Residential street address. The Bank may also rely on an Army Post Office or Fleet Post
Office box number.
Identification number. For U.S. citizens, the identification number must consist of their
taxpayer identification number. For non-U.S. citizens, the identification number may be
14
one or more of the following: a taxpayer identification number; passport number and
country of issuance; alien identification card number; or number and country of issuance
of any other government-issued document evidencing nationality or residence and
bearing a photograph or similar safeguard
For persons other than individuals, such as corporations, partnerships and trusts* - For CIP
purposes, the Bank will obtain the customer’s:
Name
Address of principal place of business, local office or other physical location
Taxpayer identification number. If the Bank opens an account for a foreign business or
enterprise that does not have a identification number, the Bank must request alternative
government-issued documentation certifying the existence of the business or enterprise.
NOTE: Additional information may be obtained by the Bank on CIP and/or account opening
forms that are used for numerous reasons, but should not be considered information obtained
under this portion of the policy.
Under certain circumstances, this Bank may allow customers that have applied for, but have not
received, a taxpayer identification number to open accounts. In doing so, the Bank requires that
a copy of the taxpayer identification number application be obtained from the customer before
the account is opened. In addition, the customer must provide the Bank with their taxpayer
identification number within 45 days or the account will be closed.
Document Verification of Customer Information for Individuals and DBAs
Accounts requiring the collection of information under this policy will generally be opened at a
facility of the Bank. Prior to opening an account for a customer that is an individual, each
individual owner of the account must provide an unexpired primary identification document. If
an unexpired primary identification document cannot be provided, the account will typically not
be opened. However, for elderly (an individual aged 62 or older) or handicapped individuals, or
members of other groups that would not normally possess traditional identification documents,
the Bank may allow an account to be opened upon presentation of two secondary identification
documents.
Primary Identification Documents for Individuals1
State-issued driver’s license or photo
identification card
Valid United States Passport
Active Duty, Retiree or Reservist Military
Identification Card
Immigration and Naturalization Services
documents
Microfilmed copy or image portfolio of a
driver’s or identification card. (Must be
certified by the issuing agency with an embossed seal of
the issuing agency.)
1 All documents must be valid and unexpired
15
Secondary Identification Documents for Individuals1
Certificate of birth. (Must be original or
certified copy, have a seal and be issued by an
authorized government agency.)
Court order. (Must contain full name, date of
birth and court seal. Examples include adoption or
name change documents.)
Social security card Medical records from doctor/hospital
Marriage certificate/license Employer photo identification card
Student identification card Pilots License
Health insurance card Military discharge/separation card
Utility bill showing current residence Medicare card
Credit card 1
All documents must be valid and unexpired
Document Verification of Customer Information for Non-Individuals
Accounts of non-individuals requiring the collection of information under this policy will
generally be opened at a facility of the Bank. Prior to opening an account for a customer that is
not an individual, the Bank must obtain at least one of the following documents showing the
legal existence of the entity:
Identification Documents for Non-individuals
Type of Entity
Documentation Required
Corporations (for profit and not-for-profit) Certified Articles of Incorporation
Verification of Good Standing (e.g. S.O.S.
Website)
Fictitious Name Registration (if applicable)
Partnerships 1 Partnership Agreement
Fictitious Name Registration (if applicable)
Trusts Trust Agreement
Limited Liability Company
Estates
Certified Articles of Organization
Verification of Good Standing (e.g. S.O.S
Website)
Fictitious Name Registration (if applicable)
Estate Agreement
1 For informal partnerships, where two or more individuals are opening an account for business purposes without a
formal partnership agreement, all partners must be identified in accordance the procedures established for
individuals.
16
Additional Verification and Non-Documentary Procedures (if necessary)
If a customer or individual opening an account for a non-individual customer that is present at
the Bank cannot provide the aforementioned identification, or if other documents are presented
with which the Bank is not familiar, the account will generally not be opened at that time.
However, in certain situations, and with the approval of an officer of the Bank, the account may
be opened provided additional non-documentary procedures are followed. The additional non-
documentary procedures include obtaining a written explanation signed by the customer
describing why the required documentation cannot be provided. The written explanation must
also be approved and signed by an officer of the Bank. The customer must also provide written
consent allowing the Bank to obtain a credit report. Information presented on the credit report
will then be used to confirm the identifying information provided by the customer. The customer
will also be asked to confirm other information provided on the credit report including, for
example, previous address and credit accounts maintained. If the Bank can conclude that it
knows the true identity of the customer, the account may then be opened without restriction.
For individual customers, if one or more, but not all, of the customers that will be named on the
account are present at the Bank, the account will generally not be opened at that time. However,
if approved by an officer of the Bank, the account may be opened provided the customers present
can provide the required identification. Any customer that will be named on the account that is
not present at the Bank must either visit the Bank with the required identification, or fax a
notarized copy of their driver’s license to the Bank within 60 days. If this time frame is not met
the individual must be removed from the account or the account must be closed.
