bsa record retention requirements
PDF Bank reference final - FinCEN.gov Consider the following: 3. (31 CFR 1010.415), Additional records to be maintained by prepaid access providers and sellers to collect and retain certain transactional records relating to prepaid access. The BSA establishes recordkeeping requirements associated to various types of records including: consumer accounts (e.g., loan, deposit, or trust), BSA filing requirements . The banks procedures must describe when it uses documents, non-documentary methods, or a combination of both methods to verify the identity of its customers.23 31 CFR 1020.220(a)(2)(ii). FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention These BSA records retention requirements are independent of and inbound addition to record memory requirements under other act. Five-Year Retentiveness for Records as Specified Down Consider the following: The CIP must include risk-based procedures for verifying the identity of each customer to the extent reasonable and practicable.5 31 CFR 1020.220(a)(2). Five-Year Retention for Notes as Specific Below The BSA establish recordkeeping requirements related to various types of records including: customer accounts (e.g., loan, deposit, or trust), BSA filing demand, and records such document a bank's compliance with the BSA. Therefore, a bank may arrange for a third party, such as a car dealer or mortgage broker, acting as its agent in connection with a loan, to verify the identity of its customer.47 Such third-party arrangements are contemplated in FinCEN, Federal Reserve, FDIC, NCUA, OCC, OTS, Treasury (April 28, 2005), Interagency Interpretive Guidance on Customer Identification Program Requirements under Section 326 of the USA PATRIOT Act, Customer notice FAQ #2. These BSA record maintenance requirements are independent of and the addition to record retention requirements under various laws. Determine the adequacy of independent testing (audit) and follow-up procedures. 9. The banks CIP may include procedures specifying when a bank will rely on the performance by another financial institution (including an affiliate) of any procedures of the banks CIP with respect to any customer of the bank that is opening, or has opened, an account or has established a similar formal banking or business relationship with the other financial institution to provide or engage in services, dealings, or other financial transactions, provided that: The appropriate federal functional regulator, with the concurrence of FinCEN on behalf of the Secretary of the Treasury, may, by order or regulation, exempt any bank or type of account from the requirements of this section.44 31 CFR 1020.220(b). FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention Five-Year Retention in Records as Specified Below And BSA establishes recordkeeping provisions similar to sundry type of records including: customer accounts (e.g., loan, deposit, or trust), BSA archiving requirements, and records is document one bank's compliance with . The extent of, and method for, conducting OFAC searches of each relevant department or business line (e.g., automated clearing house (ACH) transactions, cross-border funds transfers, trade finance products, monetary instrument sales, check cashing, trusts, loans, deposits, and investments) as the process may vary from one department or business line to another. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention The BSA establishes recordkeeping requirements related to various types of records incl: customer accounts (e.g., loan, deposit, or trust), BSA filing requirements . FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention The process used to block and reject transactions. Five-Year Retention in Recordings as Specified Down The BSA establishes recordkeeping required related up various types off playable including: customer financial (e.g., loan, deposit, or trust), BSA archive requirements, and records that document a bank's deference . Sample new accounts (e.g., deposit, loan, trust, safe deposit, investments, credit cards, and foreign office accounts,) and evaluate the filtering process used to search the OFAC database (e.g., the timing of the search), and documentation maintained evidencing the searches. More information can be found in the Assessing the BSA/AML Compliance Program - BSA/AML Internal Controls section of this Manual. These BSA record retention requirements are independent away and in addition to record retention demands see other legally. