Part 4. Examining Process
Chapter 26. Bank Secrecy Act
Section 6. Bank Secrecy Act Examiner Responsibilities
4.26.6 Bank Secrecy Act Examiner Responsibilities
Manual Transmittal
October 08, 2019
Purpose
(1) This transmits a revision to IRM 4.26.6, Bank Secrecy Act, Bank Secrecy Act Examiner Responsibilities.
Material Changes
(1) The text has been revised to reflect updated procedures for BSA examiners.
(2) Expanded to include the requirements of IRM 1.11.2.2.5, Address Management and Internal Controls.
(3) Terms, titles, and acronyms were revised to reflect current usage. "CBRS" was updated to "FinCEN Query (FCQ)".
(4) Various other changes are noted below:
IRM Section | Description |
---|---|
IRM 4.26.6.2 | Expanded on the key concepts of conducting a risk-based BSA examination. |
IRM 4.26.6.2.1 | Deleted the Overview section as the material was incorporated into the added sections required by IRM 1.11.2.2.5 and other sections within the chapter. |
IRM 4.26.6.3 | Expanded on the responsibilities of the BSA examiner to identify financial institutions subject to all BSA requirements. |
IRM 4.26.6.3.1 | Added information as to what is contained in the Letter 1052, Bank Secrecy Act Requirements Notification Letter. |
IRM 4.26.6.3.1(2) | Added information related to the Office of Indian Tribal Governments issuing Letter 1052 to tribal entities. |
IRM 4.26.6.4 | Deleted last paragraph on outreach and created new section IRM 4.26.6.4.1, Educational Outreach Requests. |
IRM 4.26.6.4.2(3) | Added a requirement to document the financial institutions knowledge of the BSA requirements in workpapers. |
IRM 4.26.6.4.2(6) | Added information on the verification and documentation related to the issuance of Letter 1052, Bank Secrecy Act Requirements Notification Letter. |
IRM 4.26.6.4.2(8) | Clarified the procedures examiners are to follow if the ownership or legal status of the financial institution under examination has changed. |
IRM 4.26.6.5 | Added information on the concept of a risk-based BSA examination. |
IRM 4.26.6.5.1(2) | Added information on the examiners responsibility to review case-built documents as part of the pre-plan process. |
IRM 4.26.6.5.1(3) | Added the requirement to research FinCEN query, at a minimum, on the EIN, legal name and any dba as part of the pre-plan. |
IRM 4.26.6.5.1(4) & (5) | Added the requirement to review CTRs and SARs filings for quality as part of the pre-plan. |
IRM 4.26.6.5.1(6) | Add information to review the underlying reason for amended BSA filings. |
IRM 4.26.6.5.1(7) | Added the requirement to review prior case files, state reporting requirements and internet as part of the pre-plan. |
IRM 4.26.6.5.1.1(1) | Added the definition of scope and depth of the examination. |
IRM 4.26.6.5.1.1(3) | Added factors which will help determine the scope and depth of the examination. |
IRM 4.26.6.5.1.1(4) & (5) | Added further clarification and examples for determining the scope and depth of the examination based on the financial institution being examined. |
IRM 4.26.6.5.1.1(6) & (7) | Added further clarification on the initial transaction testing period and clarified that expanding to the full six-month period does not require completion of Lead Sheet #120, Request to Expand Scope/Depth. |
IRM 4.26.6.5.1.1(8) | Added the requirement to make a risk-based decision when expanding the scope and depth of transaction testing, requires examiners to consider whether the outcome of the exam will change by expanding the scope and depth. |
IRM 4.26.6.5.1.1(9) | Added information related to limiting the scope on a subsequent examination to those issues where violations were identified. |
IRM 4.26.6.5.1.1(10) | Added factors to consider when determining the scope of the examination. |
IRM 4.26.6.5.1.1(11) | Added the requirement to take additional steps when violations are identified to determine the financial institution’s knowledge of the transaction and knowledge of the reporting requirements. |
IRM 4.26.6.5.1.1(12) | Clarified citing violations on the Letter 1112, Title 31 Violation Notification Letter, to those detected during the examination period and prohibition on citing violations that possibly occurred in time periods outside the scope of the examination without expanding the scope. |
IRM 4.26.6.5.1.1(13) | Added information on limiting the scope of transaction testing to those transactions that may reasonably give rise to BSA violations. |
IRM 4.26.6.5.1.1(14) | Added information on the effectiveness of statistical sampling and when it may be beneficial. |
IRM 4.26.6.5.1.1(15) | Added the requirement to consult with the group manager to determine whether the exam should be expanded to multiple branches if violations are identified at the branch under examination. |
IRM 4.26.6.5.1.1.1 | Added the requirement to prepare a preliminary risk assessment based on information obtained during the pre-plan and after initial contact. |
IRM 4.26.6.5.1.1.1 | Added a note to clarify the prohibition of assessing a penalty for the failure of the financial institution to prepare a written risk assessment. |
IRM 4.26.6.5.1.1.1(4) | Added information on providing an IRS prepared risk assessment to the financial institution under examination. |
IRM 4.26.6.5.1.2(3) | Added subsection f) to ensure examiners determine whether the financial institution’s AML program provides for an adequate SAR review program. |
IRM 4.26.6.5.1.2(4)(a) | Added examples to determine whether the AML program has been implemented. |
IRM 4.26.6.5.1.2(4)(g) | Added the requirement to secure an amended AML program and provide it with the Letter 1112. |
IRM 4.26.6.5.1.3 | Amended the section title to Developing the Examination Plan. |
IRM 4.26.6.5.1.3(2) | Added requirement to develop an exam step for each AML program requirement along with all BSA requirements. |
IRM 4.26.6.5.1.3(3) | Added the requirement to determine whether the financial institution’s records are processed through a computer system prior to developing the exam plan and to discuss the need for a computer audit specialist with their group manager when conducting a headquarters’ examination. |
IRM 4.26.6.5.1.3(4) | Added requirement to evaluate the financial institution’s AML program and direct exam steps at identifying potential weaknesses and deficiencies in the program. |
IRM 4.26.6.5.1.3(6) | Added procedures to evaluate how a headquarters’ financial institution conducts a risk-based assessment of all branches/agents. |
IRM 4.26.6.5.1.3(7) | Added the requirement to include a risk-based sample, and a valid statistical sample, of branches/agents as part of a headquarters’ examination. |
IRM 4.26.6.5.1.3(8) | Added the requirement to give the financial institution at least 30 days to secure requested records. |