For non-individual customers, if additional circumstances increase the risk that the Bank may not
know the true identity of the customer, the account will generally not be opened. However, the
Bank may open the account if identifying information is obtained from each individual signatory
and their identity is verified under the procedures for individuals.
If the Bank is otherwise presented with circumstances that increase the risk that the bank will be
unable to verify the true identity of a customer through documents, the account will be referred
to the BSA officer for further review. The BSA officer must make a determination as to whether
the Bank knows the true identity of each customer. If this conclusion cannot be reached, the
account will not be opened at that time. The BSA officer may use any additional non-
documentary identification methods that will assist in this determination. These additional non-
documentary methods may include, but are not limited to the following:
verifying the information provided by the customer with information obtained from a
consumer reporting agency
contacting the customer
checking references with other financial institutions
any other methods deemed appropriate in consideration of the circumstances
presented
17
Information Required to be Documented
In addition to obtaining and reviewing the required information, the Bank shall also record a
description of any document and/or other method that was relied on in verifying the identity of
the customer. The description should include the following information:
the type or types of documents used
the place of issuance
the identification number of each document
the date of issuance (if any)
the expiration date (if any)
a description of any non-documentary methods used and their resolution.
Lack of Verification
If this Bank is unable to form a reasonable belief that it knows the true identity of a customer,
and non-documentary verification attempts have failed to provide the necessary confirmation, the
Bank will not open the account. If an account has already been opened and the Bank
subsequently determines that it may not know the true identity of its customer then the account
must be closed. For credit accounts where funds have already been disbursed, repayment of the
outstanding balance will be accelerated as allowed by the terms of the promissory note. If a
Bank employee encounters suspicious activity during or subsequent to the account opening
process, the details of the transaction will be reported to the BSA officer. The BSA officer will
then determine whether the situation merits the filing of a suspicious activity report (SAR).
Employees will be trained to refer all of these situations to the BSA officer in a timely manner.
Situations which should be referred to the BSA officer for the potential filing of a SAR include,
but are not limited to the following:
False or suspicious information provided by the customer
Customers that are reluctant to provide information requested for proper identification
Initial deposits that are clearly inconsistent with the customer’s occupation or business
activity
B. Recordkeeping
All identifying information provided by the customer when opening an account will be
maintained by the Bank for at least five years after the date the account is closed. In addition,
the following information will be retained for no less than 5 years after the record was made.
a description of the documents (as previously addressed) used to verify the identity of
each customer
a description of the methods and results of any non-documentary or additional
verification procedures used
a description of the resolution of any substantive discrepancy discovered when verifying
the identifying information obtained
18
C. Comparison With Government Lists
In addition to requesting and obtaining identifying information, this Bank will determine whether
each customer appears on any list of known or suspected terrorists or terrorist organizations
issued by any Federal government agency and designated as such by Treasury. If a customer
does appear on any of the aforementioned government agency a list, this Bank will follow all
Federal directives issued in connection with such lists.
D. Customer Notice
The Bank will satisfy the customer notice requirement by providing a disclosure to each new
customer prior to the time the account is opened. This notice will be similar to the following:
IMPORTANT INFORMATION ABOUT PROCEDURES FOR OPENING A
NEW ACCOUNT
To help the government fight the funding of terrorism and money laundering activities, Federal
law requires all financial institutions to obtain, verify, and record information that identifies each
person who opens an account.
What This Means For You
When you open an account we will ask for your name, address, date of birth, and other
information that will allow us to identify you. We may also ask to see your driver’s license or
other identifying documents.
MONEY LAUNDERING
As part of the Bank’s overall compliance with the BSA and suspicious activity reporting, it is the
Bank’s policy to identify and report to appropriate agencies any suspected money laundering
conducted through the Bank. Money laundering is the process to disguise the source or
ownership of illegally gained funds to make them appear legitimate or hiding lawfully acquired
money to avoid taxation. Money laundering goes hand-in-hand with criminal activity and
typically involves the following three basic steps:
Placement – Physically placing bulk cash into the banking system or legitimate commerce.
Layering – Separating the source of cash from its criminal origins by passing it through
several financial transactions.
Integration – Which is aggregating the funds or cash with legitimately obtained funds and
providing a legitimate explanation for its ownership.
19
The Bank has established internal controls for money laundering and reporting to cover such
areas as large currency transactions, unusual funds transfers, customer identification policies,
insufficient or suspicious information from customers, and unusual employee or bank to bank
transactions.
The Bank will review transactions to insure proper suspicious activity reporting and employee
training effectiveness. The Bank has an ongoing training program for personnel in all
departments, including new employees.
CUSTOMER DUE DILIGENCE/ENHANCDED DUE DILIGENCE (EDD)-
Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) are ongoing risk-based
processes whereby the Bank obtains and maintains customer information. These procedures
assist Bank personnel in detecting, monitoring, assessing and reporting the risk of related
accounts and determination of suspicious activity.
Through the analysis of products and services, coupled with the geographical outreach of the
Bank, the CDD/EDD process was established in order to be commensurate with the bank’s
BSA/AML risk profile, paying particular attention to high-risk customers at account opening and
throughout the customer relationship.
