by David Dickinson
There is no list of frequency for training. In fact, BSA is NOT an "annual event." The BSA Exam Manual states:
"The BSA compliance officer and BSA compliance staff should receive periodic training that is relevant and appropriate to remain informed of changes to regulatory requirements and changes to the bank’s risk profile. . . ..
The board of directors and senior management should receive foundational training and be informed of changes and new developments in the BSA, . . ..
Periodic training for appropriate personnel should incorporate current developments and changes to BSA regulatory requirements . . ."
The same is true for all regulatory requirements. You can't check a box and say "we've done our training for the year." Likewise, you may not have to provide training on a topic every year. Your risk assessment, monitoring and audit results should drive the amount and frequency of training. You can also provide quizzes/tests and if people pass, they should be able to not attend the "standard" training but only receive info. on updates/changes. If they can test out, why make them sit through training on things they already know? If they can't pass the test, they obviously need training.
by Richard Insley
Another round peg that won't fit in the square holes of a matrix is repeat violations. When your regulator cites a violation of any regulation in an examination report, that guarantees the next set of examiners will check to be sure you did what your board's exam response said you did (or would do.) Regulators don't like to be ignored or lied to, so you can't afford for a previously cited violation to be discovered again. Becoming bulletproof and keeping it that way between exams probably means intensified training.