Click to return to BOL home page
Banker Store eCard Exchange Vendor Connect Career Connect Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads BOL Conferences CrimeDex Em@il Education FREE Briefings Record Retention
 

Support for BOL is provided by:

MAIN CONTENT 
Compliance

    Agency Road Maps

    Alphabet Soup

    Compliance Tools

    FACTA/FCRA

    OFAC

Lending

    FACTA/FCRA

    Lending Tools

    SCRA

Marketing

Operations

    Check 21

    Operations Tools

    SAR Resrch Guide

Security

    AML/BSA

    Bank Robbery

    Counterfeits

    ID Fraud/Phishing

    Security Tools

Technology/eBanking

    Info Security


SPECIAL AREAS 
BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch
Em@il Education

Examiner's Corner

Executive Briefing

Infovault

Launch Pad

Site Map

Site Orientation

Top Stories


~ ~ ~
SERVICES 
CrimeDex

Em@il Education

ID Verification

Record Retention


~ ~ ~
SHOP 

Banker Store
Bankers Info Ntwk
Vendor Connect

CONNECT 

Career Connect

Learning Connect

Vendor Connect

Guru Central

INTERACT 

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback


TOOLS 

60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN 

BOL Recipes

eCard Exchange

LEARN MORE 

About Advertising
About Our Sponsors
About Us


Print Friendly! Email This Article! Discuss NOW!




Identifying and tracking account risk is part of the Red Flag program, do you know what these requirements include?


Question:  I’m not clear on the Red Flag requirements for identifying and tracking account risk, what’s involved?

Answer:   Account risk really includes two parts: customer risk and activity/ behavior risk. You will need to understand what’s involved with each of these risk factors and insure that your program addresses both.

Customer risk is the risk you identify initially during account opening. You should already have a program in place that allows you to evaluate the information provided on an account application. BSA/AML requirements indicate that you must collect, at a minimum, a customer’s name, address, date of birth and tax ID number. Few banks stop here and many include a variety of other information requirements for new customers (e.g., phone numbers, email address, driver’s license, employer, other accounts, etc.). At least some of this information must be verified. We know that the name must be searched against the OFAC, but the address, DOB and SSN must also be verified as true to the best of your ability.

Customer risk as defined for Red Flags includes both customer identity and the products and services used. This overlaps the BSA/AML requirements (which also require assessment of location risk factors). The Red Flags regulation specifically permits use of existing programs to satisfy its requirements and you should already have in place a much more comprehensive Customer Identification Program (CIP). If your CIP program is properly developed, you are not only meeting the Red Flags identity screening requirements, but you are also covering a broader set of important information.

You should also bear in mind that customer risk is not static and may change as the customer moves to a new address, changes employment, or uses different products and services.

Activity/behavior risk is dynamic risk represented through a combination of daily transactions and the account's behavior profile established over time. Again, your AML program should include the ability to monitor account activity for a variety of fraud, money laundering and terrorism financing indications. Here you should check to make sure that your AML program is not so narrowly focused that it is not able to monitor identity theft related activity. For example, your activity monitoring program should be able to detect changes in account risk that may be related to a recent address change, credit agency alert, address discrepancy or other potential warning.

The Red Flags guidelines and the sample Red Flags provide a good set of objectives for your program. You should consider these against a set of “issue” criteria to evaluate what needs to be done. There are many ways to do this (e.g., GAP analysis, Analytical Hierarchy, Multi-Attribute Analysis, etc.), but you should consider things like: how information is captured, how it is retained, which parts of the organization are involved, what analysis is involved, what kind of monitoring is needed, what actions are appropriate – and more. This approach should force you to consider both customer and account activity risks and provide you with an integrated process.

While compliance is mandatory, keep in mind that there are many potentially important benefits that can be derived from a well constructed risk assessment program.

BANKDetect has developed a Free Webinar covering these and other Red Flags compliance subjects. A draft policy document model is also available. BANKDetect has been supporting client's fraud prevention and AML compliance for over a decade with advanced, integrated analytical solutions for the full range of requirements from account opening to risk assessment and activity monitoring. Contact BANKDetect TODAY.

First published on BankersOnline.com 9/22/08


Privacy Policy    Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.