I took over the role of BSA Officer in September and prior to her retiring, we neglected to cover this. ATM & Gaming Survey's: How often are you having existing customers complete them and what are you using? What I have found is a letter verifying info previously submitted and a 2-page questionnaire.

Any suggestions are appreciated, thanks!!

Annually sounds about right, and do a verification of what they told you.
Gaming? are you in a tribal gaming state, or are you referring to Bingo? where I am the tribes are pretty heavily regulated, and we lean on that- the regulators don't seem to want to do a lot more as they know they are very well regulated so far.
If you are in a state with legalized gambling, that probably doesn't help.

Annually sounds about right, and do a verification of what they told you.
Gaming? are you in a tribal gaming state, or are you referring to Bingo? where I am the tribes are pretty heavily regulated, and we lean on that- the regulators don't seem to want to do a lot more as they know they are very well regulated so far.
If you are in a state with legalized gambling, that probably doesn't help.

Thanks for the input. Gaming would be the machines in bars and gas stations etc for Illinois.

I would suggest researching the gaming laws for your state and doing a risk assessment to decide if you need to have periodic reviews of the gaming customers. They are highly regulated by the gaming commission and have stringent accounting requirements (the state wants their tax revenue ASAP). For our state, the max payout for a single win is $800 and it has to be paid in cash. That eliminates the main attractiveness of trying to use gaming for money laundering. We determined that our customers who offer gaming don't have any additional residual risk that warrants scheduled, periodic monitoring. But you won't be able to make that conclusion until you understand the laws and do a risk assessment. And make sure you have it all very well documented so you can provide it to the examiners.

For ATMs, we assess their risk based on if they (the business and/or its employees) have access to replenish the funds in the ATM. If they do, they are higher risk and we perform annual reviews. We request a questionnaire at the time the account is opened and only again if the number of machines has increased (we ask for location information) or if the activity year over year increases by 15% or more.

The FFIEC manual provides a lot of guidance on the risk factors of these types of services and it describes what possible due diligence can be done. That might be a good place to start to see if what you're doing is sufficient.

Thank you for the info!