Independent Review
Objectives of Independent Review and Testing
The objective of an Independent Review engagement by MSB Compliance will be to ensure that an appropriate tailored, risk-based Bank Secrecy Act / Anti-Money Laundering and OFAC compliance program has been developed and effectively implemented We will evaluate whether the policies, procedures and controls are being effectively maintained within a strong Culture of Compliance. Consistent with regulatory expectations, the program will include a risk-based transaction monitoring and sanctions filtering program. Applicable industry best practices will also be considered to ensure the company is effectively meeting requirements of the Bank Secrecy Act and of its bank partners.
The review process and subsequent reporting will be based upon regulatory guidance such as the Financial Crimes Enforcement Network’s (FinCEN) and Internal Revenue Service’s (IRS) Bank Secrecy Act / Anti-Money Laundering Examination Manual for Money Services Businesses, the Federal Financial Institutions Examination Council’s (FFIEC) Bank Secrecy Act / Anti-Money Laundering Examination Manual, and the Financial Action Task Force’s (FATF) Risk-Based Approach: Guidance for Money Services Businesses. A limited review of state specific regulatory requirements will also be covered (compliance based rather than financial soundness) which the company may elect to expand at additional time and expense. New York DFS Section 504 requirements will be examined either due to direct applicability to the business or due to applicability as representative of best practices for developing and maintaining an appropriate risk based transaction monitoring and sanctions filtering program.
A risk-based approach to reviewing operations is employed to provide for a focused, comprehensive review of the company’s compliance with the Bank Secrecy Act, USA PATRIOT Act, OFAC, and state requirements for licensed MSB activities. The examination process will facilitate:
- Developing an understanding of the existing internal controls and determining the extent to which they are in operation and whether they are effective.
- Assessing the adequacy of the BSA/AML compliance program. Determining whether the company has developed, administered, and maintained an effective program for compliance with the BSA, its implementing regulations, and with OFAC requirements.
- Assessing compliance with the statutory and regulatory requirements for obtaining customer identification and Know Your Customer (KYC).
- Assessing the appropriateness and comprehensiveness of the Customer Due Diligence (CDD) policies, procedures, and processes for obtaining customer information and assessing the value of this information in detecting, monitoring, and reporting suspicious activity.
- Assessing the policies, procedures, processes, and overall compliance with statutory and regulatory requirements for monitoring, detecting, and reporting suspicious activities.
- Assessing the compliance with statutory and regulatory requirements for the reporting of large currency transactions.
- Assessing policies and procedures relating to and compliance with the statutory and regulatory requirements for the “Special Information Sharing Procedures to Deter Money Laundering and Terrorist Activity” (section 314(a) and 314(b) Information Requests).
- Assessing the compliance with statutory and regulatory requirements for the recording of information required for the purchase and sale of monetary instruments for currency in amounts between $3,000 and $10,000, inclusive (if applicable).
- Assessing compliance with statutory and regulatory requirements for funds transfers.
- Assessing compliance with other key areas of BSA/AML compliance which may be applicable such as: agent practices; foreign correspondents or counterparties; Reporting of International Transportation of Currency or Monetary Instruments (CMIR); Report of Foreign Bank and Financial Accounts (FBAR); requirements pertaining to dealers in foreign exchange; et cetera.
- Assessing the Company’s risk-based OFAC program to evaluate whether it is appropriate for the Company’s OFAC risk, taking into consideration its products, services, customers, transactions, and geographic locations.
- Assessing the compliance of the Anti-Money Laundering (AML) training program with statutory and regulatory requirements.
- Assessing the adequacy of the implementation of corrective actions and/or recommendations from prior year’s independent review and regulatory examination(s), as applicable.
- Providing recommendations on how the Company can improve its internal control procedures to more effectively and consistently comply with the BSA as amended by the USA PATRIOT Act of 2001 and OFAC regulations.
Review Process
Engagements begin with a review of requested information such as background data, policies and procedures pertaining to your business. We provide the detailed information request in a Spreadsheet format so that entities may identify responsible persons and track delivery of information necessary to our thorough review process. Several pre-examination questionnaires are also provided. The information request list identifies the information necessary to ensure a thorough compliance review of your business so that we can help protect you from potential civil and criminal penalties and from potential banking discontinuance.
We ask that requested materials be provided electronically in advance to the extent possible; we will establish a secure Citrix Sharefile folder for this purpose or may use your secure transfer methods as may be required under your information security policies. Certain materials may be made available immediately upon arrival for onsite work, if necessary, to provide for the most effective use of time.
Interviews typically take place during an on-site visit and inspection of your primary business location, including a review of various BSA/AML systems and any records, reports and documents not provided electronically. Additional documentation needs may be identified during the review process. Due to ongoing public health concerns relating to COVID-19, reviews may be conducted offsite supplemented with phone/video calls and screen sharing.
MSB Compliance completes detailed review procedures based upon various specific regulatory guidance, incorporating additional guidance from industry trade associations as well as its own experiences pertaining to best practices. A detailed record of the specific procedures performed, our observations and any related findings and/or recommendations for each procedure are maintained as part of the supporting work record, are incorporated into reporting, and are made available to regulators and to the company along with other supporting work paper records.
Review procedures and fieldwork cover appropriate areas of examination such as: Pre-Planning the Exam; Risk Assessment; Development of Risk Based Examination Plan; MSB Registration Requirements; On-Site Visit and Interview of Appropriate Personnel; Anti-Money Laundering Program; Monitoring/Oversight of Branches and Agents; BSA/AML Officer and Staff; Training; Recordkeeping; Currency Transaction Reporting; Suspicious Activity Reporting; Information Sharing; Office of Foreign Asset Control (OFAC); and, Developing Conclusions and Finalizing the Examination.
Deliverables
The company’s written BSA/AML risk assessment and Bank Secrecy Act compliance program will be reviewed. Major omissions or deficiencies, if any, will be noted in the written report of Independent Review. Minor suggestions or enhancements may be documented and delivered separately.
A written report of Independent Review will be provided that will:
- Provide an Executive Summary for the Board of Directors with a frame of reference for the methodology, scope and overall assessment clearly outline the scope of the review;
- identify any compliance deficiencies or weaknesses to be addressed;
- provide further suggestions for improved risk management that you may wish to consider (if any are identified); and,
- make a qualitative judgment as to the effectiveness of the company's BSA/AML and OFAC Compliance program.
During the review we will discuss any identified compliance issues and ways to address them; you may also call after digesting our conversations and written report for further clarification and guidance, if necessary.
As a money services business and therefore potentially higher risk customer, your banking partners will appreciate receiving a copy of your Independent Review along with management responses shortly after receipt of the written report. You may choose to proactively provide it to your banking partners as part of managing your banking relationships. Banks frequently request copies of their MSB’s independent review be forwarded annually; if yours has done so, we may independently provide a copy to your bank and discuss any questions with them with your prior written approval. Reasonable printing, delivery and expense for time spent would be separately billed with such prior approval. Should it be necessary or helpful, we are available to discuss questions or concerns, if any, directly with your banker or other business partner.
Contact Us About Your Independent Review!
Complete the form and we'll call you back to obtain further information then provide you with a proposal to perform your independent review.