IRM 4.26.6.5.1.3(10) | Added the requirement to confirm the appointment a day or two prior to the schedule appointment. |
IRM 4.26.6.5.1.3(15) | Added information related to requesting specific information be sent prior to the initial appointment and to schedule time to review the material before the initial interviews. |
IRM 4.26.5.2(16) | Added additional information on requirements to use the Specialist Referral System prior to initiating any BSA examination on an Indian Tribal Government entity. |
IRM 4.26.6.5.3(3) | Added the requirement to make a final assessment on the internal controls of the financial institution. |
IRM 4.26.6.5.3.1(2) | Added the requirement to review independent reviews as one of the initial examination steps, the review should not be limited to the most current independent review. |
IRM 4.26.6.5.3.1(7) | Added the requirement to analyze a financial institution’s customer records/account information which is used for BSA compliance to determine how they update the information to ensure all BSA required records and reports are accurate. |
IRM 4.26.6.5.3.1(11) | Added the requirement to combine transactions, especially if the financial institution offers multiple wire services, prior to analyzing the transactions for BSA requirements. This is especially true for a SAR analysis. |
IRM 4.26.6.5.3.1(12) | Added the requirement to analyze all branch/agent transactions as one set of records when conducting a headquarters’ examination. |
IRM 4.26.6.5.3.1(13) | Added the requirement to analyze wire transmittals for related senders and beneficiaries, such as using a technique where senders and beneficiaries are coded and linked to identify the underlying pattern of suspicious activity. |
IRM 4.26.6.5.3.1(14) | Added the requirement to analyze suspicious activity based on the period of records for the examination and determine, based on the records of the financial institution, if the financial institution had the ability to identify the activity prior to citing a violation. |
IRM 4.26.6.5.3.2(2) | Added the requirement to try to hold the initial appointment within 28-35 calendar days of the first action on the case; however, they have the 45 days from the first action as set by quality standards. |
IRM 4.26.6.5.3.2(3) | Added a brief definition of first action. |
IRM 4.26.6.5.3.2(4) | Added the requirement to conduct the examination in the most reasonable place based on circumstances; generally, it will be conducted at the financial institutions’ place of business. |
IRM 4.26.6.5.3.2(5)-(13) | Clarified the Mutual Commitment Date process and time frames. |
IRM 4.26.6.5.3.3 | Enhanced the requirement of conducting a quality initial interview. |
IRM 4.26.6.5.3.3(8) | Added the requirement to prepare a separate Memorandum of Interview at the end of each interview based strictly on what was discussed during the interview. |
IRM 4.26.6.5.3.4 | Added information as to what a quality tour of the business should entail. |
IRM 4.26.6.5.3.5 | Clarified the requirements to hold a Group Manager Concurrence Meeting within 30 calendars days after completion of the initial appointment meeting. |
IRM 4.26.6.5.3.6(4)–(7) | Added the requirements to conduct an analysis of potential SAR activity which would identify any underlying pattern of suspicious activity, which includes asking the financial institution for prior transactions of customers for the purpose of filing a SAR which identifies the underlying pattern without expanding the scope of the examination. |
IRM 4.26.6.5.3.7 | Added FinCEN’s guidance on completing a CTR accurately to determine if violations for inaccurate filings or failure to retain records should be cited. |
IRM 4.26.6.5.3.8(4) | Added clarification as to third-party contact notification (IRC 7602) not being applicable to BSA examinations. |
IRM 4.26.6.5.3.10 | Added additional information on issuing letters at closing. |
IRM 4.26.6.5.3.11(2) | Added information on closing conference procedures. |
IRM 4.26.6.5.3.12 | Added procedures on how to respond to a financial institution or representative’s response to a Letter 1112. |
IRM 4.26.6.5.3.18 | Added brief procedures when an examiner needs to file a SAR and cross-referenced IRM 4.26.8, Special Procedures. |
IRM 4.26.6.5.3.19 | Added information related to Generally Accepted Government Auditing Standards for workpapers. |
IRM 4.26.6.5.3.22 | Added information on what should be included on Form 9984. |
IRM 4.26.6.5.3.23 | Added time frames for certain actions when conducting an examination based on National Standards. |
Effect on Other Documents
This supersedes IRM 4.26.6 dated November 14, 2006. This IRM incorporates Interim Guidance Memorandum SBSE-04-1218-0039, Initial Taxpayer Contact in Bank Secrecy Act Examinations, dated December 18, 2018.
Audience
The intended audience is employees of the Bank Secrecy Act Program in the Small Business/Self-Employed (SB/SE) Specialty Examination Division, and can be referenced by all field compliance personnel, especially in Examination and Collection.
Effective Date
(10-08-2019)
Daniel R. Lauer
Director, Specialty Examination Policy
Small Business/Self-Employed
Program Scope and Objectives
(1) Purpose. This IRM explains the Bank Secrecy Act (BSA) examiner’s responsibilities when conducting risk-based examinations of financial institutions. The material covers the full examination process from the pre-planning stage to closing.
(2) Audience. This IRM is for BSA group managers, examiners and technical support personnel.
(3) Policy Owner. Director, SB/SE Specialty Examination Policy.
(4) Program Owner. Director, SB/SE Specialty Examination.
(5) Primary Stakeholders. SB/SE Specialty Examination BSA, SB/SE Headquarters Exam, Specialty Exam Policy BSA; SB/SE Exam Quality & Tech Support, Field and Specialty Exam Quality, Chief Counsel, Division Counsel SB/SE.
(6) Contact Information. To recommend changes or make any other suggestions related to this IRM section, see IRM 1.11.6.6, Providing Feedback About an IRM Section Outside of Clearance.
(7) Program Goals. The mission of the BSA Program is to safeguard the financial system from the abuses of financial crime, including terrorist financing, money laundering, and other illicit activity by providing the financial community top quality service to help them understand their obligations under the BSA and to ensure BSA compliance with integrity and fairness to all.
Authority
(1) The Department of the Treasury has primary responsibility for implementing and enforcing the BSA. The Secretary of the Treasury delegated the authority to administer the BSA to the Director, Financial Crimes Enforcement Network (FinCEN). FinCEN re-delegated responsibility for assuring civil compliance with the law to various Federal agencies including the Internal Revenue Service.