The CDD and EDD processes enable the Bank to predict, with relative certainty, the types of
transactions in which a customer is likely to engage. These procedures assist BSA personnel in
determining whether transactions are potentially suspicious.
Under this approach, the bank obtains information at account opening sufficient to develop an
understanding of normal and expected activity for the customer’s occupation or business
operations. The degree of risk, unless information to the contrary has been established, shall be
based upon the account type or customer classification.
The CDD and EDD processes, when properly instituted, are critical to the risk-based BSA
program which is instrumental in:
Detecting and reporting unusual or suspicious transactions that potentially expose the
bank to financial loss, increased expenses, or reputation risk;
Avoiding criminal exposure from persons that use, or attempt to use, the bank’s products
and services for illicit purposes; and
Adhering to safe and sound banking practices.
The CDD and EDD Processes shall allow the Bank to differentiate between lower-risk customers
and higher-risk customers at account opening and throughout the account relationship. It is
recognized by the Bank’s Board of Directors that customers that pose high money laundering,
terrorist financing risks and other illegal activities present increased exposure.
As it is recognized that due diligence is an ongoing process, the Bank shall take measures to
ensure account profiles are current and monitoring is risk-based. Based upon the risk assessment
and knowledge of the customer base, the Bank should consider whether risk profiles should be
20
adjusted or suspicious activity reported when the activity is inconsistent with the profile.
POTENTIAL HIGH RISK CUSTOMERS
Although attempts to launder money through a legitimate financial institution can come from
many different sources, certain kinds of businesses, transactions, or geographic locations may
lend themselves more readily than others to potential criminal activity. During the account
opening process, the Bank will collect necessary information under the CDD and EDD
procedures, as applicable, to ensure proper monitoring of associated risk with the account and the
activity associated with the customer’s activity. The following are examples of customers that
may pose a greater risk of money laundering or other illicit activity and may warrant closer
attention at account opening and throughout the account relationship:
Potential Non-Individual High Risk Customers
Cash intensive businesses
Convenience store
Gas station
Grocery store
Restaurants
Retail stores
Liquor stores
Vending machine operators
Parking garages
Private owners/operators of ATMs
Recycler/scrap metal dealer
Nonbank financial institutions
Money service businesses (MSB)
Jewelers or other dealers in precious metals, stones or jewels
Casino or card club
Securities brokers or dealers
Nongovernmental organizations or charities
Professional service providers
Attorneys
Accountants
Doctors
Real estate brokers
Deposit brokers
21
Foreign corporations and their domestic business entities including foreign financial
institutions
Individual High Risk Customers
Non-resident alien
Senior foreign political figures and their immediate family members and close associates
(collectively known as politically exposed persons (PEP))
BENEFICIAL OWNERSHIP (COLLECTED ON ALL APPLICABLE ACCOUNTS)
Heightened risks can arise with respect to beneficial owners of accounts because nominal
account holders can enable individuals and business entities to conceal the identity of the true
owner of assets or property derived from or associated with criminal activity. Moreover,
criminals, money launderers, tax evaders, and terrorists may exploit the privacy and
confidentiality surrounding some business entities, including shell companies and other vehicles
designed to conceal the nature and purpose of illicit transactions and the identities of the persons
associated with them. Consequently, identifying the beneficial owner(s) of some legal entities
may be challenging, as the characteristics of these entities often effectively shield the legal
identity of the owner. However, such identification may be important in detecting suspicious
activity and in providing useful information to law enforcement. Therefore, the Bank will make
every attempt to collect at account opening and throughout the account relationship the following
information from entities that pose a heighted risk of illicit activities:
1. Determining whether the customer is acting as an agent for or on behalf of another, and if
so, obtaining information regarding the capacity in which and on whose behalf the
customer is acting
2. Where the customer is a legal entity that is not publicly traded in the United States, such
as an unincorporated association, a private investment company (PIC), or trust or
foundation obtaining information about the structure or ownership of the entity so as to
allow the institution to determine whether the account poses heightened risk
3. Where the customer is a trustee, obtaining information about the trust structure to allow
the institution to establish a reasonable understanding of the trust structure and to
determine the provider of funds and any persons or entities that have control over the
funds or have the power to remove the trustees
OFFICE OF FOREIGN ASSETS CONTROL (OFAC) POLICY
As a part of the Bank’s compliance with the OFAC requirements, the Bank will include in its
risk assessment, a determination of its specific product lines, customer base, and nature of
transactions and identification of higher-risk areas for OFAC transactions.
OFAC is an office of the U.S. Treasury that administers and enforces economic and trade
sanctions based on U.S. foreign policy and national security goals against entities such as
22
targeted foreign countries, terrorists, international narcotics traffickers, and those engaged in
activities related to the proliferation of weapons of mass destruction. OFAC acts under
Presidential wartime and national emergency powers, as well as authority granted by specific
legislation, to impose controls on transactions and to freeze assets under U.S. jurisdiction. Many
of the sanctions are based on United Nations and other international mandates; therefore, they
are multilateral in scope, and involve close cooperation with allied governments. Other
sanctions are specific to the interests of the United States. OFAC has been delegated
responsibility by the Secretary of the Treasury for developing, promulgating, and administering
U.S. sanctions programs.
