bsa reports & training for cu officials · assess risk, establish, implement, and monitor bsa...
Post on 14-May-2020
9 Views
Preview:
TRANSCRIPT
BSA Reports & Training for CU Officials
Presented by Rusty Vellek NCCO, NCRM, BSACS
Compliance Officer Transportation FCU
Disclaimer
I am not an attorney. Nothing in this presentation should be construed as legal advice.
Instead, we’ll discuss some more practical aspects of BSA reports and training for officials.
Topics We Will Discuss
• Responsibilities under BSA: – Board of Directors, Management & Staff – Supervisory Committee
• Reporting to the Board of Directors (or designated committee).
Topics We Will Discuss
• Training for Officials: – Differences between training Staff & Officials – In house training vs. other alternatives – Combining Board training with policy reviews – Sample training presentation slides
Poll Question #1a,1b
• Does your credit union separate BSA training for officials from training for staff? – Yes – No
• Is the Supervisory Committee included in BSA training? – Yes – No
• Review and approve BSA and OFAC policies (generally annually).
• Appoint BSA/OFAC Compliance Officer(s) and ensure that adequate resources are provided.
• Review periodic BSA reports. • Participate in training (generally annually).
Board Responsibilities
Mgmnt/Staff/Supervisory Comm
• Management & Staff are generally responsible for executing Board-approved BSA/OFAC programs.
• The BSA/OFAC Compliance Officer(s) should have specific responsibility and authority under the policies.
• Supervisory Committee responsibility as part of their general oversight function.
Reporting to your Board
• Regulatory requirements are fairly general – NCUA Rules and Regulations Part 748.1(c)(4)
requires that: “The management of the credit union must promptly
notify its board of directors, or a committee designated by the board of directors to receive such notice, of any SAR filed.”
When to report SAR filings
“. . . must promptly notify . . .” is generally interpreted to mean at the next monthly meeting of the Board (or committee).
How Much to Report?
• The regulations are not very specific in this regard
• Caution: SAR filings and investigations are strictly confidential -- keep this in mind when preparing your reports. – Especially important if suspect is an official,
employee, friend or relative – you must not tip them off.
If suspect is a director . . .
• The suspect may not be notified of the SAR filing or investigation, but the other directors or committee members must still be notified.
• How you handle that would depend in large part on the particular situation at your credit union.
What we do at TFCU
• We have a standard monthly report template that includes: – Number of CTR filings for the month & YTD – Number of SAR filings for the month & YTD – A brief summary sentence or two describing
any SARs filed, leaving out names, account numbers or other identifying information
SAR Description Samples
• Member made cash withdrawals of $5,000 each [totaling $30,000] on six consecutive business days. [Structuring]
• The member tried to negotiate a fraudulent “Certified Check” drawn on a Federal Reserve Bank. [Check Fraud/Counterfeit Check]
Other Reports to the Board
• BSA/AML/OFAC Risk Assessment(s) & Policies
• You should also provide your board with additional reports as needed to keep them informed of new developments or changes to your BSA programs, regulations, risk parameters, etc.
Training for Officials
Some Training Objectives
• Meet regulatory requirements [this should really be last]
• Educate officials about BSA requirements in general, and their responsibilities in particular
• Inform officials about your programs, strengths and areas for improvement, any resource needs (get their support!)
Board vs. Staff Training
• Generally, your Staff needs more specific, detailed technical training – the “how-to” practices suited to their roles.
• Most officials do not need or want to be involved with that level of detail.
Officials vs. Staff Training
• The Board needs a good understanding of BSA and related laws and regulatory requirements in order to ensure that they – and the credit union – are fulfilling their responsibilities under BSA.
• Including the Supervisory Committee helps ensure that everyone is “on the same page.”
• Review and approve BSA and OFAC policies.
• Appoint BSA/OFAC Compliance Officer(s) and ensure that adequate resources are provided.
• Review periodic BSA reports. • Participate in training.
Board Responsibilities
Some Training Options
• Live in-house training vs. alternatives: – On-line training (in-house or outside) – NAFCU or other association training events – Outside consultants, instructors – Combinations of the above
• Plenty of resources available: – NAFCU, FinCEN, NCUA, etc.
How to decide?
• Factors guiding how you approach Board training may include: – Your credit union’s size, FOM, risk profile,
complexity of operations – Your credit union’s culture – Board and
management structure and preferences – Their previous BSA training – Your training objectives – To quiz or not to quiz . . .
Poll Question #2
• How does your credit union conduct BSA training for officials? – On-line training – Outside training events – In house using outside presenter – In house presented by staff – Combination of methods
In-House Training Tips • Some tips if you are going to conduct
training for your Officials in house: – Define your specific training objectives.
In addition to those already mentioned, for example: • Do you need approval for new program or
policy changes? • Any particular issues to address, resolve? • Any audit or exam findings?