(2) 31 CFR 1010.810(b)(8) delegates authority to the Commissioner of Internal Revenue to examine all financial institutions, except brokers or dealers in securities, mutual funds, futures commission merchants, introducing brokers in commodities, and commodity trading advisors, not currently examined by Federal bank supervisory agencies for soundness and safety.
(3) 31 CFR 1010.810(f), Enforcement, allows FinCEN or its delegate, and any agency to which compliance has been delegated to examine any books, papers, records, or other data of domestic financial institutions relevant to the recordkeeping and reporting requirement of the BSA.
Roles and Responsibilities
(1) Director, Examination - Specialty Policy is the executive responsible for BSA Examination policy and procedures.
(2) Director, Examination - Specialty Examination is the executive responsible for BSA examination operational compliance.
(3) Chief, BSA Examination is responsible for ensuring information about basic BSA examiner responsibilities and IRM sections is communicated to and carried out by BSA examiners.
(4) All examiners must perform their professional responsibilities in a way that supports the IRS Mission. This requires examiners to provide top quality service and to apply the law with integrity and fairness to all.
Program Management and Review
(1) Reports to monitor the current year’s work plan, as well as specific programs, are prepared and provided by Performance Planning & Analysis (PPA). These reports provide Headquarters and Field Examination with timely and reliable information. There are a variety of reports designed to meet the needs of the group or function. Reports used to monitor examination processes include:
Direct examination time
New examination starts
Examination closures
Average hours expended per case
No issue percentage
Closed case cycle time by workstream
Open case cycle time by workstream
Referrals to Examination
Referrals to Employment Tax
Referrals to CI
Number of surveyed cases
Workplan accomplishments
(2) Periodic program reviews are conducted to:
Assess the effectiveness of specific programs within Examination or across the organization,
Determine if procedures are being followed,
Validate policies and procedures, and
Identify and share best/proven practices.
Acronyms
(1) The following is a table of commonly used acronyms and their definitions:
Acronym | Definition |
---|---|
AML | Anti-Money Laundering |
BSA | Bank Secrecy Act |
CAS | Computer Audit Specialist |
CD | Compact Disc |
CI | IRS Criminal Investigation |
CMIR | Currency and Monetary Instrument Report |
CTR | Currency Transaction Report |
EIN | Employer Identification Number |
ECD | Estimated Completion Date |
ECS | Exam Case Selection |
FBAR | Report Foreign Bank and Financial Accounts |
FCQ | FinCEN Query |
FinCEN | Financial Crimes Enforcement Network |
GAGR | Gross Annual Gaming Revenue |
GMCM | Group Manager Concurrence Meeting |
HIDTA | High Intensity Drug Trafficking Areas |
HIFCA | High Intensity Financial Crime Area |
IDR | Information Document Request |
IDRS | Integrated Data Retrieval System |
ITG | Office of Indian Tribal Governments |
KYC | Know Your Customer |
LUQ | Large, unusual or questionable |
MCD | Mutual Commitment Date |
MOI | Memorandum of Interview |
MOU | Memorandum of Understanding |
MSB | Money Services Business |
NBFI | Non-Bank Financial Institution |
POS | Point of Sale |
PPA | Performance Planning & Analysis |
SAA | Survey After Assignment |
SAR | Suspicious Activity Report |
TEGE | Tax Exempt/Government Entities |
Terms
(1) The following table lists commonly used terms and associated definitions:
Term | Definition |
---|---|
Activity Record | The term "Activity Record", as used throughout this IRM, means Form 9984, Examining Officer’s Activity Record. |
CI | The term "CI", as used throughout this IRM, means IRS Criminal Investigation – the law enforcement arm of the IRS. |
Disclosure | The term "Disclosure", as used throughout this IRM, means IRC 6103, Confidentiality and Disclosure of Returns and Return Information. |
BSA ECS | The term "ECS" as used throughout this IRM means BSA Exam Case Selection. |
Examiner | The term "examiner", as used throughout this IRM, means BSA examiner. |
Examination | The term "examination", as used throughout this IRM, means a BSA examination. |
5104 Package | The term "5104 Package", as used throughout this IRM, means the complete Form 5104, Report of Apparent Violation of Financial Recordkeeping and Reporting Regulations, referral package. The package includes the actual Form 5104 narrative and all attachments. |
5104 Referral | The term Form "5104 Referral" as used throughout this IRM means the Form 5104. |
Financial Institution | The term "financial institution", as used throughout this IRM, means a financial institution for which IRS has been delegated examination authority and includes casinos, MSBs, and banks/credit unions without a Federal regulator. |
Smurfing | Smurfing is the practice of executing financial transactions such as buying money orders from multiple sellers in a specific amount and pattern, calculated to avoid triggering financial institutions to file reports required by law. |
Title 31 Database | The term "Title 31 Database", as used throughout this IRM, means the Title 31 Non-Bank Financial Institution database that houses the entire population of Title 31 entities identified as being subject to IRS jurisdiction. The database contains entity information and examination information. The database uses multiple tables in an SQL environment. |
Related Resources
(1) The following table contains related resources referenced in this IRM.
Resource | Title |
---|---|
https://organization.ds.irsnet.gov/sites/SbseSpec/BSA/SitePages/Home.aspx | BSA Exam SharePoint |
https://organization.ds.irsnet.gov/sites/SbseFraudBSA/BkSecAct/SitePages/Home.aspx | BSA Policy SharePoint |
FinCEN website | |
Specialist Referral System |
Overview
(1) The purpose of a BSA examination is to assess a financial institutions' compliance with the BSA by:
Using a risk-based approach.
Focusing on the Anti-Money Laundering (AML) program to determine if the procedures and internal controls are adequate to ensure BSA compliance.
Conducting risk-based transaction testing to confirm the AML program is implemented and effective.
Identifying areas of noncompliance, including trends, patterns, or schemes to evade filing, registration, or recordkeeping requirements.
Ensuring corrective actions are taken, including verifying the AML program is amended and provides effective policies, procedures, and internal controls when systemic deficiencies are identified.
(2) The examiner is responsible for:
Assisting the BSA coordinator by identifying financial institutions and forwarding the information to BSA ECS.
Examining financial institutions for BSA compliance.
Educating financial institutions about their BSA responsibilities when conducting an examination.
Recommending corrective actions based on the deficiencies identified.