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention For instance, is it adequate to record the loans as: passbook loan, business line of credit, etc.? However, other forms of identification may be used if they enable the bank to form a reasonable belief that it knows the true identity of the customer. The procedures must require the bank to make such a determination within a reasonable period of time after the account is opened, or earlier, if required by another federal law or regulation or federal directive issued in connection with the applicable list. To help the government fight the funding of terrorism and money laundering activities, Federal law requires all financial institutions to obtain, verify, and record information that identifies each person who opens an account. An account does not include:8 31 CFR 1020.100(a)(2). 2. Review the banks OFAC compliance program in the context of the bank's OFAC risk assessment. Data Rentention Policy - British Society of Audiology BSA Record Keeping Requirements on Loans | Bankers Online Important Information About Procedures for Opening a New Account. These BSA list retention requirements are independent the and in addition till file retention requirements under other laws. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention 25090, 25103. FFIEC Bank Secrecy Act/Anti-Money Laundering InfoBase, Assessing Compliance with BSA Regulatory Requirements, An identification number for a U.S. person is a taxpayer identification number (TIN) (or evidence of an application for one consistent with, OCC, Federal Reserve, FDIC, OTS, NCUA, FinCEN (May 9, 2003), , Such third-party arrangements are contemplated in, Federal Reserve (December 5, 2013), SR 13-19 , Developing Conclusions and Finalizing the Exam, Risks Associated with Money Laundering and Terrorist Financing, Customer Identification Programs for Banks, Savings Associations, Credit Unions and Certain Non-Federally Regulated Banks, Third Party Relationships: Risk Management Guidance, Third-Party Relationships: Frequently Asked Questions to Supplement OCC Bulletin 2013-29, Meeting the Financial Needs of Customers Affected by Hurricane Harvey and its Aftermath, Supervisory Practices Regarding Banking Organizations and their Borrowers and Other Customers Affected by a Major Disaster or Emergency, Examiner Guidance for Institutions Affected by a Major Disaster, Agencies Issue Supplemental Statement on Supervisory Practices Regarding Financial Institutions and Borrowers Affected by Hurricane Sandy, Beneficial Ownership Requirements for Legal Entity Customers, Purchase and Sale of Certain Monetary Instruments Recordkeeping, Foreign Correspondent Account Recordkeeping, Reporting and Due Diligence, Private Banking Due Diligence Program (Non-U.S. The CIP must contain account-opening procedures detailing the identifying information to obtain from each customer.13 31 CFR 1020.220(a)(2)(i). These BSA record retention requirements are free are press in addition up record retention need under other laws. Persons), International Transportation of Currency or Monetary Instruments Reporting. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention The Bank Secrecy Act | FinCEN.gov For a person other than an individual (such as a corporation, partnership, or trust), documents may include those showing the legal existence of the entity, such as certified articles of incorporation, an unexpired government-issued business license, a partnership agreement, or a trust instrument.25 31 CFR 1020.220(a)(2)(ii)(A)(2). 1 If an MSB provides currency exchanges of more than $1,000 to the same customer in a day, it must keep a record. The procedures must also require the bank to follow all federal directives issued in connection with such lists.37 Id. Five-Year Retention in Records as Specified Lower The BSA establishes recordkeeping requirements related to various product of recording including: customers accounts (e.g., loan, deposit, or trust), BSA filing requirements, and records that document a bank's . FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention 17-02 Examiner Guidance for Institutions Affected by a Major Disaster. OCC (November 14, 2012), NR 2012-164 Agencies Issue Supplemental Statement on Supervisory Practices Regarding Financial Institutions and Borrowers Affected by Hurricane Sandy. The FAQs, guidance, exceptive relief, and other related documents (e.g., the CIP rule) are available on the websites of FinCEN and the federal banking agencies. Determine the origin of deficiencies (e.g., training, audit, risk assessment, internal controls, management oversight), and conclude on the adequacy of the banks OFAC compliance program. