Spring has sprung! And for many of our community banks out there, the changing of the weather brings along with it the so-called “audit season.” For many more of our banks – particularly when it comes to those banks’ internal audit departments – every season is audit season.
For banks navigating the demands of this time of year, Compliance Alliance offers a unique solution to address the challenges audit season can present. Assurance Services, part of the Compliance Alliance family of companies, provides expert audit services on a range of regulatory topics – many of which are common focal points during agency examinations.
The following is Part 1 of a roundup of key areas and common pitfalls identified during recent audit engagements – each one a timely reminder of where banks should focus attention to stay aligned with regulatory expectations. Stay tuned next week for Part 2!
Advertising: The Logo Problem
Financial institutions should take a closer look at their use of regulatory logos in marketing, particularly in digital mediums. Several banks have used the FDIC corporate logo in advertising – sometimes even the version with a globe inside the “C.” It should be noted that this logo is reserved exclusively for use by the FDIC itself. Banks should instead use the proper “Member FDIC” statement in all marketing for insured deposit products, as outlined in 12 CFR 328.6 (and, if using a reproduction of the symbol, that which is described in § 328.2(b)).
In addition, Equal Housing Lender logos and the FDIC statements were often missing from social media profiles and posts; remember, the definition of an advertisement under Part 328 is very broad, and so the requirements of 12 CFR 328.6(c) should be reviewed whenever the bank has a “commercial message, in any medium.”
BSA and CIP: Precision Matters
BSA and CIP processes are driven by a risk-based approach, and that often requires a high attention to detail, even for seemingly minor things. For example, Currency Transaction Reports (CTRs) require detailed and accurate occupational information (Item 9 of the CTR Filing Instructions explicitly asks for “specific descriptions” of the occupation, profession, or type of business of the Part 1 individual or entity).
Another key consideration is the consistent use of CIP tools during account onboarding. In some cases, identity verification tools were not run for all new customers. Regardless of how familiar staff may be with a client, the bank’s CIP must be applied consistently to meet the bank’s BSA obligations under 31 CFR 1020.220 – and to uphold sound practices in verifying and understanding the bank’s customers.
Wire Transfers: Purpose and Process
Wire activity remains a relatively high-risk area, particularly in documentation. While most institutions perform callback verifications, how they document those verifications can tend to vary. Some callbacks are noted via phone logs, others via email, and sometimes the method of verification isn’t captured at all. Therefore, it’s critical to document and maintain a consistent and complete record of who verified the wire, how it was verified, and when.
Additionally, wire purposes should be clearly defined and recorded. Descriptions like ‘Deposit’ or ‘Funds’ are too vague to truly reflect the reason for the wire, which effectively defeats the point of including a purpose field in the first place. Banks should encourage their staff to use more descriptive terms – these provide greater transparency, and can generally help in identifying suspicious transactions.
If you have any other questions in the meantime, feel free to reach out to Assurance Services at 888-353-3933. Otherwise, come back next week for Part 2!