Determining if civil or criminal referrals are warranted.
(3) FinCEN has delegated to IRS the authority to examine certain financial institutions for BSA compliance. The examiner is prohibited from accessing any tax or tax-related information when conducting the examination because of disclosure restrictions under IRC 6103, Confidentiality and Disclosure of Returns and Return Information. This prohibition includes accessing IRS databases to identify an address or EIN information.
Identification
(1) BSA ECS is responsible for the identification of financial institutions subject to the registration, reporting, recordkeeping, and Anti-Money Laundering program requirements under the BSA. The examiner is responsible for assisting in the identification of financial institutions.
(2) The BSA examiner may use the following sources for NBFI identification:
Field contacts.
Physical observation.
Neighborhood publications.
Trade or business associations.
(3) The examiner should continually look for new financial institutions, when in the field. Financial institutions often advertise their financial services with visible signage; hence, the examiner should be aware of their surroundings.
(4) The examiner is required to ask about the identity of local competitors during each interview. A financial institutions’ employees often know the identity of their local competitors. This is especially true if the financial institution turns high risk customers away.
(5) The examiner will complete the BSA Potential New Entity(s) - Title 31 form for all new entities not on the Title 31 database. The BSA group manager will forward the form to both BSA ECS Coordinators.
Notification After Identification
(1) Letter 1052, Bank Secrecy Act Requirements Notification Letter, is issued by BSA ECS to newly identified entities. A copy of Letter 1052 is retained in the case file. Letter 1052 advises a business providing financial services that they may be a "financial institution" subject to the Bank Secrecy Act (BSA) and may have to:
Develop, implement, and maintain an Anti-Money Laundering program.
Register as a "Money Service Business" with FinCEN.
Obtain, record and maintain records of certain financial transactions.
File reports of currency transactions in excess of $10,000.
File Suspicious Activity Reports.
(2) The Office of Indian Tribal Governments (ITG) and BSA Exam share responsibility for BSA notification and education activities relating to entities that are owned by Indian Tribal Governments. ITG will issue the Letter 1052 to an entity subject to the BSA requirements as soon as identified. ITG will notify BSA ECS and BSA Policy via an e-mail message that includes a copy of the Letter 1052. ITG’s BSA Liaison will maintain a copy of the Letter 1052 in their files.
Education
(1) The examiner is responsible for ensuring the financial institution has knowledge of the reporting, registration, recordkeeping, and Anti-Money Laundering program requirements of the Bank Secrecy Act.
Educational Outreach Requests
(1) All requests for educational outreach to groups or large audiences must be forwarded through the group manager to their senior management level. All educational outreach request must be pre-approved prior to being conducted.
(2) All requests must follow the SB/SE Travel and Event Approval Guidelines found on the BSA SharePoint.
Education During a BSA Examination
(1) Education is an ongoing process and an integral part of each Bank Secrecy Act (BSA) examination.
(2) The initial interview must include acquiring, from those responsible for BSA compliance, their knowledge of the:
Reporting, recordkeeping, and Anti-Money Laundering program requirements applicable to the financial institution.
Requirement to electronically file reports through FinCEN’s BSA E-Filing system.
Requirements for filing timely, accurate, and complete reports and the proper completion of a Suspicious Activity Report (SAR) narrative. The link to FinCEN’s Suspicious Activity Report narrative guidance package, https://www.fincen.gov/resources/statutes-regulations/guidance/sar-narrative-guidance-package, should be provided if deficiencies in the quality of the SAR narratives is an issue.
MSB Registration requirements, if applicable.
Requirement to identify and report suspicious activity.
Obligations and responsibilities in combating money laundering.
Prohibition on the structuring of transactions to circumvent any BSA requirement.
Potential civil and criminal penalties.
(3) The examiner will document in workpapers the specific information provided to the financial institution and its level of knowledge at the time of the examination.
(4) The examiner must verify and document that the financial institution received the Letter 1052.
(5) Letter 1052 only needs to be issued once to an institution.
If | Then |
---|---|
Copy of the letter in the file | Confirm receipt with the financial institution and note in the Activity Record. |
Copy is not found in the current file | Search the historical files. If found, confirm receipt with the institution and note in the Activity Record. Note: ITG’s BSA Liaison retains copies of issued Letter 1052. Examiners should reach out to ITG to secure a copy if needed. |
No copy can be found | Ask the financial institution if it received the letter. If the institution has the letter, the examiner will place a copy in the file and note it in the Activity Record. |
No letter was received | Issue the letter and annotate in the Activity Record the date the letter was issued and to whom issued. A copy of the letter will be retained in the file. |
(6) The examiner must notify their group manager if they determine the financial institution has changed ownership or legal status. The group manager will contact their BSA ECS Title 31 Coordinator to establish the replacement case file and request CI clearance. The examiner must discontinue contact with the financial institution until the new entity is established on the Title 31 database. The original case will be closed as a survey after assignment, no longer in business (Survey Reason Code "101") Time charged to the original case should be minimal. See IRM 4.26.6.5.1.
Risk-Based BSA Examination Overview
(1) Risk analysis is used at various stages in the examination, including evaluating the Anti-Money Laundering (AML) program, and the expanding or contracting of the scope and depth of an examination.
(2) The emphasis is on the financial institution’s risk profile and whether their AML program addresses these risks adequately and protects the financial institution from being used to launder money or facilitate terrorist financing. Risk-based transaction testing determines if the AML program is effective, implemented, and internal controls are appropriate to consistently ensure compliance with the BSA.
(3) Reporting, registration, and recordkeeping violations discovered during the examination must be discussed with the financial institution and documented on Letter 1112, Title 31 Violation Notification Letter.
Note: The examiner is limited to citing only violations of the BSA regulations and law. FinCEN issues interpretive guidance intended to clarify issues or respond to questions of general applicability that arise under the regulations; however, the examiner cannot cite the financial institution for failure to follow FinCEN’s guidance. If the financial institution fails to adopt policies, procedures and internal controls without considering this guidance and this increases their risk, a violation for failure to have an effective AML program may result.
(4) Recommendations to improve the AML program or its implementation are included on Form 13726, Summary of Examination Findings and Recommendations. The financial institution agrees to the recommendations and to correct their AML program, reporting and recordkeeping violations by signing the Form 13727, Acceptance Statement. Both forms are part of the Letter 1112 package.
