Click to return to BOL home page
Banker Store BOL Vendor Connect BOL Career Connect BOL Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads Background Check CrimeDex Em@il Education ID Verification Record Retention
 


MAIN CONTENT 
Compliance

    Agency Road Maps

    Alphabet Soup

    Compliance Tools

    FACTA/FCRA

    OFAC

Lending

    Article 9

    FACTA/FCRA

    HMDA Heaven

    Lending Tools

    SCRA

Marketing

Operations

    Check 21

    Disaster Updates

    Disaster Recovery

    HR Corner

    IRA Season

    Money Matters

    Operations Tools

    SARResearchGuide

Security

    AML/BSA

    Bank Robbery

    Counterfeits

    ID Fraud/Phishing

    Security Tools

Technology/eBanking

    Disaster Updates

    Disaster Recovery

    Info Security


SPECIAL AREAS 
BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch

Disaster Issuances

Em@il Education

Examiner's Corner

Executive Briefing

Infovault

Launch Pad

Lessons Learned

Monthly Roundup

Risk Management

Site Map

Site Orientation

Top Stories


~ ~ ~
SERVICES 
Background Check
BOL Conferencing

CrimeDex

Em@il Education

ID Verification

Record Retention


~ ~ ~
SHOP 

Banker Store
Bankers Info Ntwk
Books
Vendor Connect

CONNECT 

Career Connect

Learning Connect

Vendor Connect

Guru Central

INTERACT 

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback


TOOLS 

60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN 

Banker Humor

Banker Memories

BOL Recipes

eCard Exchange

LEARN MORE 

About Advertising
About Our Sponsors
About Us

Print Friendly! Email This Article! Discuss NOW!



CIP: Use Exam Procedures for Self-Assessment

It's official. The agencies have published joint examination procedures for customer identification programs. These procedures will evaluate compliance with the CIP regulations and also take into account overall compliance with the entire Bank Secrecy Act.

Among the items that examiners will request are your BSA audit procedures. Therefore, you had better have them. They will also ask for information about account types and a list of new accounts opened over a specific period of time.

Each time an examiner reviews your BSA program, they need to develop an understanding of your institution. Therefore, you need to also take your institution into account in setting your compliance priorities.

The scope and detail of your Customer Identification Program should be determined by the risk in your market. What risk analysis means to your CIP is an analysis of your market and your customers. In short, you cannot analyze risk and design a CIP without understanding your market and the risks it presents.

Once in place, you should evaluate your customer identification program just as you evaluate the entire BSA program. Don't sit back and wait for the examiners to tell you what concerns them. That may result in an enforcement action. Instead, do your own evaluation in plenty of time to make changes and get them working before the examiners come in.
  • You should do this anyway with regularity, but take a hard look at your CIP policy and your overall BSA policy. Evaluate completeness and appropriateness in light of your lines of business and specific account relationships. Be sure the policy covers any recent developments.
  • Review procedures for all aspects of the customer information program. This may include procedures that are part of account opening, operations, or record storage. Everyone needs instruction.
  • Review training records to make sure everyone who needs training has been trained - recently and appropriately.
  • Now review the new accounts opened. For each account, review the information considered, verified or obtained. Determine whether it is consistent with policy and procedures. Identify any exceptions. Evaluate the exceptions and determine whether they are appropriate.
  • Review the accounts opened for any suspicious activity that may have been identified. Did the bank recognize the risk? What was done about it?
  • Were all new accounts checked against the OFAC list before opening? Examiners will want to see documentation for this.
  • Review the documentation supporting CIP. Determine whether it is kept where it should be and whether it is complete. Now consider whether the information is secure.
  • Use the new accounts opened to evaluate your risk self-assessment. After reviewing the accounts, take another look at your policy and procedures to determine whether they are adequate and appropriate for your risk.
  • Re-evaluate your policies and procedures. Based on your audit, evaluate whether the risk assessment is appropriate, the procedures are realistic, training is adequate, and the program meets the essential requirements.
  • Remember that "know your customer" may not officially exist, but due diligence is required beyond CIP. Identify some accounts that may have raised concerns and determine whether these accounts have been monitored.
  • While not on the examiners' list, we recommend that you compare CTRs and SARs filed with accounts opened and your customer identification procedures. Use this comparison to evaluate whether your customer identification procedures are predicting problems or are missing the mark.
Copyright © 2004 Compliance Action. Originally appeared in Compliance Action, Vol. 9, No. 9, 9/04



Print Friendly! Email This Article! Discuss NOW!


Privacy Policy    Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.