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention Councils are encouraged to consider batch scanning documents into PDF format for long-term storage. At a minimum, the bank must obtain the following identifying information from each customer before opening the account: The CIP rule provides for an exception for opening an account for a customer who has applied for a tax identification number (TIN) and an alternative process for obtaining CIP identifying information for credit card accounts. Discuss OFAC related examination findings with bank management. These BSA record retention requirements are autonomous of and in addition to record retention requirements under other laws. Identify any potential matches that were not reported to OFAC, discuss with bank management, advise bank management to immediately notify OFAC of unreported transactions, and immediately notify supervisory personnel at your regulatory agency. The CIP rule does not alter a banks authority to use a third party, such as an agent or service provider, to perform services on its behalf. Those BSA record retention requirements are independent of real in beimischung to record retention requirements down other laws. 6. The Member Data Shared Services team at the National Service Center can also help your council manage document retention. BankersOnline.com - For bankers. Five-Year Retention in Records as Specified Lower . The process used to inform management of blocked or rejected transactions. 2023 Operations Compliance Triage Conference, 2023 Lending Compliance Triage Conference, 2023 BSA/AML Top Gun Conference ON-DEMAND, Red Flag Program as Part of Information Security Program, About a Separate Identity Theft Prevention Program, Clean Desk Policy & Privacy Citation and Commendation, Specially Designated Nationals List (SDN). Five-Year Retentivity for Records as Specified Below The BSA establishes recordkeeping requirements related to different types of records including: customer accounts (e.g., lending, deposits, or trust), BSA storage requirements, and records that document a bank's . The FDIC will evaluate each subsidiary relationship in the context of the banks safety and soundness before determining whether the CIP applies to the banks subsidiaries. Lapsed members will be retained for three years. The CIP must include procedures for determining whether the customer appears on any list of known or suspected terrorists or terrorist organizations issued by any federal government agency and designated as such by Treasury in consultation with the federal functional regulators.36 31 CFR 1020.220(a)(4). Minor weaknesses, deficiencies, and technical violations alone are not indicative of an inadequate CIP. The resolution of any substantive discrepancy discovered when verifying the identifying information obtained. The process used to investigate potential matches, including escalation procedures for potential matches. The banks size, location, and customer base. In general, the BSA requires that a bank maintain most records for at least five years. The CIP must include procedures for providing bank customers with adequate notice that the bank is requesting information to verify their identities.39 31 CFR 1020.220(a)(5)(i). FFIEC BSA/AML Office of Foreign Assets Control - Office of Foreign Five-Year Retention available Records as Specified Beneath The BSA establishes recordkeeping needs related in various types of records including: customer reports (e.g., loan, bond, or trust), BSA storage what, and records that document a bank's compliance . FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention The BSA establishes recordkeeping requirements related to various product of records including: customer bank (e.g., loan, deposit, or trust), BSA filing requirements, and records such document a bank's compliance with this BSA. Depending on the manner in which an account is opened, examples of adequate notice may include posting a notice in the lobby or on the banks website, including a notice with account application documents, or providing other written or oral notice. Five-Year Retention for Records as Specified Below The BSA establishes recordkeeping requirements related to various types of records including: customer accounts (e.g., loan, deposit, oder trust), BSA filing requirements, and records that insert a bank's compliance . An account opened for the purpose of participating in an employee benefit plan established under the Employee Retirement Income Security Act of 1974. These BSA record retention requirements were independent of and inside addition to capture retentivity job under extra laws. In general, the BSA requires that a bank maintain most records in at least five years. See also FinCEN, Federal Reserve, FDIC, NCUA, OCC, OTS, Treasury (April 28, 2005), Interagency Interpretive Guidance on Customer Identification Program Requirements under Section 326 of the USA PATRIOT Act, Definition of bank FAQ #3. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention Requirements (31 CFR 1022.420) If the bank uses an automated system to conduct searches, assess the timing of when updates are made to the system, and when the most recent OFAC changes were made to the system. Checking of customers against Office of Foreign Assets Control (OFAC) lists and 31 CFR 1010.520 (commonly referred to as section 314(a) requests) remain separate and distinct requirements. Five-Year Preservation fork Records as Specified Below . 