(5) The examiner will refer serious or repeated BSA violations, meeting referral criteria, to FinCEN or CI for penalties or other enforcement action consideration.
(6) The examiner must always be alert to potential money laundering and terrorist financing schemes.
Pre-Plan
(1) A quality examination begins with a thorough pre-plan. The scope and depth of the Bank Secrecy Act (BSA) examination will depend upon the facts and circumstances in each case.
(2) The examiner must review the case file to ensure the following case-built documents are enclosed. If any of these documents are missing from the file, the examiner must notify the group manager.
Title 31 Case Classification Sheet - This document is prepared by the BSA ECS Title 31 Coordinator and indicates the reason the case was selected for examination. The examiner should look for a note in "Additional Reasons for Selection" for results of previous examinations, if any.
Title 31 Case Grading Sheet – This document identifies the types of financial services provided, the organizational structure, and other criteria used to determine the grade of examiner the case should be assigned.
Form 9984, Examining Officer’s Activity Record, will indicate when CI clearance was obtained and Letter 1052, Bank Secrecy Act Requirements Notification Letter, issued. The examiner must ensure the CI clearance date is within six months of first contact. The examiner documents their verification by initialing the date on the Activity Record.
Note: BSA ECS re-clears entities with CI monthly.
Note: See IRM 4.26.6.4.2 for examiner responsibilities relating to Letter 1052.
(3) Research FinCEN Query (FCQ) to verify the financial institution has filed reports. The filing of reports demonstrates the financial institution has knowledge of the BSA requirements. To ensure you locate all filings it is important to search for filings under multiple criteria. At a minimum, research using the financial institution’s EIN, legal name and doing business as (dba) name and owner’s names(s). Using multiple searches helps ensure you identify filings with incorrect data.
(4) Currency Transaction Reports (CTRs) and Suspicious Activity Reports (SARs) should be downloaded and reviewed for obvious incomplete and omitted data, common types of transactions are not being filed on, or SAR filings are for short periods of time rather than filing with an underlying pattern of activity. The data download will be in Excel spreadsheet format and will be the primary document used in the analysis of timeliness, completeness and accuracy. Any omission of transactions which are common to the financial institution could be a potential issue with the financial institution’s procedures for identifying cash transactions or suspicious activity. Incorporate potential issues into the exam plan.
(5) The analysis of downloaded BSA filings should identify:
The financial institution’s filing history,
Cash transactions between the financial institution and a bank or other financial institutions,
BSA reports filed "by", "on", or "on behalf of" the financial institution and/or officers,
Any incomplete or inaccurate documents filed, lack of filings, timeliness of filings, and any unusual or questionable transactions,
Note: There is no need to print all documents reviewed. The FCQ summary pages can be downloaded into an Excel file which can be used to document violations such as late filed or inaccurate information. The examiner can "insert two columns" next to the "Date Filed" column, one for the "Due Date" and one for the "Number of Days Late". For each document that was filed late, the examiner would enter the correct information directly into the spreadsheet. Only those documents which identify LUQ transactions need to be printed and cross-referenced in the case file.
Bank account information,
Note: Review SARs filed by the entity for complete narratives. Refer to the SAR Narrative Guidance Package found on FinCEN’s website at https://www.fincen.gov/. If the financial institution filed SARs, a mandatory comment must be made regarding the adequacy of the narrative in the pre-plan workpapers. See IRM 4.26.14, Disclosure, for protection of SAR information and workpapers. Remember that SARs not filed by the financial institution under examination cannot be revealed to or discussed with such financial institution. This includes discussing a transaction only identified through a SAR.
SAR filings and the patterns which the financial institution is reporting and transactions which should be reported and are not,
MSB Registration information. If the entity is an MSB headquarters, follow headquarters examination procedures.
(6) Although not considered late filed CTRs, any amended and back-filed CTRs may provide you with information on areas of risk. Therefore, you need to determine the cause of amended or back-filed CTRs and whether the financial institution’s policies and procedures were inadequate. It is also important to determine if the financial institution amended their procedures to correct any deficiencies which caused subsequent amended or back-filed CTRs.
(7) Additional pre-plan steps:
The examiner must identify the ownership of the entity and ensure the information reconciles to the case controls. Examiner should review all available information to ensure the Title 31 Database entity information is correct. Any changes in ownership, legal structure, including TIN or address will require steps to update the Title 31 Database. Changes in the entities legal structure, including TIN, will require CI clearance for new entity. This would require the examiner to follow the survey/replacement case procedures. See IRM 4.26.6.5.1.
Review the historical administrative file, if available. The examiner should especially note employee knowledge of the BSA and areas of noncompliance, as well as review any reports, letters, referrals, or any corrective action documented within the file.
Review state and local laws and regulations pertaining to financial institutions. Determine if they require any records which would be useful to determine compliance with the BSA examination.
Research the internet, information available from the appropriate state agencies, UCC filings, Accurint, and other similar sources of information, for any available information on the financial institution.
Review IRM 4.26.9, Examination Techniques for BSA Industries, for the industry under examination.
Prepare initial interview notes. Use Lead Sheet #205, Initial Interview Questions and Notes - Title 31.
Note: To request a closed case file contact the Detroit Enterprise Computing Center via secured email with the following information, Type of Case, Control Number/Return ID, Business Name and/or dba Name, Employer Identification Number, Address, City, State, Zip, Closed Date (if known), and Requester Name, Address, and Phone Number.
Note: If the financial institution provides services other than as an agent, the state may have conducted an examination. The group manager should contact the BSA Policy Senior Program Analyst responsible for Fed-State agreements to secure results of any state examination.
(8) The examiner should use Lead Sheet #110, Pre-Plan Analysis, to document the steps taken during pre-planning.
(9) The examiner is prohibited from using any IDRS or other Title 26 information in pre-planning or while conducting a BSA examination. This includes address or EIN verification.
(10) Surveying a case after assignment:
The examiner may close a case "Survey After Assignment (SAA)" after consideration of the case and all available information, including failed attempts to contact the entity or representatives.
Example: The examiner determines the entity is low risk for violations without contact with the entity or their representative.
Example: An entity does not make contact after the initial contact letter is sent, no returned phone/ calls or an out of service number, or a drive-by of the location reveals the entity is no longer in business.