Violations for the OFAC requirements can lead to significant penalties. Some enforcement
responses may result in the issuance of a civil penalty that, depending on the sanctions program
affected, may be as much as $250,000.00 per violation or twice the amount of a transaction,
whichever is greater.
OFAC rules apply to all financial institutions through which funds might travel. The Bank is
responsible for blocking transactions and freezing assets of specially designated nationals
(SDNs) and blocked persons. The Bank is prohibited from facilitating any funds transfers from
or to the specified countries, their SDNs, SDTs, or SDNTs.
U.S. law requires that assets and accounts of an OFAC-specified country, entity, or individual be
blocked when such property is located in the United States, is held by U.S. individuals or
entities, or comes into the possession or control of U.S. individuals or entities. For example, if a
funds transfer comes from offshore and is being routed through a U.S. bank to an offshore bank,
and there is an OFAC-designated party on the transaction, it must be blocked. The definition of
assets and property is broad and is specifically defined within each sanction program. Assets and
property includes anything of direct, indirect, present, future, or contingent value (including all
types of bank transactions). The Bank will block transactions that:
Are by or on behalf of a blocked individual or entity
Are to or go through a blocked entity
Are in connection with a transaction in which a blocked individual or entity has an
interest.
In some cases, an underlying transaction may be prohibited, but there is no blockable interest in
the transaction (i.e., the transaction should not be accepted, but there is no OFAC requirement to
block the assets). In these cases, the transaction is simply rejected, (i.e., not processed). For
example, the Sudanese Sanctions Regulations prohibit transactions in support of commercial
activities in Sudan. Therefore, a U.S. bank would have to reject a funds transfer between two
companies, which are not Specially Designated Nationals or Blocked Persons (SDN), involving
an export to a company in Sudan that also is not an SDN. Because Sudanese Sanctions would
only require blocking transactions with the Government of Sudan or an SDN, there would be no
blockable interest in the funds between the two companies. However, because the transactions
would constitute support of Sudanese commercial activity, which is prohibited, the U.S. bank
cannot process the transaction and would simply reject the transaction.
23
The Bank must report all blockings to OFAC within 10 days of the occurrence and annually by
September 30 concerning those assets blocked (as of June 30). Once assets or funds are blocked,
the Bank will place funds in a designated blocked account. Prohibited transactions that are
rejected must also be reported to OFAC within 10 days of the occurrence.
Recordkeeping: The Bank must keep a full and accurate record of each rejected transaction for
at least 5 years after the date of the transaction. For blocked property (including blocked
transactions), records must be maintained for the period the property is blocked and for 5
years after the date the property is unblocked.
The Bank has implemented appropriate processes to ensure OFAC is checked on all individuals
and non-individuals prior to establishing a relationship or performing a transaction, as necessary
based on the Bank’s OFAC risk assessment. In addition, the Bank periodically checks its entire
customer database against the current OFAC list.
In addition to the reporting required above and in accordance with instructions on the Suspicious
Activity Report (SAR), any customer conducting a transaction greater than $5,000.00 that is
restricted by OFAC must also be reported on a SAR.
Annual OFAC training will be required of all employees in conjunction with other BSA training.
OFAC has installed a special toll free telephone number, 800-540 OFAC (6322), for bank
compliance inquires; they have a 24-hour FAX line, 1 202 622 0077; and they can be reached via
Internet at www.ustreas.gov/treasury/services/fac/fac.html.
An annual review for compliance with the policy and procedures will be performed by a person
independent of the OFAC duties and responsibilities and will generally be conducted with the
BSA program review.
AUTOMATED CLEARING HOUSE (ACH/IATs) - THIRD PARTY PROCESSORS
A third party processor is any entity which acts as the agent of an originating financial institution
to prepare ACH batches and/or transmit them to the ACH. Entities which may act as third party
processors are data processing agencies, financial institution customers who prepare and transmit
their own batches directly to the ACH, and other financial institutions which may provide data
processing and/or transmitting services.
The responsibilities of the Bank using third party services are basically the same as if the Bank
had originated the transaction itself. The use of a third party in no way relieves the Bank of its
responsibilities under the ACH rules as an originating depository financial institution, even
though the Bank has limited control of the third party processor's activities. The Bank is
responsible for the accuracy and legitimacy of the transactions transmitted to the ACH in files
bearing its transit/routing number; for the timely processing and delivery of the files to the ACH;
and for settlement. Neither fraud nor incompetence on the part of the third party processor
relieves the Bank of these responsibilities.
24
Because using the services of a third party exposes the Bank to risks over and above the normal
risks inherent in acting as an originator of ACH transactions, it is the policy of the Bank not to
permit any entity to prepare and/or transmit files to the ACH on behalf of the Bank. The Bank
will not use the services of outside data processing agencies nor will it permit customers to
transmit directly to the ACH.
