Are there any BSA Officer's out there that are auditing departments within their institution for BSA/AML/OFAC Compliance outside of the internal audit department? If so, what are you looking for in each department?

in our institution, this role falls to Compliance Audit and Internal Audit, 2 separate areas, 2 independent reviews.

I have not heard of any. My question would be what is the process if they find an issue?

Yeah, why would the BSA department be involved in audit - are they properly trained??? How can they audit something for which they should be ultimately responsible?

You can monitor for compliance, but you cannot "audit" for compliance of an area for which you are responsible.

Monitoring for compliance means to review processes, transactions, etc. and make note of anything that does not comply with the regulation and/or internal policies and procedures. But the resulting report is NOT an audit report - more of an "FYI guys, we're slipping up over here" report.

This.

As BSA Officer I do not 'audit", however I do monitor all aspects of our program and those involved in the day to day processes. I report back to the department head any deficiencies that I might find. Primarily I'm looking for policies or procedures that are not being followed.

Ok, so maybe using the word "Audit" in this post to bankers was a mistake.

Audit: an official inspection of an individual's or organization's accounts, typically by an independent body; a systematic review or assessment of something; conduct an official financial examination of (an individual's or organization's accounts).

We were told by a BSA/AML consultant that we (BSA Officer) should be "reviewing" and "sampling" internal departments such as Credit Card, RDC, ACH, etc on an annual basis (outside of formal "audits" and exams) to ensure they are following procedures. We should be "documenting" our "findings" and discussing changes with the department managers. Sure sounds like a "systematic review" or "assessment" to me but we'll go with the term "monitoring" for those in this string.

NBBCompliance- I sent you a PM regarding your question.

What your consultant is recommending is that you establish a monitoring and testing function, within your compliance department. This is an industry best practice at big banks.

This is an industry best practice at big banks.

and midsize and small...

Also commonly referred to as internal controls.