Bank Secrecy Act
Trust and Asset Management Services
Objective. Assess the adequacy of the bank’s policies, procedures, processes, and systems to manage the risks associated with trust and asset management239 services, and management’s ability to implement effective due diligence, monitoring, and reporting systems.
If this is a standalone trust examination, refer to the core examination procedures, "Scoping and Planning," pages 19 to 21, for comprehensive guidance on the BSA/AML examination scope. In such instances, the trust examination may need to cover additional areas, including training, the BSA compliance officer, independent review, and follow-up items.
1. Review the policies, procedures, and processes related to trust and asset management services. Evaluate the adequacy of the policies, procedures, and processes given the bank’s trust and asset management activities and the risks they present. Assess whether the controls are adequate to reasonably protect the bank from money laundering and terrorist financing.
2. Review the bank’s procedures for gathering additional identification information, when necessary, about the settlor, grantor, trustee, or other persons with authority to direct a trustee, and who thus have authority or control over the account, in order to establish a true identity of the customer.
3. From a review of MIS and internal risk rating factors, determine whether the bank effectively identifies and monitors trust and asset management relationships, particularly those that pose a higher risk for money laundering.
4. Determine how the bank includes trust and asset management relationships in a bank-wide or, if appropriate, firm-wide BSA/AML aggregation systems.
5. Determine whether the bank’s system for monitoring trust and asset management relationships for suspicious activities, and for reporting of suspicious activities, is adequate given the bank’s size, complexity, location, and types of customer relationships.
6. If appropriate, refer to the core examination procedures, “Office of Foreign Assets Control,” pages 157 to 159, for guidance.
7. On the basis of the bank’s risk assessment of its trust and asset management relationships, as well as prior examination and audit reports, select a sample of higher-risk trust and asset management services relationships. Include relationships with grantors and co-trustees, if they have authority or control, as well as any higher-risk assets such as private investment companies (PIC) or asset protection trusts. From the sample selected, perform the following examination procedures:
- Review account opening documentation, including the CIP, to ensure that adequate due diligence has been performed and that appropriate records are maintained.
- Review account statements and, as necessary, specific transaction details. Compare expected transactions with actual activity.
- Determine whether actual activity is consistent with the nature of the customer’s business and the stated purpose of the account.
- Identify any unusual or suspicious activity.
8. On the basis of examination procedures completed, including transaction testing, form a conclusion about the adequacy of policies, procedures, and processes associated with trust and asset management relationships.