Additionally, the Bank will ensure that all parties are searched prior to submission of or the
receipt of an international or domestic automated clearing house transaction. This will include
the search of any and all beneficiaries, originating financial institutions, and intermediaries
associated with the transaction(s).
SUSPICIOUS ACTIVITY REPORTS (SAR)
Suspicious activity reporting forms the cornerstone of the BSA reporting system. It is critical to
the United States’ ability to utilize financial information to combat terrorism, terrorist financing,
money laundering, and other financial crimes. The Bank recognizes that the quality of SAR
content is critical to the adequacy and effectiveness of the suspicious activity reporting system.
The circumstances in which the filing of a report is required:
1. Suspected insider abuse involving any amount
2. Transactions aggregating $5,000.00 or more where a suspect can be identified
3. Transactions aggregating $25,000.00 or more regardless of a potential suspect
4. Transactions aggregating $5,000.00 or more that are conducted at, to, or through the
Bank (or an affiliate) where the Bank suspects or has reason to suspect it may involve
potential money laundering or other illegal activity, is designed to evade BSA
requirements or implementing regulations, and/or has no business or apparent lawful
purpose or is not the type of transaction that the customer would normally engage
If a currency transaction exceeds $10,000.00 and is suspicious, the institution must file both a
CTR and a SAR. If a currency transaction equals or is below $10,000.00 and is suspicious, the
institution should only file a SAR.
The Bank is required to file a SAR no later than 30 calendar days after the date of the initial
detection by the Bank of facts that may constitute a basis for filing a report. If no suspect is
identified on the date of such initial detection, the Bank may delay filing a FinCEN SAR for an
additional 30 calendar days to identify a suspect, but in no case shall reporting be delayed more
than 60 calendar days after the date of such initial detection. In situations involving violations
that require immediate attention, such as terrorist financing or ongoing money laundering
schemes, the Bank shall immediately notify, by telephone, an appropriate law enforcement
authority in addition to filing timely a SAR. The Bank wishing to voluntarily report suspicious
transactions that may relate to terrorist activity may call FinCEN’s Financial Institutions Hotline
at 1-866-556-3974 in addition to filing timely a FinCEN SAR.
SARs are not filed for instances of robberies and burglaries that are reported to local authorities,
or for lost, missing, counterfeit, or stolen securities that are reported pursuant to the requirements
of 17 CFR 240.17f‐l.
25
All SARs that are filed will be transmitted through the e-filing system established by FinCEN.
The report shall be completed in accordance with the detailed instructions enumerated in
FinCEN’s Suspicious Activity Report Electronic Filing Requirements manual. A summary of the
SAR will be submitted to the Board of Directors at the next available Board meeting which is
appropriate for such disclosure.
Monitoring, Detecting, and Reporting SARs: The BSA Officer or designated assignee will be
responsible for monitoring on a daily, weekly or monthly basis appropriate reports for
identifying unusual or suspicious transactions. Employees are instructed to notify the BSA
Officer immediately if they detect customer activity that is not consistent with the customer’s
normal banking activity; any suspicious loss; or any violations to the Bank Secrecy Act. The
BSA Officer or designated assignee will then research the activity to determine whether a SAR
should be filed. If it is determined that a SAR is required, the SAR will be immediately filed
after investigation is completed. No more than 30 days (60 days if suspect is not known) will be
taken to complete investigation. The SAR will be reviewed by a second party prior to
transmission of the report.
Confidentiality: It will be the BSA Officer’s or designee’s responsibility to ensure the
confidentiality of filed SARs or decision-making documentation regarding decision not to file a
SAR(s). This information is only suitable for personnel with requirements for reporting
suspicious activity and responding to FinCEN or other law enforcement agency requests (see
section on verifying law enforcement agency request for further details).
Bank will exercise the right to close any customer’s account that conducts activity that requires
continual monitoring or that violates the BSA.
Employees will receive annual training on suspicious activity detection and reporting procedures.
Subpoenas: Subpoenas received by the Bank pertaining to any related BSA violation or anti-
money laundering provision shall be reviewed by the Bank’s BSA Officer. The receipt of a
subpoena by itself does not require the filing of a SAR in and of itself. The facts and
circumstances pertaining to the customer’s account activity will be investigated and the BSA
Officer will determine if the filing of a SAR is necessary and appropriate in relationship to
applicable law.
National Security Letters (NSLs): NSLs are written investigative requests that are issued by the
local Federal Bureau of Investigation (FBI) and other such federal government authorities
engaged in counterintelligence and counterterrorism and are designed to obtain the following
information or records:
Telephone or electronic communication records from telephone companies and Internet
Service Providers (ISPs)
Information from credit bureaus and consumer reporting agencies
Financial records from banks and other financial institutions
26
These letters are highly confidential documents and no Bank personnel or agent of the Bank can
disclose to any person(s) that a government authority referenced herein has sought to obtain
access of such records through the Right to Financial Privacy Act NSL. Upon receipt of a NSL,
the Bank’s BSA Officer will respond appropriately to the request under applicable law and
should a SAR be deemed necessary to file, the SAR will make no reference to the NSL and will
only reference those facts and activities associated with the supported suspicious or unusual
activity identified by the Bank.
