Bank Secrecy Act
Objective. Assess the adequacy of the bank’s systems to manage the risks associated with cash-intensive businesses and entities, and management’s ability to implement effective due diligence, monitoring, and reporting systems.
1. Review the policies, procedures, and processes related to cash-intensive businesses. Evaluate the adequacy of policies, procedures, and processes given the bank’s cash-intensive business activities in relation to the bank’s cash-intensive business customers and the risks that they represent. Assess whether the controls are adequate to reasonably protect the bank from money laundering and terrorist financing.
2. From a review of MIS and internal risk rating factors, determine whether the bank effectively identifies and monitors cash-intensive businesses and entities.
3. Determine whether the bank’s system for monitoring cash-intensive businesses for suspicious activities, and for reporting of suspicious activities, is adequate given the bank’s size, complexity, location, and types of customer relationships.
4. If appropriate, refer to the core examination procedures, "Office of Foreign Assets Control," page 152, for guidance. Transaction Testing
5. On the basis of the bank's risk assessment of its cash-intensive business and entity relationships, as well as prior examination and audit reports, select a sample of cash-intensive businesses. As an alternative, identify branches in the bank's highest-risk areas or branches that ship/receive the most cash and request the largest sources and users of cash at those locations. From the sample selected, perform the following examination procedures:
- Review account opening documentation including CIP information, if applicable, and a sample of transaction activity.
- Determine whether actual account activity is consistent with anticipated account activity.
- Look for trends in the nature, size, or scope of the transactions, paying particular attention to currency transactions.
- Determine whether ongoing monitoring is sufficient to identify potentially suspicious activity.
6. On the basis of examination procedures completed, including transaction testing, form a conclusion about the adequacy of policies, procedures, and processes associated with cash-intensive businesses and entities.