BSA Reports & Training for CU Officials Presented by Rusty - - PowerPoint PPT Presentation

BSA Reports & Training for CU Officials

Presented by Rusty Vellek NCCO, NCRM, BSACS Compliance Officer Transportation FCU

Disclaimer

I am not an attorney. Nothing in this presentation should be construed as legal advice. Instead, we’ll discuss some more practical aspects of BSA reports and training for officials.

Topics We Will Discuss

• Responsibilities under BSA:

– Board of Directors, Management & Staff – Supervisory Committee

• Reporting to the Board of Directors (or

designated committee).

Topics We Will Discuss

• Training for Officials:

– Differences between training Staff & Officials – In house training vs. other alternatives – Combining Board training with policy reviews – Sample training presentation slides

Poll Question #1a,1b

• Does your credit union separate BSA

training for officials from training for staff?

– Yes – No

• Is the Supervisory Committee included in

BSA training?

– Yes – No

• Review and approve BSA and OFAC

policies (generally annually).

• Appoint BSA/OFAC Compliance Officer(s)

and ensure that adequate resources are provided.

• Review periodic BSA reports.
• Participate in training (generally annually).

Board Responsibilities

Mgmnt/Staff/Supervisory Comm

• Management & Staff are generally

responsible for executing Board-approved BSA/OFAC programs.

• The BSA/OFAC Compliance Officer(s)

should have specific responsibility and authority under the policies.

• Supervisory Committee responsibility as

part of their general oversight function.

Reporting to your Board

• Regulatory requirements are fairly general

– NCUA Rules and Regulations Part 748.1(c)(4) requires that: “The management of the credit union must promptly notify its board of directors, or a committee designated by the board of directors to receive such notice, of any SAR filed.”

When to report SAR filings

“. . . must promptly notify . . .” is generally

interpreted to mean at the next monthly meeting of the Board (or committee).

How Much to Report?

• The regulations are not very specific in this

regard

• Caution: SAR filings and investigations

are strictly confidential -- keep this in mind when preparing your reports.

– Especially important if suspect is an official, employee, friend or relative – you must not tip them off.

If suspect is a director . . .

• The suspect may not be notified of the

SAR filing or investigation, but the other directors or committee members must still be notified.

• How you handle that would depend in

large part on the particular situation at your credit union.

What we do at TFCU

• We have a standard monthly report

template that includes:

– Number of CTR filings for the month & YTD – Number of SAR filings for the month & YTD – A brief summary sentence or two describing any SARs filed, leaving out names, account numbers or other identifying information

SAR Description Samples

• Member made cash withdrawals of $5,000

each [totaling $30,000] on six consecutive business days. [Structuring]

• The member tried to negotiate a fraudulent

“Certified Check” drawn on a Federal Reserve Bank. [Check Fraud/Counterfeit Check]

Other Reports to the Board

• BSA/AML/OFAC Risk Assessment(s) &

Policies

• You should also provide your board with

additional reports as needed to keep them informed of new developments or changes to your BSA programs, regulations, risk parameters, etc.

Training for Officials

Some Training Objectives

• Meet regulatory requirements [this should

really be last]

• Educate officials about BSA requirements

in general, and their responsibilities in particular

• Inform officials about your programs,

strengths and areas for improvement, any resource needs (get their support!)

Board vs. Staff Training

• Generally, your Staff needs more specific,

detailed technical training – the “how-to” practices suited to their roles.

• Most officials do not need or want to be

involved with that level of detail.

Officials vs. Staff Training

• The Board needs a good understanding of

BSA and related laws and regulatory requirements in order to ensure that they – and the credit union – are fulfilling their responsibilities under BSA.

• Including the Supervisory Committee

helps ensure that everyone is “on the same page.”

• Review and approve BSA and OFAC

policies.

• Appoint BSA/OFAC Compliance Officer(s)

and ensure that adequate resources are provided.

• Review periodic BSA reports.
• Participate in training.

Board Responsibilities

Some Training Options

• Live in-house training vs. alternatives:

– On-line training (in-house or outside) – NAFCU or other association training events – Outside consultants, instructors – Combinations of the above

• Plenty of resources available:

– NAFCU, FinCEN, NCUA, etc.

How to decide?

• Factors guiding how you approach Board

training may include:

– Your credit union’s size, FOM, risk profile, complexity of operations – Your credit union’s culture – Board and management structure and preferences – Their previous BSA training – Your training objectives – To quiz or not to quiz . . .

Poll Question #2

• How does your credit union conduct

BSA training for officials?

–On-line training –Outside training events –In house using outside presenter –In house presented by staff –Combination of methods

In-House Training Tips

• Some tips if you are going to conduct

training for your Officials in house:

–Define your specific training objectives. In addition to those already mentioned, for example:

• Do you need approval for new program or

policy changes?

• Any particular issues to address, resolve?
• Any audit or exam findings?