The examiner has not reviewed records of the entity; however, the examiner has made the determination, such as during the initial contact or initial interview, that the entity is not a casino, by definition of the law, or a MSB. Documents, such as a casino license, agency cancellation document, or sales agreement to support their statement that the business is no longer subject to the BSA would need to be obtained and reviewed. If after review of the entity’s documents, it is determined the entity is not a casino or MSB then refer to procedures in IRM 4.26.6.5.3.9. Time charged to the case should be minimal.
The case cannot be closed SAA if records, such as bank statements, are reviewed. The case should be closed as "Not an MSB" and the Letter 4029, Bank Secrecy Act No Change Letter, will not be issued. See IRM 4.26.6.5.3.1 for examination procedures on "Not an MSB".
(11) Survey/replacement case procedures:
The Title 31 Field Interface restricts the field from changing the TIN or Legal name if a TIN is already present on the database.
If a group has information to substantiate that the TIN or Legal name is incorrect, the group manager is to contact the BSA ECS Coordinator to discuss the facts of the case, determine if the TIN has changed, help determine if the reasons to change the TIN or Legal name are correct, and to ensure that a new entity is not being created simply by changing the TIN on an existing entity.
The BSA ECS Coordinators may need to conduct additional research to verify the accuracy of the information before determining if a change should be made to the database.
Once all agree that the correction to the TIN or Legal Name field is valid, the group manager will email the new entity form to their ECS BSA Title 31 Coordinator and request the change.
Note: The field is not to remove the BSA ECS case building documents, Form 9984, BSA ECS Check List, Case grading sheet, Classification Sheet, FinCEN Query, and/or Form 1052 that were included in the case file. This process should help to ensure that changes made to the database do not cause a legal entity that is now out of business to disappear from the database by overwriting the TIN and legal name. We need to retain a historical record of all entities.
Scope and Depth
(1) Examination scope refers to the range of activities and the time period subject to examination. Examination depth refers to the extent of review of documents and transaction testing needed for the examiner to have confidence in the examination findings.
(2) The scope and depth of the examination should be sufficient to assure the examiner that the financial institution:
Is subject to the Bank Secrecy Act (BSA),
Has a written Anti-Money Laundering (AML) program that meets statutory and regulatory requirements,
Is implementing a written AML program that meets the statutory and regulatory requirements and that would identify structured transactions, trends and patterns of structuring, and other suspicious activities, and
Follows all other applicable BSA recordkeeping and reporting requirements.
(3) The scope and depth of each examination will:
Depend on the facts and circumstances in each case.
Be documented in the examination file.
Emphasize a top-down examination process by first evaluating the financial institution's AML program. Determine if the procedures and internal controls in place for the computer and manual systems are reasonable to ensure compliance with BSA.
Vary depending upon whether this is an examination of a principal headquarters or which offers services only as an agent of a principal, branch or agent. The scope and depth of an agent examination also changes if they offer services from multiple principals, such as an agent who offers four or five wire services.
(4) The purpose of an examination is to determine the financial institution’s current rate of compliance with all BSA requirements. The general rule is that the initial scope of an examination is the most current six-month period. With a large principal remitter, the scope of the examination may be limited to a one-month period because the volume of transactions is so large their compliance with the BSA can be determined with a smaller scope period. With a medium sized principal remitter, the scope of the examination may be limited to a three-month period based on the volume of their transactions. The scope of the examination must be adequate to ensure the volume and type of transactions being conducted, and which require a record or report to be made, are being identified and correctly reported.
(5) The selected period may include high volume periods, or a period related to certain known events. When selecting the period, consider that peak business activity periods may vary for the different types of financial services offered which may result in different periods selected for each service.
(6) The initial transaction testing period is the most current three months unless LUQ items are identified. The examiner may need to expand to the full six-month scope period if significant BSA program deficiencies are discovered or systemic failures to implement the program have led to failures to report and record transactions. Reviewing transactions for the full six-month scope period does not require the examiner to complete Lead Sheet #120, Request to Expand Scope/Depth.
(7) The transaction testing period could be limited to the three months examined without further selective transaction-based testing of the full six-months if, after examining three months of records, it is determined that the financial institution has adequate internal controls, independent testing, designated personnel, and training to ensure BSA compliance. The examination should be closed if no serious violations or anomalies were detected during this period. The examination period should be expanded if the financial institution lacks an adequate AML program, or the examiner detects problems during the three to six-month review period.
Example: An entity did not have a policy for ensuring CTRs are filed when the compliance officer was on vacation, resulting in CTRs not being filed for those dates. The examiner would limit the transaction testing for the remaining six-months to those dates the compliance officer was not working.
Example: A check casher filed all required CTRs on customer transactions; however, they failed to file CTRs when they conducted wholesale transactions with other check cashers. The examiner would limit the transaction testing for the remaining six-months to those dates where they conducted wholesale transactions with other MSBs.
(8) The examiner should compare the potential benefits to be derived from expanding the scope and depth of an examination to the resources required to perform the examination, and the potential outcome generated from expanding/contracting the scope.
Reminder: The examiner should not expand the initial scope unless potential violations would improve compliance or change the conclusion of the examination. Will expanding the scope of the examination result in a referral to FinCEN for a potential civil monetary penalty or a criminal referral to IRS CI? Expanding the scope must be approved by the group manager prior to requesting additional records. The examiner must complete Lead Sheet #120, Request to Expand Scope/Depth, for the group manager’s approval.
(9) If the financial institution has been previously examined and only minor deficiencies were noted, a more limited scope examination should be considered. The scope of the transaction testing may be limited to those types of transactions where violations were previously cited.
(10) Factors to consider in determining the appropriate scope of the examination include:
Whether the entity’s risk assessment adequately addresses the risks and policies, procedures and internal controls in place to mitigate risks.
Whether records are electronic. Electronic records would allow the examiner to review the entire period as efficiently as examining three months. For example, six months of wire transfer data.
Whether the IRS previously conducted a BSA examination.
Whether a prior examination revealed significant AML program deficiencies, or recordkeeping or reporting deficiencies.
Whether there are any outstanding orders or agreements between FinCEN and the institution.
Whether any civil penalties have been assessed against the institution in the last three years.
Whether there have been significant increases or decreases in the levels of BSA reports filed in the last 12 months.
Whether FCQ reflects currency transactions inconsistent with the nature of financial services offered.
Whether FCQ indicates large currency transactions with respect to the financial institution, but few CTRs filed by the financial institution.