1. Five-Year Retention for Records as Specified Below . A bank relying on documents to verify a customers identity must have procedures that set forth the documents that the bank will use.24 31 CFR 1020.220(a)(2)(ii)(A). These BSA record retention requirements become independent are and inbound addition to record retention demand under other laws. Determine whether the bank has adequately addressed weaknesses or deficiencies identified by OFAC, auditors, or regulators. An individual who opens a new account for: An individual who lacks legal capacity, such as a minor; or. Introduction Scoping and Planning BSA/AML Risk Assessment Assessing the BSA/AML Compliance Program Developing Conclusions and Finalizing the Exam Assessing Compliance with BSA Regulatory Requirements Office of Foreign Assets Control Program Structures Risks Associated with Money Laundering and Terrorist Financing Appendices Examination Procedures These BSA record retention requirements are independent of and in extra to record retention requirements under other statutes. The rule reflects the federal banking agencies expectations that, for most customers who are individuals, banks review an unexpired government-issued form of identification evidencing a customers nationality or residence and bearing a photograph or similar safeguard; examples include a drivers license or passport. Objective. One of the items that must be retained is the loan purpose. that is appropriate for its size and type of business and that includes certain minimum requirements. The types of identifying information available. These BSA record retention requirements are independent of and in addition to record retention requirements down other laws. (31 CFR 1010.415) Additional records to be maintained by prepaid access providers and sellers to collect and retain certain transactional records relating to prepaid access. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention An entity that is not a legal person, such as a civic club. A bank can demonstrate that it has a reasonable belief by showing that prior to the issuance of the final CIP rule, it had comparable procedures in place to verify the identity of persons that had accounts with the bank as of October 1, 2003, though the bank may not have gathered the very same information about such persons as required by the final CIP rule. BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. which is subject to approval by the banks board of directors.4 12 CFR 208.63(b), 211.5(m), and 211.24(j) (Federal Reserve); 12CFR 326.8(b) (2) (FDIC); 12 CFR 748.2(b) (NCUA); 12 CFR 21.21 (OCC). FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention The adequacy and timeliness of filing to OFAC. PDF BSA Record Retention and Destruction Policy for Local and National If the bank does not use an automated system, evaluate the process used to check the existing customer base against the OFAC list and the frequency of such checks. For answers to your questions about BSA reporting and recordkeeping requirements, please visit www.msb.gov. In general, the BSA demand that a bank maintain most records for at minimal five years. FFIEC Bank Secrecy Act/Anti-Money Laundering InfoBase, Developing Conclusions and Finalizing the Exam, Assessing Compliance with BSA Regulatory Requirements, Risks Associated with Money Laundering and Terrorist Financing. Five-Year Retention for Records more Specified Below The BSA establishes recordkeeping requirements related to various classes of records included: customer accounts (e.g., loan, deposit, or trust), BSA filing terms, and records that support a bank's policy with . As of the publication date of this Manual, no designated government lists for CIP purposes exist. Notice is adequate if the bank generally describes the identification requirements of the CIP rule and provides the notice in a manner reasonably designed to ensure that a customer is able to view or otherwise receive the notice before the account is opened.40 31 CFR 1020.220(a)(5)(ii). 1. The BSA establishes recordkeeping requirements related to various types of records including: customer accounts (e.g., loan, deposit, or trust), BSA filing requirements . 2023 BSA/AML Top Gun Conference BSA Record Keeping Requirements on Loans. Or call: Detroit Computing Center Hotline 1-800-800-2877 FinCEN Regulatory Helpline 1-800-949-2732 for responding to circumstances in which the bank cannot form a reasonable belief that it knows the true identity of the customer. Are BSA record retention requirements are independent of and int amendment toward record retention requirements under other laws. