I was wondering if it is common practice to create a customer information file for all individuals conducting a cash transaction regardless of the amount and account ownership. For example, creating a CIF for man who is depositing $20.00 to his friend's account as a favor. I've been told it needs to be done as a precaution for a possible CTR. Could this policy violate any banking regulations or is it supported by the Bank Secrecy and Anti-Money Laundering Act?
What is the type of paper work required to open up a business account?
Among credit risk, market risk and operational risk, developing a good operational risk management program seems to be the most challenging. Can't our existing compliance processes (e.g., AML, Red Flags, GLBA, etc.) contribute to operational risk management?
Should we acquire new FDIC signage to accommodate the new law signed by President Bush on 10-3-2008? What is the time frame that we have to put the signs into effect?
Banks are consistently asked for loan account numbers and pay-off amounts by automobile dealers, insurance companies and other banks that wish to pay off trade-ins, submit insurance payments or to get accurate pay-offs when consumers are refinancing debt. How does the GLBA come into play when a bank receives these requests?
I have a very technical GLBA question. It is my understanding that if all employees of the bank are required to have deposit accounts then they are also considered a customer under GLBA. If there happened to be a breach of employee nonpublic information through the HR department, say the payroll vendor was compromised and all employees' social security numbers were released, would this not be considered a breach under GLBA and notification required to the affected customers (employees) along with notice to our regulators? Is it possible since the breach occurred through HR department and was of employees' nonpublic information that it is not defined as a breach under GLBA?
We are having a misunderstanding at my financial institution about the USA PATRIOT Act. We were first opening corporate accounts and gathering identification documentation and social security numbers on all the signers on corporate accounts. We were then instructed that it was unnecessary to obtain this information on the signers. Then about a year later we were instructed that the USA PATRIOT Act does require us to get this information. Does BSA or the PATRIOT Act require financial institutions to get ID for signers on corporate accounts as of 2007? If it does not, where can I find this information?
We have received a letter and a form 12470 from the IRS requesting information on a loan customer. They are requesting the customer address, employer address, how long employed, amount of obligation, date of obligation, amount of payments and due dates, etc. The IRS letter states that they are requesting this information under section 7602 of the Internal Revenue Code. Does this meet the requirements of the Right To Financial Privacy Act to release information on this borrower?
With the FFIEC guidelines related to multi-factor authentication, can you offer any information on the VRU/Telephone Banking platform? If banking clients access data via the telephone is the typical SSN/PIN/Account Number input enough to comply with the FFIEC?