Whether the IRS or FinCEN have received tips from law enforcement or state, local, or tribal regulatory agencies about the financial institution.
Whether the financial institution is referenced in SARs filed by other financial institutions.
Whether the financial institution is located within a HIDTA or HIFCA.
Whether a relatively small number of CTRs were filed in comparison with the casino’s gross annual gaming revenue.
Whether FCQ filings by the entity are inconsistent with the nature of the services provided. For example, an examination of a headquarters that sends wire transfers to a high-risk country and no SARs have been filed.
(11) As examiners identify potential recordkeeping or reporting violations, additional steps must be taken to document the transactions and establish that the financial institution had both knowledge of the transaction and knowledge of the reporting requirements. This includes determining which employee conducted the transaction and interviewing that person. Interviewing those responsible for approving or reviewing transactions provides an indication of whether internal controls are adequate and implemented.
(12) Only apparent violations, which have been detected during the time period of the examination, are considered for inclusion on a Letter 1112 or Form 5104, Report of Apparent Violation of Financial Recordkeeping and Reporting Regulations. At no time, should the BSA examiner include any apparent violations that have possibly occurred in time periods outside the scope of the examination without expanding the scope. The examiner must secure source documents, such as, copies of cleared money orders and canceled checks, to support the violations. If the financial institution states customers may buy money orders with their payroll check or credit card, additional audit steps need to be taken to determine if the sale was actually "cash" prior to citing a violation.
(13) The depth of the examination includes those transactions that may reasonably give rise to a BSA reporting, registration, recordkeeping, or AML program requirement.
Reminder: It is not intended that the examiner examine every transaction for the current three to six-month period. Risk-based transaction-based testing should be completed. The examiner should look at transactions which have the higher risk for a potential BSA requirement that have not been met. For example, what is the risk for reviewing check cashing transactions below $1,000 or wire remittances well below common family to family remittance amounts?
(14) Statistical sampling, while helpful for evaluating the internal controls of the financial institutions with respect to BSA compliance, may not be effective if there are too few transactions to make the sample meaningful. However, in examinations of the largest financial services institutions, statistical sampling can be a useful technique when used in conjunction with examinations of all transactions of a defined dollar threshold and time frame.
(15) If a financial institution has several branches or locations and potential violations are identified at one, the examiner should consult with their group manager to consider conducting an examination of the headquarters. The group manager will forward an e-mail to the BSA technical advisor responsible for headquarters examinations stating why the AML program is considered deficient, an overview of all violations and why they occurred, and a statement as to why a headquarters examination should be considered.
Risk Assessment
(1) The examiner must prepare a preliminary risk assessment based upon information available during the pre-plan. This should include:
Geographical location of where they operate in the United States and any foreign countries
Types of products and services
Customer profile
Employees
State or other government laws and regulations
Agency agreements
(2) After initial contact, the examiner must also evaluate:
The financial institution’s risk assessment, if any.
Note: Entities are not required by regulation to create a written risk assessment; however, management is encouraged to document its risk assessment in writing to provide a clear basis for their policies, procedures, and internal controls; however, no violation may be cited for failing to create a written risk assessment.
The financial institution’s Anti-Money Laundering (AML) program for adequacy and effectiveness. The examiner must determine if the AML program is reasonably designed to ensure compliance with the BSA. When evaluating the computer and other systems the examiner should determine whether the entity has integrated these systems into their policies, procedures, and internal controls. The examiner must determine if deficiencies in these systems place the entity at risk.
(3) The examiner will use Lead Sheet #140, AML Compliance Program Lead Sheet - Title 31, to document both the risk assessment and the review of the AML Program.
(4) The written risk assessment prepared by the examiner or the financial institution’s written assessment that has been updated during the examination will be provided to the financial institution. The risk assessment must have the following disclaimer: This assessment of the risk of noncompliance by (name of financial institution) with Bank Secrecy Act requirements is based on facts presented to the IRS by this financial institution at the time (enter BSA examination period) review.
(5) There is no standard format for preparing a risk assessment; however, the assessment should include each category of risk for each financial service provided. Sample risk assessments are located on the BSA SharePoint.
Evaluation of AML Program
(1) Each financial institution must develop and implement a written Anti-Money Laundering (AML) program reasonably designed to assure compliance with the Title 31 regulations.
(2) An analysis of the financial institution’s AML program should include a review of the policies, procedures, and internal controls established and implemented to comply with the Bank Secrecy Act (BSA) registration, reporting, and recordkeeping requirements.
(3) The analysis of the written AML program should ensure that it:
Is written and is available for examination.
Designates a Compliance Officer.
Provides for training of appropriate employees.
Provides for testing and evaluation for effectiveness by persons independent of the compliance officer.
Establishes and implements policies, procedures, techniques, and systems to prevent money laundering or the support of other criminal activity, including terrorist activity.
Establishes and implements policies and procedures to detect suspicious activity.
Note: Does the program provide for making the initial identification of the unusual activity, conducting research to identify prior transactions of those identified in the activity, identify any underlying pattern of suspicious activity, and then make a risk-based decision on whether a SAR is required/not required/customer monitored? Does the program provide for adequate personnel to implement an effective program?
Is reasonable and appropriate for the business and is commensurate with the risks posed by the locations, size, and the nature and volume of the financial services provided by the business.
Provides for verifying customer identification, filing required reports, creating and retaining records, and responding to law enforcement.
(4) After analyzing the policies, procedures, and internal controls, the examiner should:
Determine whether the program has been adequately implemented. The examiner tests for implementation by identifying transactions which have a reporting or recordkeeping requirement and then following these transactions through the established procedures to ensure the procedures were followed.
Example: The money transmitter has a policy to secure a source of funds and a business purpose for the transaction from a customer who conducts a transaction greater than $9,000. The examiner must select a sample of transactions greater than $9,000 and verify that the source of funds has been retained and a business purpose was secured. The examiner must determine if these documents are adequate per their policies and are reasonable.
Example: The review of wire remittances has identified a pattern of unusual activity. The examiner presents the transactions to the remitter. The examiner must determine if the pattern of activity was initially identified, was research conducted on both the sender and beneficiary to identify any prior transactions, and then based on all facts, a reasonable decision was made to file or not file a SAR.
Determine whether there has been a systemic breakdown of internal controls or a lack of adherence to policies and procedures to assure compliance.
