Bank Secrecy Act
Objective. Assess the adequacy of the bank’s systems to manage the risks associated with the sale of covered insurance products, and management’s ability to implement effective monitoring and reporting systems.
1. Review the policies, procedures, and processes related to insurance sales. Evaluate the adequacy of the policies, procedures, and processes given the bank’s insurance sales activities, its role in insurance sales, and the risks the insurance sales present. Assess whether the controls are adequate to reasonably protect the bank from money laundering and terrorist financing.
2. Review the contracts and agreements for the bank’s networking arrangements with affiliates, operating subsidiaries, or other third-party insurance providers conducting sales activities on bank premises on behalf of the bank.
3. Depending on the bank's responsibilities as set forth in the contracts and agreements, review MIS reports (e.g., large transaction reports, single premium payments, early policy cancellation records, premium overpayments, and assignments of claims) and internal risk rating factors. Determine whether the bank effectively identifies and monitors covered insurance product sales.
4. Depending on the bank’s responsibilities as set forth in the contracts and agreements, determine whether the bank’s system for monitoring covered insurance products for suspicious activities, and for reporting suspicious activities, is adequate given the bank’s size, complexity, location, and types of customer relationships.
5. If appropriate, refer to the core examination procedures, "Office of Foreign Assets Control," page 152, for guidance.
If the bank or its majority-owned subsidiary is responsible for the sale or direct monitoring of insurance, then examiners should perform the following transaction testing procedures.
6. On the basis of the bank’s risk assessment of its insurance sales activities, as well as prior examination and audit reports, select a sample of covered insurance products. From the sample selected, perform the following examination procedures:
- Review account opening documentation and ongoing due diligence information.
- Review account activity. Compare anticipated transactions with actual transactions.
- Determine whether activity is unusual or suspicious.
7. On the basis of examination procedures completed, including transaction testing, form a conclusion about the adequacy of policies, procedures, and processes associated with insurance sales.