Bank Secrecy Act/OFAC
Nadine T. Whitehead
Compliance Officer
BSA/AML Program
>  The Credit Union’s BSA/AML program should
include policies and procedures for:
•  Member Identification (at the account
opening stage)
•  314(a) Information Requests
•  Suspicious Activity Reporting
•  Currency Transaction Reporting
•  Customer Due Diligence
•  Office of Foreign Assets and Controls
•  Recordkeeping Requirements
•  Risk Assessment
Board of Directors’
Responsibilities
•  Annually, reviewing and approving Credit
Union’s BSA/AML Program, including the
BSA/AML Policy and Risk Assessment.
•  Appointing the BSA/AML Compliance Officer
•  Monitoring and evaluating the effectiveness of
the Credit Union’s BSA/AML Program.
•  Providing for sufficient resources to implement
the Credit Union’s BSA/AML Program.
OVERVIEW
•  Money Laundering
•  Terrorist Financing
What is Money Laundering?
•  Money laundering is the criminal
practice of filtering ill-gotten gains or
“dirty” money through a maze or series
of transactions, so the funds are
“cleaned” to look like proceeds from legal
activity. Money laundering does not have
to involve cash at every stage of the
laundering process.
What is Money Laundering?
•  It includes an attempt to avoid BSA
reporting/recordkeeping requirements by
breaking up, or structuring a currency
transaction or purchase of monetary
instruments in amounts less than the
reporting/recordkeeping thresholds.
What is Terrorist Financing?
•  Terrorist financing is typically defined as the
funneling of legal/legitimate funds through
organizations in order to fund illegal activities.
•  A charitable organization may collect
donations under the disguise that the funds are
going to a legitimate cause. However, the funds
are used to fund terrorist organizations and
activities.
Stages of Money Laundering
•  The “placement” of currency into a
financial services institution.
•  Movement of funds from institution to
institution to hide the source and
ownership of the funds (“layering”).
•  The reinvestment of those funds in a
supposedly legitimate business or
transaction (“integration”).
OVERVIEW
•  Bank Secrecy Act
•  USA Patriot Act
•  Applicable Rules in the United
States
Bank Secrecy Act of 1970
•  The Act and subsequent amendments
were designed to:
•  Deter money laundering and the use of
secret foreign bank accounts.
•  Create an investigative “paper trail” for
currency transactions of more than $10,000,
by establishing regulatory reporting
standards and requirements (the CTR
requirement).
Bank Secrecy Act of 1970
•  Require financial institutions to report
suspicious activity.
•  Impose civil and criminal penalties for
noncompliance with its recordkeeping and
reporting requirements.
•  Improve detection and investigation of
criminal, tax, and regulatory violations.
USA Patriot Act
•  U Uniting
•  S Strengthening
•  A America by
• 
• 
• 
• 
• 
• 
• 
P Providing
A Appropriate
T Tools
R Required to
I Intercept and
O Obstruct
T Terrorism
Title III of the USA Patriot Act
•  Most comprehensive anti-money laundering
legislation since the 1970 Bank Secrecy Act.
•  Far reaching in scope and contains provisions
for combating domestic and international
money laundering and blocking terrorists’
access to the US financial system.
•  Relates to how US financial institutions
organize their money laundering compliance
function as well as their relationships with
foreign banks and FI members.
BSA/USA Patriot Act –
Key Provisions
•  Requires formal anti-money laundering
programs
•  Special due diligence for correspondent
accounts and private banking accounts
•  Cooperative efforts to deter money
laundering – allows information sharing
BSA/USA Patriot Act –
Key Provisions
•  Requires member identification
programs.
•  Financial institutions are obligated to
properly identify all members that they
establish relationships with.
USA Patriot Act Section 352
Anti-Money Laundering Program
•  Required Elements
•  Section 352 requires financial institutions
to establish Anti-Money Laundering
(AML) programs that include:
•  Development of internal policies, procedures
and controls.
•  Designation of a compliance officer.
USA Patriot Act Section 352
Anti-Money Laundering Program
•  Training program for Directors, Officers
and Employees
•  Independent testing of the AML program
and Compliance Department (SelfAssessments)
•  Reporting to the Board
USA Patriot Act
•  Customer/Member Identification
Program (CIP)
•  The CIP must be incorporated into the
credit union’s anti-money laundering
compliance program.
•  Verify the identity of any person seeking to
open an account
•  An account is the formal relationship used
for credit union services.
USA Patriot Act
>  Deposit Accounts
>  Transaction or asset accounts
>  Extensions of credit
>  Safety deposit or other safekeeping services
>  Cash management, custodian, and trust services
•  Know your customer.
