CDD Policies and Procedures Exam Ready


Last August, the National Credit Union Administration (NCUA) issued Supervisory Letter (SL No. 18-01) to address credit union's compliance with the new Bank Secrecy Act (BSA) Customer Due Diligence (CDD) and Beneficial Ownership Rules.  With this letter, NCUA stated that credit unions could expect that "field staff would not identify non-compliance as a significant BSA violation, as long as credit unions were making a good faith effort to comply with the new rules." Credit unions were to expect this reprieve through the end of 2018.  

Well, we are now into 2019, and NCUA has listed "in-depth reviews of BSA/anti-money laundering (AML) policies and procedures and assessing compliance with the customer due diligence regulation" as one of the agency's supervisory priorities for this year.

As you prepare for your next exam, some items you should consider include:

  • Does your written BSA compliance program include Customer Due Diligence and Beneficial Ownership Identification and Verification?
  • Have you established an adequate Customer (member) Due Diligence (CDD) Program?
  • Does your credit union have effective procedures for developing member risk profiles that identify the specific risks of individual members or categories of members? 
  • Are your risk-based CDD policies, procedures, and processes commensurate with your credit union's BSA/AML risk profile, with increased focus on higher risk members? 
  • Do your procedures include identifying members that may pose a higher risk for money laundering or terrorist financing and whether and/or when, on the basis of risk, it is appropriate to obtain and review additional member information?
  • Have you developed procedures for documenting analysis associated with the due diligence process, including guidance for resolving issues when insufficient or inaccurate information is obtained?
  • Have you developed procedures for performing ongoing monitoring of the member relationship, on a risk basis, to maintain and update member information, including beneficial ownership information of legal entity customers/members? 
  • Have you defined in your policies and procedures how member information, including beneficial ownership information for legal entity customers/members, is used to meet other relevant regulatory requirements, including but not limited to, identifying suspicious activity and determining Office of Foreign Assets Control (OFAC) sanctioned parties?
  • Have you established written procedures, included in your BSA/AML compliance program, that are reasonably designed to identify and verify beneficial owners of legal entity customers/members? 
  • Do your procedures require identification of the beneficial owner(s) of each legal entity customer/member at the time a new account is opened?  
  • Do your procedures require the minimum information (name, address, identification number, and data of birth) for beneficial owner(s) of legal entity customers/members, and timely verification of enough information to form a reasonable belief as to the beneficial owner's true identity?
  • Do you have a process for circumstances in which you cannot form a reasonable belief that you know the true identity of the beneficial owner(s) of a legal entity customer/member?

Source:  CUNA’s Compliance Blog, Jan. 22, 2019

Pin It