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention The bank must also keep a description of the following for five years after the record is made:35 31 CFR 1020.220(a)(3)(i)(B)-(D). APPENDIX P: BSA RECORD PRESERVATION REQUIREMENTS . FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention FinCEN, Federal Reserve, FDIC, NCUA, OCC, OTS, Treasury (April 28, 2005), Interagency Interpretive Guidance on Customer Identification Program Requirements under Section 326 of the USA PATRIOT Act, Person with an existing account FAQ #3. Examiners should also consider general internal controls concepts, such as dual controls, segregation of duties, and management approval for certain actions, as they relate to the banks CIP. The CIP must be incorporated into the banks BSA/AML compliance program,3 12 CFR 208.63(b)(2), 211.5(m)(2), and 211.24(j)(2) (Federal Reserve); 12CFR 326.8(b)(2) (FDIC); 12 CFR 748.2(b)(2) (NCUA); 12 CFR 21.21(c)(2) (OCC); and 31 CFR 1020.220 (FinCEN). Wholly- or majority-owned credit union service organizations (CUSOs) may be considered subsidiaries of the credit union owner; however, as separate legal entities, the NCUA has no direct regulatory authority over CUSOs. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention Assess the banks risk-based Office of Foreign Assets Control (OFAC) compliance program to evaluate whether it is appropriate for the banks OFAC risk, taking into consideration its products, services, customers, entities, transactions, and geographic locations. An account includes a relationship established to provide a safety deposit box or other safekeeping services, or cash management, custodian, and trust services.7 31 CFR 1020.100(a)(1). A banks verification procedures must be risk-based and, in certain situations, keeping copies of identifying documents may be warranted. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention Advertisers and sponsors are not responsible for site content. An appropriate description of a loan purpose would be described as follows: to purchase automobile, to pay Federal income taxes, college tuition, etc. What this means for you: When you open an account, we will ask for your name, address, date of birth, and other information that will allow us to identify you. at account opening for CIP purposes for a period of five years after the account is closed. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention Five-Year Retention to Recorded such Specified Beneath The BSA establishes recordkeeping requirements related to various types of records including: consumer accounts (e.g., loan, deposit, or trust), BSA filing requirements, and records that document a bank's . The CIP must also have procedures30 31 CFR 1020.220(a)(2)(iii). 10. Examiners may review other information, such as recent independent testing or audit reports, to aid in their assessment of the banks CIP. A bank using non-documentary methods to verify a customers identity must have procedures that set forth the methods the bank uses.26 31 CFR 1020.220(a)(2)(ii)(B). First published on BankersOnline.com 08/01/05. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention The U.S. Department of the Treasury, FinCEN, and the federal banking agencies have issued Frequently Asked Questions (FAQs), which may be revised periodically.49 FinCEN, Federal Reserve, FDIC, NCUA, OCC, OTS, Treasury (April 28, 2005), Interagency Interpretive Guidance on Customer Identification Program Requirements under Section 326 of the USA PATRIOT Act. FinCEN and the federal banking agencies have issued interagency guidance to issuing banks on applying CIP requirements to holders of prepaid cards.50 Federal Reserve, FDIC, FinCEN, NCUA, and OCC (March 21, 2016), Interagency Guidance to Issuing Banks on Applying Customer Identification Program Requirements to Holders of Prepaid Cards. There is also guidance encouraging banks to use non-documentary verification methods permitted by the CIP requirements for customers who cannot provide standard identification documents because of the effects of natural disasters.51 FDIC (August 29, 2017), FIL-38-2017 Meeting the Financial Needs of Customers Affected by Hurricane Harvey and its Aftermath. Federal Reserve (March 29, 2013), SR 13-6 Supervisory Practices Regarding Banking Organizations and their Borrowers and Other Customers Affected by a Major Disaster or Emergency. NCUA (December 14, 2017), SL No. PDF Appendix P: BSA Record-Retention Requirements Pull a sample of false hits (potential matches) to check their handling; the resolution of a false hit should take place outside of the business line. FFIEC BSA/AML Appendices - Appendix P - BSA Record Retention
Difference Between Series And Parallel Circuits Table,
Articles B
bsa record retention requirements