More In-House Tips

–Consider the time allotted – an agenda item at a Board meeting vs. separate session. –Consider the size of the group, location.

More In-House Tips

–Use of PowerPoint slides

• Keep them brief
• Avoid a lot of clutter, fancy graphics or

effects – those mostly just distract from the material

• Don’t just read them!

More In-House Tips

–NEVER apologize in advance of your presentation [“I know this is boring, but . . .”] –Shape your presentation to your style and personality, not the other way around – if you’re not good at telling jokes, DON’T!

More In-House Tips

– Know your material – be prepared for questions, including the “I’ll find out for you” kind.

• Make a note of any such questions and move
• n . . . And be sure to FOLLOW UP!

– Remember that your audience is on your side and wants you to do well. Relax, remember to breathe and let it flow.

Training + Policy Review

• This works for us:

– At TFCU, we combine the Officials’ BSA training session with the annual review and approval of our BSA/AML/OFAC risk assessment and policy package. – Materials are sent out well in advance. – Training session is at the beginning of a regular board meeting, followed by adoption

• f the policies.

Advantages of this Approach

• Great chance to relate training to policies

– Can stimulate good questions, better understanding by officials

• Tends to lead to better informed

discussion and votes

• Helps officials develop confidence in your

BSA programs

Poll Question #3

• Does your credit union combine BSA

related training with review & approval of the BSA Risk Assessment and Policies?

–Yes –No –Not yet, but I like the idea

Sample Presentation

• Following are some slides that I used for

recent BSA Training for TFCU Officials.

• The training was conducted at the

beginning of the Board’s regular meeting, with policy review/approval afterwards.

• The session was conducted in our Board

Room with most officials present in person, some by phone.

Sample Presentation

• We have experienced officials – most

members have some familiarity with BSA

• The session was scheduled for 15-20

minutes, plus time for questions.

Sample Presentation

• The BSA policy package, including

policies, risk assessment and a transmittal letter, were sent out well in advance of the meeting, along with the training slides.

– Sending the slides out in advance makes it easier for any official attending remotely to follow along.

2015 BSA/AML/OFAC Compliance Training

For Transportation FCU Officials

Presented by Rusty Vellek, BSACS, NCCO, NCRM TFCU Compliance Officer

The Bank Secrecy Act

 The Bank Secrecy Act is a combination of statutes enacted to help in the investigation of money laundering, tax evasion, terrorist financing, and various other criminal activities.  BSA was updated by the USA PATRIOT Act in October, 2001, following the 9/11 terrorist attacks.

Topics

• Bank Secrecy Act (BSA) – including the USA

PATRIOT Act [Uniting and Strengthening America by

Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001]

• Member Identification Program (MIP)
• Member Due Diligence (MDD)
• Office of Foreign Assets Control (OFAC)
• New Developments – Current Issues

Overview of BSA Programs

• Identify people as they enter the financial

system

• Report large cash movements
• Identify and document transactions that may

indicate money laundering or other crimes

• Report suspicious activity
• Create audit trail

How We comply

 Assess risk, establish, implement, and monitor BSA program, including appointment of a BSA Compliance Officer, annual BSA audits, and reports to the Board of Directors.  Report and maintain records for certain currency and other transactions, such as the sale of negotiable instruments and wire transfers  Report suspicious activity, process FinCEN information requests.  Verify identity of members and maintain records of the method of verification [MIP and MDD]  Screen members for OFAC compliance  Provide training for employees and volunteers

Board Responsibilities

• Review and approve BSA, OFAC and related

policies and programs at least annually

• Appoint BSA/OFAC Compliance Officer
• Review periodic BSA reports
• Participate in training at least annually

Reports & Forms

• CTR – Currency Transaction Report, for cash

transactions in excess of $10,000.

• SAR – Suspicious Activity Report – confidential

reports to FinCEN.

• TFCU files CTR and SAR reports online, with

monthly summary reports to the Board of Directors.

• Negotiable instrument and wire transfer logs

are maintained in-house in our core system.

“Currency Transaction”

A “Currency Transaction” is defined as any:

• deposit in currency (coin or paper money).
• withdrawal in currency.
• exchange of currency (U.S. dollars for U.S. dollars or U.S.

dollar and foreign currency exchanges).

• payment or transfer of currency by, through or to the

institution.

• A “Currency Transaction” involves the physical transfer
• f cash from one person or entity to another.

Reportable Transaction

• “Any currency transaction (or series of currency

transactions in a single day) totaling more than $10,000, of which the financial institution has knowledge, must be reported to the federal government.”

• In determining whether a CTR is required,

aggregate transactions are considered – including ATM and Shared Branch transactions.

