Topic: Bank Secrecy Act & Anti-Money Laundering (BSA/AML)
-
On the advice of our internal auditor, we recently updated our BSA policy to provide our response to a discovery of an ACH transaction that is connected to unlawful internet gambling. How can we detect these ACH transactions? Does NACHA provide any guidance?
—
by
We are not aware of any specific guidance from NACHA on identifying ACH transactions involving illegal gambling. Regulation GG itself includes examples of policies and procedures to identify illegal gambling transactions, which include due diligence on commercial customers to determine the risk that the customer will engage in internet gambling and notification that your bank…
-
Now that the nonbank ATM registration requirements have been repealed, should we change our BSA risk or monitoring procedures for customers that own nonbank ATMs?
—
by
No, we do not recommend changing your current BSA and monitoring practices for customers that own nonbank ATMs. These customers are no longer required to file statements of ownership with the Illinois Department of Financial Regulation (IDFPR), but this should not affect your bank’s risk assessment of these customers. If your bank has determined that…
-
We plan to start allowing business customers to transfer funds via ACH, both for business-to-business transfers and intra-business transfers. Are there any special risks when customers transfer funds to their accounts at other banks by ACH transfer? We will attempt to control risk by requiring that transfers be prefunded. Are there any BSA/AML activity monitoring concerns or special issues with ACH, particularly as to fraudulent transactions?
—
by
We are not aware of any BSA/AML monitoring issues that are unique to inter-company or intra-company ACH transfers to accounts at other banks. While such ACH credit and debit transactions could result in some exposure for your institution for money laundering or fraudulent transactions, these risks would be reduced considerably by requiring your customers to…
-
What are the required retention periods for drawer counts and cash in and cash out tickets?
—
by
In some cases, these records will be subject to FinCEN’s five year record retention requirement for certain deposit account records. For example, the five year retention requirement applies to “each statement, ledger card or other record on each deposit or share account, showing each transaction in, or with respect to, that account” and to records “which would…
-
One of our business customers is a law firm that is opening an office in another state. The law firm established a new LLC for the new office in the other state, and the LLC wants to open a checking account at our bank. Our account opening procedures require us to check that business customers have appropriate business registrations in place. Does the foreign LLC need to register in Illinois, even if it will not be transacting business in Illinois?
—
by
Whether a foreign LLC is “transacting business” in Illinois and therefore required to register with the Secretary of State is a highly fact-specific question, particularly with respect to a multi-state law firm; notably, this question also raises tax issues in some states. Fortunately, this is a question for the law firm and not for your…
-
We have a potential customer who is interested in opening a Series LLC account that would consist of a master account with several sub-accounts. What are the requirements for these types of accounts?
—
by
Although series accounts may create certain BSA/AML challenges for your institution, they are permissible in Illinois, and we are not aware of any specific requirements or restrictions for opening these accounts. However, from the customer’s perspective, series LLC accounts may not be advisable. To maintain liability protection, each series LLC must be treated as a…
-
How long should we retain records for customer payroll processing through the ACH system?
—
by
FinCEN’s Bank Secrecy Act regulations require you to retain deposit account statements for five years after they are created. The NACHA rules require participating depository financial institutions to “retain a Record of each Entry for six years from the date the Entry was Transmitted, except as otherwise expressly provided in these Rules.” Finally, the period…
-
What is required under the Customer Identification Program (CIP) rules for a user of a business credit card? We have been getting push back from the employee users of business credit cards because they do not want to provide their name, address, date of birth, and driver’s license number. Are we required to obtain this information from them?
—
by
No, we do not believe that the CIP rules require your organization to collect identifying information for every individual who uses a business credit card. However, we believe that your bank is permitted to obtain identifying information from such individuals in certain situations described below. The CIP rules require that you collect certain identifying information…
-
We have a new business customer that plans to open a deposit account with a 40 million dollar wire transfer. Presuming that the wire transfer is coming from a U.S.-based bank on U.S. soil, what type of information should I obtain about the origin of account funds?
—
by
We are not aware of any law, regulation or guidance that requires you to obtain specific information about the source of a corporate customer’s funds at an account opening. However, if as part of your BSA/AML customer due diligence procedures you determine that this customer presents a higher risk of money laundering or terrorist financing…