1 A Presentation for Members of the Bank Compliance Association of Connecticut (BCAC) June 12, 2008 Rebecca Williams FDIC Case Manager (Special Activities)

2 Most Common BSA Violations ● Failure to File a CTR – 8% ● Inadequate System of Internal Controls for BSA Compliance – 7% Controls for BSA Compliance – 7%

3 Most Common BSA Violations ● Failure to Search Records for 314(a) Purposes – 5% 314(a) Purposes – 5% ● Failure to Obtain Minimum CIP Information – 5% Information – 5%

4 Most Common BSA Violations ● Failure to File a Timely SAR – 5% ● Failure to Furnish Information Required in CTR – 5% Required in CTR – 5%

5 Most Common BSA Findings High-Risk Customers ● Insufficient Identification of High-Risk Customers High-Risk Customers ● Inadequate Monitoring Procedures for High-Risk Customers for High-Risk Customers

6 Most Common BSA Findings Training ● Not All Relevant Employees Have Been Trained Been Trained ● Training Not Tailored to Employee Job Function Job Function

7 Most Common BSA Findings Money Services Businesses (MSBs) ● Insufficient Identification of MSB Customers Customers ● Inadequate Due Diligence or Monitoring Procedures Regarding MSB Customers Procedures Regarding MSB Customers

8 Most Common BSA Findings Suspicious Activity Monitoring ● Insufficient Monitoring of Wire Transfer Activity Activity ● Insufficient Monitoring of Monetary Instrument Sales Instrument Sales

9 For Your Information… Funds Transfer Recordkeeping and The Travel Rule ● Banks Must Obtain and Retain Required Records - 31 CFR (e) Records - 31 CFR (e) ● Originator’s Banks and Intermediary Institutions Must Follow Travel Rule Institutions Must Follow Travel Rule Requirements - 31 CFR (g) Requirements - 31 CFR (g)

10 For Your Information… CIP - Record Retention ● CIP regulations became effective on October 1, October 1, ● Certain minimum CIP “identifying information” must be maintained for [at least] five years after must be maintained for [at least] five years after the account is closed. the account is closed. ● As the five-year mark approaches, banks should ensure their record-retention policies and ensure their record-retention policies and practices conform to CIP regulation practices conform to CIP regulation requirements. requirements.

11 For Your Information… SAR Supporting Documentation Guidance ● FIN-2007-G003 was issued by FinCEN on June 13, on June 13, ● Financial institutions must provide SAR supporting documentation in response to supporting documentation in response to requests by FinCEN and appropriate law requests by FinCEN and appropriate law enforcement or supervisory agencies. enforcement or supervisory agencies.

12 For Your Information… Guidance Regarding: Whether Certain Reloadable Card Operations are MSBs ● FIN-2008-R005 was issued by FinCEN on March 10, on March 10, ● FinCEN determined that member- sponsored merchants and ATMs are not MSBs, to the extent that they participate in the program as described in the guidance.

13 For Your Information… Possible CTR Exemption Rule Changes ● Notice of Proposed Rulemaking and Request for Comments Published Request for Comments Published April 24, 2008 April 24, 2008 ● Still in Proposal Stage – No Regulation Changes Effective to Date Changes Effective to Date

14 For Your Information… Possible CTR Exemption Rule Changes (continued) FinCEN’s Intent: ­ To Simplify Current Exemption ­ To Simplify Current Exemption Requirements Requirements ­ To Implement GAO Report ­ To Implement GAO Report Recommendations Recommendations

15 For Your Information… Possible CTR Exemption Rule Changes (continued) Proposed Regulation Changes: 1) Eliminate Biennial Filing Requirement 1) Eliminate Biennial Filing Requirement 2) Eliminate Requirement to File 2) Eliminate Requirement to File Exemption Forms on, and Annually Review Exemption Forms on, and Annually Review Supporting Information for, Exempt Depository Supporting Information for, Exempt Depository Institutions, Government Agencies, and Institutions, Government Agencies, and Entities Exercising Governmental Authority Entities Exercising Governmental Authority 3) Eliminate 12-Month Time Period for Phase II 3) Eliminate 12-Month Time Period for Phase II Exemptions, in Favor of Risk-Based Approach Exemptions, in Favor of Risk-Based Approach

16 For Your Information… FFIEC BSA/AML Examination Manual ● Current Version – August 2007 ● Next Revision Expected to be Released in the Latter Half of 2009 Released in the Latter Half of 2009

17 For Your Information… Politically Exposed Persons (PEPs) Reference Materials: ● 2007 FFIEC BSA/AML Examination Manual ● 2007 FFIEC BSA/AML Examination Manual (pages ) (pages ) ● January 2001 “Guidance on Enhanced Scrutiny ● January 2001 “Guidance on Enhanced Scrutiny for Transactions that may Involve the Proceeds for for Transactions that may Involve the Proceeds for Foreign Official Corruption” Foreign Official Corruption”

18 For Your Information… Politically Exposed Persons (PEPs) Banks should: ● Take Reasonable Steps to Identify PEP Accounts ● Take Reasonable Steps to Identify PEP Accounts ● Obtain Risk-Based Due Diligence Information on PEPs ● Obtain Risk-Based Due Diligence Information on PEPs ● Conduct Risk-Based Scrutiny and Monitoring of PEP Accounts ● Conduct Risk-Based Scrutiny and Monitoring of PEP Accounts

19 For Your Information… Politically Exposed Persons (PEPs) Internet Resources: 1) (then click on “World Leaders”) 1) (then click on “World Leaders”) 2) 2) 3) 3)

20 For Your Information… Privately-Owned ATMs ● Refer to pages of the 2007 FFIEC BSA/AML Examination Manual. ● Privately-Owned ATMs are susceptible to money laundering schemes, identity theft, outright theft of the ATM currency, and fraud.

21 For Your Information… Privately-Owned ATMs Banks should: ● Identify Privately-Owned ATM Customers ● Apply Appropriate Due Diligence to Those Customers ● Assess BSA/AML Risk of Those Customers ● Implement Appropriate Suspicious Activity Monitoring

22  Questions?