More In-House Tips
– Consider the time allotted – an agenda item at a Board meeting vs. separate session.
– Consider the size of the group, location.
More In-House Tips
– Use of PowerPoint slides
• Keep them brief • Avoid a lot of clutter, fancy graphics or
effects – those mostly just distract from the material
• Don’t just read them!
More In-House Tips – NEVER apologize in advance of your
presentation [“I know this is boring, but . . .”]
– Shape your presentation to your style and personality, not the other way around – if you’re not good at telling jokes, DON’T!
More In-House Tips
– Know your material – be prepared for questions, including the “I’ll find out for you” kind. • Make a note of any such questions and move
on . . . And be sure to FOLLOW UP! – Remember that your audience is on your
side and wants you to do well. Relax, remember to breathe and let it flow.
Training + Policy Review
• This works for us: – At TFCU, we combine the Officials’ BSA
training session with the annual review and approval of our BSA/AML/OFAC risk assessment and policy package.
– Materials are sent out well in advance. – Training session is at the beginning of a
regular board meeting, followed by adoption of the policies.
Advantages of this Approach
• Great chance to relate training to policies – Can stimulate good questions, better
understanding by officials • Tends to lead to better informed
discussion and votes • Helps officials develop confidence in your
BSA programs
Poll Question #3
• Does your credit union combine BSA related training with review & approval of the BSA Risk Assessment and Policies? – Yes – No – Not yet, but I like the idea
Sample Presentation
• Following are some slides that I used for recent BSA Training for TFCU Officials.
• The training was conducted at the beginning of the Board’s regular meeting, with policy review/approval afterwards.
• The session was conducted in our Board Room with most officials present in person, some by phone.
Sample Presentation
• We have experienced officials – most members have some familiarity with BSA
• The session was scheduled for 15-20 minutes, plus time for questions.
Sample Presentation
• The BSA policy package, including policies, risk assessment and a transmittal letter, were sent out well in advance of the meeting, along with the training slides. – Sending the slides out in advance makes it
easier for any official attending remotely to follow along.
2015 BSA/AML/OFAC Compliance Training
For Transportation FCU Officials
Presented by Rusty Vellek, BSACS, NCCO, NCRM
TFCU Compliance Officer
The Bank Secrecy Act
The Bank Secrecy Act is a combination of statutes enacted to help in the investigation of money laundering, tax evasion, terrorist financing, and various other criminal activities.
BSA was updated by the USA PATRIOT Act in October, 2001, following the 9/11 terrorist attacks.
Topics
• Bank Secrecy Act (BSA) – including the USA PATRIOT Act [Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001]
• Member Identification Program (MIP) • Member Due Diligence (MDD) • Office of Foreign Assets Control (OFAC) • New Developments – Current Issues
Overview of BSA Programs
• Identify people as they enter the financial system
• Report large cash movements • Identify and document transactions that may
indicate money laundering or other crimes • Report suspicious activity • Create audit trail
How We comply Assess risk, establish, implement, and monitor BSA
program, including appointment of a BSA Compliance Officer, annual BSA audits, and reports to the Board of Directors.
Report and maintain records for certain currency and other transactions, such as the sale of negotiable instruments and wire transfers
Report suspicious activity, process FinCEN information requests.
Verify identity of members and maintain records of the method of verification [MIP and MDD]
Screen members for OFAC compliance Provide training for employees and volunteers
Board Responsibilities
• Review and approve BSA, OFAC and related policies and programs at least annually
• Appoint BSA/OFAC Compliance Officer
• Review periodic BSA reports
• Participate in training at least annually
Reports & Forms
CTR – Currency Transaction Report, for cash transactions in excess of $10,000. SAR – Suspicious Activity Report – confidential
reports to FinCEN. TFCU files CTR and SAR reports online, with
monthly summary reports to the Board of Directors. Negotiable instrument and wire transfer logs
are maintained in-house in our core system.
“Currency Transaction” A “Currency Transaction” is defined as any: • deposit in currency (coin or paper money). • withdrawal in currency. • exchange of currency (U.S. dollars for U.S. dollars or U.S.
dollar and foreign currency exchanges). • payment or transfer of currency by, through or to the
institution.
• A “Currency Transaction” involves the physical transfer of cash from one person or entity to another.
Reportable Transaction
• “Any currency transaction (or series of currency transactions in a single day) totaling more than $10,000, of which the financial institution has knowledge, must be reported to the federal government.”
• In determining whether a CTR is required, aggregate transactions are considered – including ATM and Shared Branch transactions.