Examples of Suspicious Activities

• Structuring transactions to avoid a CTR
• Money Laundering
• Counterfeit checks or plastic cards
• Bribery
• Misuse of Position
• Check fraud
• Counterfeit instrument
• Computer intrusion

More Types of Suspicious Activities

• Terrorist financing
• Loan Fraud [Mortgage, Consumer]
• Check kiting
• Credit Card fraud
• Mysterious disappearance
• Wire Transfer fraud
• Elder Abuse
• Embezzlement

Our SAR Process

• Suspicious Activity identified, referred to the

BSA Compliance Officer for investigation.

• Investigation determines whether SAR is

necessary or appropriate [SAR Committee].

• SAR filed electronically within 30 days [up to

60 if suspect unknown].

• Any SAR[s] filed are reported to the Board of

Directors at their next meeting.

Member Identification Program (MIP)

• MIP is TFCU’s program for verifying each member’s

identity – our “Know your customer” program.

• NABS –Name, Address, Birth date, and Social

Security # are required.

• TFCU's Member Identification Policy is required

under the USA PATRIOT Act.

Some benefits of MIP

–Reduces TFCU’s risk of losses from fraud and other crimes –Helps protect members from Identity Theft –Makes it more difficult for terrorists and

• ther criminals to use the financial system

How TFCU complies with MIP

Following written policies and procedures, we: – Obtain and verify member information – Verify member’s identity using various methods – Check government lists – Keep records of identification used for verification – Provide the required USA PATRIOT Act notice in each branch

Member Due Diligence (MDD)

• Member Due Diligence is an extension of MIP

requirements, and is a part of TFCU’s BSA/AML program.

• The credit union obtains information at account
• pening to help us to predict normal and expected

activity, and to “risk rate” new accounts.

• Due diligence aids in the prevention, detection and

mitigation of fraud and other suspicious activity.

How we comply with MDD

• The process for opening a new membership or

share account includes obtaining answers to predefined sets of Due Diligence questions that help us predict risk and activity for the new account.

• Questions include information about the

member’s employment and income, purpose and intended use of the account and anticipated use of services.

How we comply with MDD

• MDD questions are set up and recorded in our

BSA software, which assigns initial risk ratings based on the information given.

• BSA software is used to flag and monitor

suspicious or unusual member account activity, with features that enable us to closely watch higher risk accounts, as well as help manage CTR and SAR reporting.

Record Retention

• All BSA-related

records are retained by the Credit Union for a period of at least five years.

Violations of the BSA

 Compliance with all Bank Secrecy Act and related requirements is a condition of employment at TFCU.  No employee, manager, officer, or volunteer of the Credit Union has authority to waive any BSA requirement.  There are strict penalties that may be enforced by the Department of the Treasury upon any violation

• f the BSA.

 Employees, managers, officers, and volunteers of TFCU can be held personally liable and assessed penalties for participation in any violation -- willful acts of non-compliance are prosecuted as felonies!

Sample Penalties for non-compliance

 Negligence: $500  Pattern of negligence: up to $50,000  $10,000 per day for CTR’s not filed within 15 days  Intentional non-compliance: up to $100,000 in civil penalties- can be levied against individual employees and board members.  If international money laundering is evident: penalties can reach up to $1,000,000  Criminal penalties for willful non-compliance: $500,000 and up to ten years in prison.

Office of Foreign Assets Control (OFAC)

• What is OFAC?

– An agency of the Treasury Department that administers and enforces economic sanctions against hostile countries, entities, and individuals that sponsor or support terrorist activities and international drug traffickers We cannot do transactions for anyone who falls under OFAC restrictions – unless licensed by OFAC.

How TFCU complies

 To comply with the regulations and requirements

• f OFAC, the Credit Union:
• Maintains current OFAC lists
• Checks all new members, joint owners, beneficiaries

and others against OFAC lists

• Periodically checks existing membership database

against OFAC lists

• Compares OFAC list against parties involved in wire

transfers, official checks made payable to third party payees, co-signers to loans without an established account relationship and new hires

• Trains staff regarding their responsibilities under

OFAC

Current BSA Issues

• Money Service Businesses
• Prepaid Access [Cards, etc.]
• Bitcoin – Virtual Currencies
• Services for Marijuana Businesses [legal under

state laws]

NOTE: These issues have minimal impact on TFCU, since we don’t offer these products or services.

New/Pending @ TFCU

• Remote Deposit Capture

– Already implemented successfully

• Shared Branching

– Planning for shared branching services at TFCU branches

• Online Account Opening

– Plans include sophisticated identity verification and fraud detection tools .

Conclusion

• Transportation Federal Credit Union continues

to maintain an effective compliance program through written policy and procedures, periodic audits, and regular training for staff and volunteers.

• Going forward, TFCU continues to adapt and

refine its BSA programs based on changing technologies, evolving threats and circumstances.

Sample Presentation

• If your credit union offers business

accounts or services, then your training should also address such issues as MSBs, marijuana-related businesses, etc.

• Please feel free to adapt any of these

slides to incorporate into your own presentations.

Questions?

Thank You!

Rusty Vellek

rvellek@transfcu.org