news.cuna.org/articles/112944-compliance-customer-due-diligence-for-all-accounts

Compliance: Customer due diligence for all accounts

September 25, 2017

The Financial Crimes Enforcement Network’s (FinCEN) new customer due diligence (CDD) requirements for business accounts are effective May 18, 2018, and CUNA’s compliance staff has received a number of questions. A recent CompBlog post examines CDD procedures and requirements.

Bank Secrecy Act regulations do not have specific provisions for CDD requirements for non-business accounts, credit unions generally rely on the Federal Financial Institutions Examination Council’s (FFFIEC) examination manual for guidance.

The CDD guidance recommends credit unions:

  • Know the true identity of its members;
     
  • Gain an understanding of a member’s normal and expected transaction activity, based on their occupation or business operations to better determine if something is suspicious, and whether a suspicious activity report (SAR) needs to be filed;
     
  • Keep an eye out for indicators of potential changes in the member’s risk profile. For example a change in employment, a change in business operations, or unexpected account activity; and
     
  • Include procedures to periodically monitor the member’s information.

According to the examination manual, a credit union’s Bank Secrecy Act/anti-money laundering (BSA/AML) program should include due diligence procedures that:

  • Are commensurate with the credit union’s BSA/AML risk profile, with particular attention paid to high-risk members;
     
  • Contain a clear statement of management’s overall expectations, as well as management’s expectations regarding staff responsibilities;
     
  • Ensure the credit union possesses sufficient member information to implement an effective suspicious activity monitoring system;
     
  • Provide guidance for documenting analysis associated with the due diligence process, including guidance for resolving issues when insufficient or inaccurate information is obtained; and
     
  • As a best practice, ensure the credit union maintains current member information.

Once credit unions have identified high-risk members, it should consider obtaining specific information, including source of funds, occupation, place of employment and others.

More information can also be found in CUNA’s BSA Compliance Manual and the FFIEC’s BSA/AML Examination Manual.

In addition to CompBlog, CUNA’s Compliance Community contains discussion boards and a number of other resources for credit union compliance professionals around the country.