In regards to reviewing CIBs, should those reviews be handled like an NBFI or MSB? I guess what I'm really asking is how in depth should the review process be?

I would read pages 298-299 in the FFIEC's BSA/AML Handbook from 2007, the most recent one. It gives very clearly what the risk mitigation process should be...here's a sample:

At the time of account opening, the bank should have an understanding of the customer’s business operations; the intended use of the account; including anticipated transaction volume, products, and services used; and the geographic locations involved in the relationship.

For those customers deemed to be particularly high risk, bank management may consider implementing sound practices, such as periodic on-site visits, interviews with the business’s management, or closer reviews of transactional activity.

jessesgirl... I do not treat the CIBs like an MSB.

If, at the time of opening I determine that they are a local and known business, and we have the expected cash activity, I give them a Moderate risk.
I am looking at daily cash reports, so would spot anything unusual.

I may run a couple of individual reports on them during the first few months, and then they get reviewed every six months.

Hope that helps you.

Review process should be driven by risk. The fact that they are a cash intensive business is only one of the risk factors to be considered to determine what level, if any, of enhanced due diligence may be warranted. How much cash are you talking about; who owns the business; how long have they been in business; how long have you banked them; what is the specific nature of business services offered by the customer; what other banking services to they utilize? Lots to consider in determining the ultimate level of risk.