Bank Secrecy Act
Nondeposit Investment Products
Objective. Assess the adequacy of the bank’s systems to manage the risks associated with both networking and in-house nondeposit investment products (NDIP), and management’s ability to implement effective monitoring and reporting systems.
1. Review the policies, procedures, and processes related to NDIP. Evaluate the adequacy of the policies, procedures, and processes given the bank’s NDIP activities and the risks they present. Assess whether the controls are adequate to reasonably protect the bank from money laundering and terrorist financing.
2. If applicable, review contractual arrangements with financial service providers. Determine the BSA/AML compliance responsibility of each party. Determine whether these arrangements provide for adequate BSA/AML oversight.
3. From a review of MIS reports (e.g., exception reports, funds transfer reports, and activity monitoring reports) and internal risk rating factors, determine whether the bank effectively identifies and monitors NDIP, particularly those that pose a higher risk for money laundering.
4. Determine how the bank includes NDIP sales activities in its bank-wide or, if applicable, firm-wide BSA/AML aggregation systems.
5. Determine whether the bank’s system for monitoring NDIP and for reporting suspicious activities is adequate given the bank’s size, complexity, location, and types of customer relationships.
6. If appropriate, refer to the core examination procedures, “Office of Foreign Assets Control,” pages 157 to 159, for guidance.
If the bank or its majority-owned subsidiary is responsible for the sale or direct monitoring of NDIP, then examiners should perform the following transaction testing procedures on customer accounts established by the bank.
7. On the basis of the bank’s risk assessment of its NDIP activities, as well as prior examination and audit reports, select a sample of higher risk NDIP. From the sample selected, perform the following examination procedures:
- Review appropriate documentation, including CIP, to ensure that adequate due diligence has been performed and appropriate records are maintained.
- Review account statements and, as necessary, specific transaction details for:
- Expected transactions with actual activity.
- Holdings in excess of the customer’s net worth.
- Irregular trading patterns (e.g., incoming funds transfers to purchase securities followed by delivery of securities to another custodian shortly thereafter).
- Determine whether actual activity is consistent with the nature of the customer’s business and the stated purpose of the account. Identify any unusual or suspicious activity.
8. On the basis of examination procedures completed, including transaction testing, form a conclusion about the adequacy of policies, procedures, and processes associated with NDIP sales activities.