Suspicious Activity Monitoring
•  All credit unions must have an automated
AML monitoring or manual monitoring
system.
•  Establish a reasonable program based on the
size and complexity of the credit union.
•  A SAR must be filed no later than 30 calendar
days after the date of initial “detection” of facts
that may constitute a basis for filing a SAR.
Suspicious Activity Filing
Requirements
•  All financial institutions operating in the
United States including insured credit
unions are required to file a Suspicious
Activity Report (“SAR”) upon the
discovery of any of the following:
Insider abuse involving any amount;
Suspicious Activity Filing
Requirements
•  Known or suspected federal criminal violations
committed against or through the credit union
aggregating $5,000 or more where a suspect can be
identified;
•  Know or suspected federal criminal violations
aggregating $25,000 or more committed against or
through the credit union regardless of a potential
suspect; and
•  Transactions aggregating $5,000 or more that
involve potential money laundering or violations of
the BSA if the credit union suspects criminal
activities.
Suspicious Activity Reporting
•  Willful blindness is ignoring or avoiding
information that could have led to the
discovery of unlawful activity or
deliberately choosing not to follow up on
suspicious.
•  Willful blindness of suspicious activity
can result in a violation of the BSA/USA
Patriot Act.
Suspicious Activity Reporting
•  Important Provisions:
•  The Credit Union, its directors, officers, and
employees are prohibited by law from
notifying any person, or entity that is
involved in the transaction that a Suspicious
Activity Report was filed.
•  The “Safe Harbor” clause protects the credit
union as long as the credit union makes a
good faith effort to investigate, document,
and maintain the evidence to the SAR filing.
Timely Notification is Critical
•  A SAR must be filed within 30 days after
suspicious activity is detected. It is
critical that potentially suspicious activity
is promptly reported to the Compliance
Department.
•  Provide as much information as possible.
Currency Transaction Reporting
CTR
•  Each credit union must file a report of each
transaction in currency of more than $10,000 to
the Federal government.
•  There must be a physical transfer of currency
from on person to another.
•  Multiple currency transactions taking place on
the same business day are treated as a single
transaction if the credit union has knowledge
that they are for the same person.
CTR Filing Requirements
•  Reportable currency transactions must
be reported on a FinCEN Currency
Transaction Report.
•  If structuring is detected or suspected,
and the multiple transactions conducted
on the same business day exceed $10,000,
when aggregated, a CTR must be filed.
•  A SAR should also be filed to report the
structuring.
Customer Due Diligence
•  A firm Customer Due Diligence (CDD)
program will provide the framework that
enables an institution to comply with
regulatory requirements and to report
suspicious activities.
•  The concept of “customer due diligence”
is not explicitly defined so that each
institution can adapt procedures best
suited for its own operations.
Customer Due Diligence
•  An effective CDD program should, at a
minimum, contain a clear statement of
management’s overall expectations and
establish specific staff responsibilities,
including who is responsible for
reviewing or approving changes to a
member’s risk rating or profile.
Customer Due Diligence
•  An effective CDD program should, at a
minimum, contain a clear statement of
management’s overall expectations and
establish specific staff responsibilities,
including who is responsible for
reviewing or approving changes to a
member’s risk rating or profile.
Recordingkeeping Requirements
•  The BSA Act requires credit unions to
obtain and preserve certain records for
potential examination by the credit
union’s regulators, law enforcement and/
or other government agency.
•  Required records must be retained for a
period of five years and must be
accessible with a reasonable period of
time.
Risk Assessment
•  Risk Assessment is the key to success in
the BSA/AML examination.
•  Credit union management has the
responsibility to evaluate products,
services, clients, entities and geographic
markets to identify circumstances that
expose the credit union for greater risk in
money laundering, terrorist financing, or
other fraud schemes.
Office of Foreign Assets Control
•  OFAC, a division of the US Department
of the Treasury, administers and enforces
economic and trade sanctions based on
US foreign policy and national security
goals against targeted foreign countries,
terrorists, international narcotics
traffickers, and those engaged in
activities related to the proliferation of
weapons of mass destruction.
Credit Union’s Responsibilities
•  The credit union should ensure that it
does not conduct transactions with
individuals, entities and countries
sanctioned by OFAC.
•  The credit union can use automated or
manual screening software or a website
to check for OFAC matches.
Penalties
•  May impose corporate fines of up to $1
million and individual fines of up to
$100,000
•  Up to 12 years in prison per incident for
willful violations
•  Civil penalties of up to $250,000 per
incident
•  OFAC has imposed millions in fines in
recent years.
Contact Information
Nadine T. Whitehead
Compliance Officer
[email protected]
336-217-4915
800-585-5317 ext. 3246