SAR FILING ON CONTINUING ACTIVITY
One purpose of filing SARs is to identify violations or potential violations of the law to the
appropriate law enforcement authorities for criminal investigation personnel. This objective is
accomplished by the filing of a SAR that identifies the activity of concern. If this activity
continues over a period of time, such information should be made known to law enforcement and
the federal banking agencies. Financial institutions with SAR requirements may file SARs for
continuing activity after a 90 day review with the filing deadline being 120 days after the date
of the previously related SAR filing. To adhere to this deadline, the BSA Officer or designee
will conduct a review of appropriate account activity associated with the customer’s transactions
and accounts to determine if the activity is, in fact, continuing. To allow sufficient time to
prepare and file a “continuous SAR” the BSA Officer will conduct such a review to allow
enough time to investigate the activity and customer accounts and make the filing prior to the
120th
day deadline. Financial institutions may also file SARs on continuing activity earlier than
the 120 day deadline if the institution believes the activity warrants earlier review by law
enforcement. For accounts and customers whom repeat SARs have been filed, the Bank will
continually evaluate the risks posed by the relationship and will take appropriate actions up to
and including, terminating the relationship.
Recordkeeping: Identify and retain a copy of the form and all original supporting documentation
for 5 years from the date of the form. All supporting documentation should be made available to
the appropriate authorities upon request.
DECISIONS NOT TO FILE SARs
If it is determined that no SAR is required, the reason for not filing will be well documented.
This documentation will include and record the apparent lawful purpose or business intent of the
transaction to substantiate the decision. If the transaction does not appear to be consistent with
the customer’s typical and expected activity and the Bank can find no justification for the
apparent lawful purpose or business intent of the funds, a SAR will be filed according to
applicable law and regulation.
LAW ENFORCEMENT REQUESTS
The Bank is committed to aiding law enforcement in the fight against money laundering and
terrorist financing. A cornerstone of the Bank’s BSA/AML procedures includes identifying the
subjects of law enforcement requests, monitoring the transaction activity of those subjects,
identifying unusual or suspicious activity related to those subjects, and filing, as appropriate,
SARs related to those subjects. Law enforcement inquiries can include grand jury subpoenas,
27
National Security Letters (NSLs), and section 314(a) requests.
When requested to provide supporting documentation including confidential customer
information, the Bank will not release any information to anyone claiming to be a member of law
enforcement, a representative of FinCEN, or a supervisory agency without first verifying the
individual’s credentials and identity. Verification may be completed by contacting the
requestor’s field office or by a face-to-face review of the requestor’s credentials (i.e.
government-issued photo identification card).
INFORMATION SHARING- 314(a)
The Financial Crimes Enforcement Network (FinCEN) provides a unique service to law
enforcement to help locate financial assets and recent transactions by subjects of criminal
investigations.
A federal, state, local, or foreign law enforcement agency investigating terrorist activity or
money laundering may request that FinCEN solicit, on its behalf, certain information from the
Bank or a group of financial institutions. The law enforcement agency must provide a written
certification to FinCEN attesting that there is credible evidence of engagement or reasonably
suspected engagement in terrorist activity or money laundering for each individual, entity, or
organization about which the law enforcement agency is seeking information. The law
enforcement agency also must provide specific identifiers, such as a date of birth and address,
which would permit the Bank to differentiate among common or similar names. Upon receiving
a completed written certification from a law enforcement agency, FinCEN may require the Bank
to search its records to determine whether it maintains or has maintained accounts for, or has
engaged in transactions with, any specified individual, entity, or organization.
Search Requirements: Upon receiving an information request, the Bank will conduct a one-time
search of its records to identify accounts or transactions of a named suspect within the request.
Unless otherwise instructed by an information request, the Bank will search its records for
current accounts, accounts maintained during the preceding 12 months, and transactions
conducted outside of an account by or on behalf of a named suspect during the preceding 6
months. The Bank will search its records and report any positive matches to FinCEN within 14
days, unless otherwise specified in the information request.
All 314(a) requests will be checked against our customer records (core system), check and wire
transfer spreadsheet(s), Monetary Instrument Log(s), and any other logs or records maintained by
the Bank that record any non-customer transactions to ensure they are checked , as information
requests are received and in order to comply with the 14 day reporting deadline. The core
system and current customers or customers with maintained accounts will be searched for the
preceding 12 months. All other non-customer transactions (i.e. wire transfers or monetary
instruments sold or processed for non-customers) will be searched for the preceding 6 months.
This review will be performed by a designated employee and initialed by an officer.
Documentation will be maintained evidencing the conducted search. A “positive hit” regarding a
suspect does not require the Bank to close an account or to file a SAR, however, the BSA Officer
will be informed of any such hits and will determine, based on the facts and circumstances of the
situation, whether a SAR is or is not required to be filed based on applicable law. If the account
28
is closed, we will notify law enforcement of such action.
