Bank Secrecy Act
Objective. Assess the adequacy of the bank’s systems to manage the risks associated with electronic cash (e-cash), including prepaid cards, and management’s ability to implement effective monitoring and reporting systems.
1. Review the policies, procedures, and processes related to e-cash, including prepaid cards. Evaluate the adequacy of the policies, procedures, and processes given the bank’s e-cash activities, including prepaid cards, and the risk they present. Assess whether the controls are adequate to reasonably protect the bank from money laundering and terrorist financing.
2. From a review of MIS and internal risk rating factors, determine whether the bank effectively identifies and monitors higher-risk e-cash transactions, including prepaid card transactions.
3. Determine whether the bank’s system for monitoring e-cash transactions, including prepaid card transactions, for suspicious activities, and for reporting suspicious activities, is adequate given the bank’s size, complexity, location, and types of customer relationships.
4. If appropriate, refer to the core examination procedures, “Office of Foreign Assets Control,” pages 157 to 159, for guidance.
5. On the basis of the bank’s risk assessment of its e-cash activities, including prepaid card activities, as well as prior examination and audit reports, select a sample of e-cash transactions. From the sample selected perform the following examination procedures:
- Review account opening documentation, including CIP, ongoing CDD, and transaction history.
- Compare expected activity with actual activity.
- Determine whether the activity is consistent with the nature of the customer’s business.
- Identify any unusual or suspicious activity.
6. On the basis of examination procedures completed, including transaction testing, form a conclusion about the adequacy of policies, procedures, and processes associated with e-cash relationships.