Examples of Suspicious Activities
• Structuring transactions to avoid a CTR • Money Laundering • Counterfeit checks or plastic cards • Bribery • Misuse of Position • Check fraud • Counterfeit instrument • Computer intrusion
More Types of Suspicious Activities
• Terrorist financing • Loan Fraud [Mortgage, Consumer] • Check kiting • Credit Card fraud • Mysterious disappearance • Wire Transfer fraud • Elder Abuse • Embezzlement
Our SAR Process
• Suspicious Activity identified, referred to the BSA Compliance Officer for investigation.
• Investigation determines whether SAR is necessary or appropriate [SAR Committee].
• SAR filed electronically within 30 days [up to 60 if suspect unknown].
• Any SAR[s] filed are reported to the Board of Directors at their next meeting.
Member Identification Program (MIP)
• MIP is TFCU’s program for verifying each member’s identity – our “Know your customer” program.
• NABS –Name, Address, Birth date, and Social Security # are required.
• TFCU's Member Identification Policy is required under the USA PATRIOT Act.
Some benefits of MIP
– Reduces TFCU’s risk of losses from fraud and other crimes
– Helps protect members from Identity Theft – Makes it more difficult for terrorists and
other criminals to use the financial system
How TFCU complies with MIP
Following written policies and procedures, we: – Obtain and verify member information – Verify member’s identity using various methods – Check government lists – Keep records of identification used for verification – Provide the required USA PATRIOT Act notice in
each branch
Member Due Diligence (MDD)
• Member Due Diligence is an extension of MIP requirements, and is a part of TFCU’s BSA/AML program.
• The credit union obtains information at account opening to help us to predict normal and expected activity, and to “risk rate” new accounts.
• Due diligence aids in the prevention, detection and mitigation of fraud and other suspicious activity.
How we comply with MDD
• The process for opening a new membership or share account includes obtaining answers to predefined sets of Due Diligence questions that help us predict risk and activity for the new account.
• Questions include information about the member’s employment and income, purpose and intended use of the account and anticipated use of services.
How we comply with MDD
• MDD questions are set up and recorded in our BSA software, which assigns initial risk ratings based on the information given.
• BSA software is used to flag and monitor suspicious or unusual member account activity, with features that enable us to closely watch higher risk accounts, as well as help manage CTR and SAR reporting.
Record Retention
• All BSA-related records are retained by the Credit Union for a period of at least five years.
Violations of the BSA Compliance with all Bank Secrecy Act and related
requirements is a condition of employment at TFCU.
No employee, manager, officer, or volunteer of the Credit Union has authority to waive any BSA requirement.
There are strict penalties that may be enforced by the Department of the Treasury upon any violation of the BSA.
Employees, managers, officers, and volunteers of TFCU can be held personally liable and assessed penalties for participation in any violation -- willful acts of non-compliance are prosecuted as felonies!
Sample Penalties for non-compliance Negligence: $500 Pattern of negligence: up to $50,000 $10,000 per day for CTR’s not filed within 15 days Intentional non-compliance: up to $100,000 in civil
penalties- can be levied against individual employees and board members.
If international money laundering is evident: penalties can reach up to $1,000,000
Criminal penalties for willful non-compliance: $500,000 and up to ten years in prison.
Office of Foreign Assets Control (OFAC)
• What is OFAC? – An agency of the Treasury Department that
administers and enforces economic sanctions against hostile countries, entities, and individuals that sponsor or support terrorist activities and international drug traffickers
We cannot do transactions for anyone who falls under OFAC restrictions – unless licensed by
OFAC.
How TFCU complies To comply with the regulations and requirements
of OFAC, the Credit Union: ◦ Maintains current OFAC lists ◦ Checks all new members, joint owners, beneficiaries
and others against OFAC lists ◦ Periodically checks existing membership database
against OFAC lists ◦ Compares OFAC list against parties involved in wire
transfers, official checks made payable to third party payees, co-signers to loans without an established account relationship and new hires
◦ Trains staff regarding their responsibilities under OFAC
Current BSA Issues
• Money Service Businesses • Prepaid Access [Cards, etc.] • Bitcoin – Virtual Currencies • Services for Marijuana Businesses [legal under
state laws] NOTE: These issues have minimal impact on TFCU, since we don’t offer these products or services.
New/Pending @ TFCU
• Remote Deposit Capture – Already implemented successfully
• Shared Branching – Planning for shared branching services at TFCU
branches
• Online Account Opening – Plans include sophisticated identity verification
and fraud detection tools .
Conclusion
• Transportation Federal Credit Union continues to maintain an effective compliance program through written policy and procedures, periodic audits, and regular training for staff and volunteers.
• Going forward, TFCU continues to adapt and refine its BSA programs based on changing technologies, evolving threats and circumstances.
Sample Presentation
• If your credit union offers business accounts or services, then your training should also address such issues as MSBs, marijuana-related businesses, etc.
• Please feel free to adapt any of these slides to incorporate into your own presentations.
Questions?
Thank You!
Rusty Vellek rvellek@transfcu.org
top related