Confidentially of 314(a) Requests: The BSA Officer will ensure confidentiality of the suspect
list, its distribution to only those parties responsible for executing the search, and any and all
communication pertaining to a positive hit associated with the search. Additionally, any and all
documentation regarding correspondence with law enforcement or internal memorandums
pertaining to a suspect or a list of suspects, will remain confidential and only accessible to those
persons with responsibility for complying with the search requirements. The BSA Officer will
also ensure that the original list of suspects searched are not maintained and that only a log of the
conducted searches with corresponding tracking number will be maintained by the Bank.
INFORMATION SHARING- 314(b)
Section 314(b) encourages the Bank and associations of financial institutions located in the
United States to share information in order to identify and report activities that may involve
terrorist activity or money laundering. Section 314(b) also provides protection from civil
liability. To avail itself of this statutory safe harbor from liability, the Bank or an association
must notify FinCEN of its intent to engage in information sharing and that it has established and
will maintain adequate procedures to protect the security and confidentiality of the information.
Failure to comply with the requirements of 31 CFR 103.110 will result in loss of safe harbor
protection for information sharing and may result in a violation of privacy laws or other laws and
regulations.
The USA PATRIOT Act Section 314(b) permits the Bank, upon providing notice to the United
States Department of the Treasury, to share information with one another in order to identify and
report to the federal government activities that may involve money laundering or terrorist
activity. Financial institutions wanting to do so may notify the Treasury Department by clicking
on the Section 314(b) Certification link on the FINCEN website. The 314(b) enrollment or
renewal form can be filed electronically from the FINCEN website or a mail-in form can be
downloaded. The Bank has filed and received certification for 314(b) sharing of information
with other financial institutions should the need arise. Additionally, the Bank has appointed the
BSA Officer or designee thereof as the contact person for maintain compliance with provisions
under section 314(b) for registering as appropriate, receiving information requests, and providing
information when requested in accordance with applicable law and regulation.
Prior to providing any requested information to another financial institution, the Bank’s BSA
Officer or designee will verify that the institution has also submitted the required notice to
voluntarily share information to FinCEN by accessing the list of such institutions and their
related contact information from the confidential FinCEN website. Any information received
from another registered institution shall only be used to identify and, when appropriate, report
money laundering or suspicious activities, to determine whether an account should be
maintained, to engage in any transactions with the customer, or in the furtherance of any actions
prescribed under regulatory requirement or law. Additionally, the safe harbor does not extend
to sharing information across international border and does not authorize a financial institution to
share a SAR, nor to disclose the existence or nonexistence of a SAR. The information shared
should be limited only to underlying transactions and customer information. The information
obtained under section 314(b) may be used to determine whether to file a SAR, but the intention
29
to prepare or file a SAR cannot be shared with another financial institution.
Currently, the Bank is registered to share information under 314(b). Appropriate procedures will
be followed prior to sharing any information under this law.
MONEY SERVICES BUSINESSES (MSBs)
Definition: A business meets the definition of a MSB if it has more than $1,000.00 in business
with one person in one or more transactions on any one day. Transactions include check
cashing, currency dealing or exchange, issuing travelers checks or money orders, or selling or
redeeming traveler’s checks or money orders. Money transmitters (entity who engages in the
transfer of funds) are a MSB and have no dollar thresholds. Some of the typical MSBs include
bars, casinos, liquor stores, gas stations, convenience stores, and grocery stores. Banks are
excluded from this definition. The U.S. Postal Service, any agency of the United States/any
state/any political subdivision of any state, or any business that is an MSB solely because it
serves as an agent of another MSB, such as Western Union or Money Gram, are not required to
register.
With limited exceptions, MSBs are subject to the full range of BSA regulatory controls,
including the anti-money laundering program rules, suspicious activity and currency transaction
reporting rules, and various other identification and recordkeeping rules. Additionally, existing
FinCEN regulations require certain money services business principals to register with FinCEN.
Many MSBs, including the vast majority of money transmitters in the United States, operate
through a system of agents. While agents are not presently required to register with FinCEN,
they are themselves money services businesses that are required to establish anti-money
laundering programs and comply with the other recordkeeping and reporting requirements
described above. Finally, many states have established anti-money laundering supervisory
requirements, often including the requirement that a money services business be licensed with
the state in which it is incorporated or does business. The range of products and services offered,
and the customer bases served by MSBs are diverse. In fact, while they all fall under the
definition of a money services business, the types of businesses are quite distinct. In addition,
many money services businesses only offer money services as an ancillary component to their
primary business, such as a convenience store that cashes checks or a hotel that provides
currency exchange. Other money services businesses offer a variety of services, such as check
cashing and stored value card sales.
MSB Due Diligence
FinCEN and the Federal Banking Agencies expect the Bank to apply the requirements of the
Bank Secrecy Act, as they do with all accountholders, on a risk-assessed basis. As with any
category of accountholder, there will be MSBs that pose little risk of money laundering and those
that pose a significant risk. It is essential that the Bank neither define nor treat all MSBs as
posing the same level of risk. Put simply, a local grocer that also cashes payroll checks for
customers purchasing groceries cannot be equated with a money transmitter specializing in
cross-border wire transfers to jurisdictions posing heightened risk for money laundering or the
financing of terrorism, and therefore the BSA obligations on the Bank will differ significantly.
30
Registration with FinCEN, if required, and compliance with any state-based licensing
requirements represent the most basic of compliance obligations for MSBs; a money services
business operating in contravention of registration or licensing requirements would be violating
Federal and possibly state laws. As a result, it is reasonable and appropriate for a banking
organization to insist that a money services business provide evidence of compliance with such
requirements or demonstrate that it is not subject to such requirements. In those instances where
the Bank knows or has reason to know a business is operating as an MSB without proper
registration, a SAR will be filed.
The Bank will conduct a basic risk assessment on each MSB opening an account at the Bank
which, at a minimum, will include the following factors:
Purpose of the account
Anticipated account activity (by type and volume)
Types of products and services offered by the MSB customer
Locations where the MSB operates or services its customers
In addition to the above information, the Bank will also perform the following, as applicable:
Apply the Bank’s CIP
Confirm FinCEN registration, if required;
Confirm compliance with state or local licensing requirements, if applicable;
Confirm agent status, if applicable; and
If the basic MSB risk assessment indicates potential for a heightened risk of money laundering or
terrorist financing, the Bank will be expected to conduct further due diligence in a manner
commensurate with the heightened risk. Additional due diligence that may be considered
depending on the risk presented could include:
Reviewing the MSB’s anti-money laundering program; Reviewing results of the money services business’s independent testing of its anti-money
laundering program; conducting on-site visits; Reviewing list of agents, including locations, within or outside the United States, that will be
receiving services directly or indirectly through the money services business account; Reviewing written procedures for the operation of the money services business; Review written agent management and termination practices for the money services
business; or Review written employee screening practices for the money services business.
All MSB accounts pose varying levels of risk to the Bank. Below are examples of lower-risk
indicators (not an exhaustive list):
1. Primarily markets to customers that conduct routine transactions with moderate
frequency in low amounts
2. Offers only a single line of money services business product (for example, only check
cashing or only currency exchanges)
31
3. Is a check casher that does not accept out of state checks
4. Is a check casher that does not accept third-party checks or only cashes payroll or
government checks
5. Is an established business with an operating history
6. Only provides services such as check cashing to local residents
7. Is a money transmitter that only remits funds to domestic entities
8. Only facilitates domestic bill payments
Below are examples of higher-risk indicators (not an exhaustive list):
1. Allows customers to conduct higher-amount transactions with moderate to high
frequency
2. Offers multiple types of money services products
3. Is a check casher that cashes any third-party check or cashes checks for commercial
businesses
4. Is a money transmitter that offers only, or specializes in, cross-border transactions,
particularly to jurisdictions posing heightened risk for money laundering or the financing
of terrorism or to countries identified as having weak anti-money laundering controls
5. Is a currency dealer or exchanger for currencies of jurisdictions posing heightened risk
for money laundering or the financing of terrorism or countries identified as having weak
anti-money laundering controls
6. Is a new business without an established operating history
7. Is located in an area designated as a High Risk Money Laundering and Related Financial
Crimes Area or a High-Intensity Drug Trafficking Area
Below are examples of potential suspicious activity associated with an MSB account:
1. A check casher deposits checks from financial institutions in jurisdictions posing
heightened risk for money laundering or the financing of terrorism or from countries
identified as having weak anti-money laundering controls when the money services
business does not overtly market to individuals related to the particular jurisdiction
2. A check casher deposits currency in small denomination bills or unusually large or
frequent amounts. Given that a check casher would typically deposit checks and
withdraw currency to meet its business needs, any recurring deposits of currency may be
an indicator of suspicious activity
3. A check casher deposits checks with unusual symbols, stamps, or written annotations
either on the face or on the back of the negotiable instruments
4. A money transmitter transfers funds to a different jurisdiction than expected, based on the
due diligence information that the banking organization had assessed for the particular
money services business. For example, if the money transmitter represented to the
banking organization or in its business plan that it specializes in remittances to Latin
America and starts transmitting funds on a regular basis to another part of the world, the
unexplained change in business practices may be indicative of suspicious activity
5. A money transmitter or seller/issuer of money orders deposits currency significantly in
excess of expected amounts, based on the due diligence information that the banking
organization had assessed for the particular money services business, without any
justifiable explanation, such as an expansion of business activity, new locations, etc.
32
As stated previously, if at any time the Bank becomes aware of an MSB not complying with
registration requirements of the federal or state government or a current customer becomes an
MSB and does not file prior to transacting activity as an MSB, the Bank will file a SAR as
appropriate. Additionally, the Bank will review the account relationship and determine, based on
facts and circumstances of the account, if the Bank should cease and close the account.