Example: In the examples above, identifying transactions where procedures were not followed may indicate a lack of adherence to the program or a deficiency in the AML program’s procedures and internal controls.
Determine whether the financial institution was aware of any problems in its AML program, and whether it took corrective action;
Assess whether any breakdowns in the program could place the financial institution at increased risk of being used by customers who are trying to launder money or commit other types of financial crimes.
Example: In the first example if source of funds or business purpose was not noted, the financial institution could be at increased risk for money laundering or terrorist financing.
Example: In the second example, if the financial institution did not even make the initial identification of the activity, they could be at increased risk for money laundering or terrorist financing.
Review any updates to the policies, procedures, and internal controls, which were put in effect after the period being examined, but before the examination was concluded.
Identify any weaknesses or deficiencies in the program that could or did result in failures to correctly file required CTRs, file SARs without reporting the underlying pattern of suspicious activity, other required reports, and/or failure to comply with the BSA recordkeeping and record retention requirements.
Require the financial institution to prepare or amend the AML program to correct the deficiencies. This will normally occur in conjunction with issuing the Letter 1112 at case closing. The financial institution should be required to submit an amended AML program when the signed letter is returned.
Developing the Examination Plan
(1) The examiner will create lead sheets and workpapers tailored to the examination.
(2) Initial examination steps will be determined by the risk assessment. The examination plan must include exam steps for each requirement within the financial institution’s Anti-Money Laundering (AML) program, along with all requirements of the Bank Secrecy Act (BSA). For example, if the AML program requires they secure identification on a wire transmittal at $1,000, the examiner must include an examination step to test transactions at $1,000 and above for valid identification.
(3) The examiner should determine whether the financial institution’s records are prepared or processed through a computer system prior to developing the audit plan. Computer-assisted auditing techniques identify and aggregate currency transactions with greater precision and overall efficiency. The examiner must discuss with their group manager the need for a Computer Audit Specialist when conducting a headquarters’ examination.
(4) The examination plan will include procedures for evaluating the financial institution’s AML program including its policies, procedures, and internal controls related to compliance. The analysis should be directed to identifying potential weaknesses and deficiencies that may exist in the AML program that could result in failures to properly file required forms and maintain required records. It is critical that the examiner analyze the systems, including the filters within the systems, to make the initial identification of unusual activity which may warrant a SAR.
Example: The examiner is evaluating a principal remitter’s suspicious activity review program. The procedures require all transactions at $1,500 and above to be ran against automated filters to make the initial identification of unusual activity. The examiner identifies the high dollar threshold as a potential weakness in their program as the $1,500 threshold is considerably higher than normal family to family remittances.
Example: The examiner is evaluating the automated filters that make the initial identification of unusual activity on their wire remittances. The examiner identifies that the remitter has a filter to identify a customer sending to multiple beneficiaries; however, it lacks a filter to identify a beneficiary who receives from multiple customers.
(5) The examination plan should also have procedures that will identify employees or customers who may be structuring transactions to circumvent the BSA reporting and recordkeeping requirements.
(6) The examination plan must include procedures to evaluate "if" and "how" a headquarters identifies their high-risk branches and agents. The examiner must determine if:
All risk factors have been considered when making the risk profile on each agent and branch.
Note: The risk factor should take into consideration those agents and branches who conduct a higher volume of transactions which are inconsistent with family to family remittances and who transmit to countries that are higher risk for money laundering or the financing of terrorism.
Procedures are in place to conduct enhanced monitoring of their transactions.
Procedures provide for additional training.
Procedures to terminate their relationship with agents whose risk continues to be too high.
(7) Each headquarters’ examination must include examining a sample of agents and branches to determine if the headquarters provides adequate training and monitoring. The examiner should start with the headquarters’ agent/branch risk assessment and enhance their profile for any deficiencies to identify the high-risk agents/branches. High-risk agents/branches, along with a valid statistical sample of the remaining agents/branches, are examined concurrently with the headquarters’ examination. Risk-based analysis should also include analyzing discontinued or denied agents/branches.
(8) The examiner will document the examination plan on Lead Sheet #110, Pre-Plan Analysis - Title 31.
Initial Contact
(1) The "initial contact" is the first contact with the financial institution. All initial contacts must be made by mail using approved form letters.
(2) The purpose of the initial contact is to:
Notify the financial institution they have been selected for a Bank Secrecy Act (BSA) examination, and
Schedule the initial appointment.
(3) Examiners must document any contact or efforts to contact the financial institution on Form 9984, Examining Officer’s Activity Record.
(4) When returning telephone calls, examiners must not attempt contacts before 8:00 a.m. or after 9:00 p.m. (entity’s time zone). This policy is consistent with the procedures followed by Collection employees related to collection activities as required by IRC 6304, Fair tax collection practices. See IRM 5.1.10.6.1, Contacting Financial institutions.
Note: Generally, contacts should be made during the normal business hours of 8:00 a.m. to 6:00 p.m. (entity’s time zone).
(5) Examiners should mail the initial contact letter to the financial institutions’ last known address. Examiners should exercise due diligence to find and use the financial institutions' known address. Potential sources include any current:
MSB Registration form.
CTRs filed by or on the financial institution.
Suspicious Activity Reports (SARs) filed by the financial institution under examination. Note that an address identified in a SAR filed by a financial institution other than the financial institution under examination cannot be used as it could potentially disclose the existence of the SAR.
(6) Examiners must use approved form letters to schedule and confirm examination appointments.
Letter 3494, Bank Secrecy Act (Title 31) Casino Appointment Letter
Letter 4155, Bank Secrecy Act Insurance Appointment Letter
Letter 4313, Bank Secrecy Act Money Services Business Examination Appointment
Letter 4479, Appointment Letter PMSJ Dealers (Precious Metals, Stones, Jewels)
Letter 5946, Initial Title 31 Contact for Large Companies
Note: The use of the Letter 5946 should be used to initiate examinations of Credit Unions, Headquarters, MSB Principals, Insurance companies, or any other large case.
(7) Once the initial contact letter is sent, and the examiner does not receive confirmation within 14 calendar days, contact the compliance officer, general manager or tribal chairperson by phone to confirm receipt of the letter. The initial contact letter can be sent by registered mail. Once proof of receipt has been received, the examiner can phone the financial institution. During the initial conversation, the examiner will need to determine the contact person for future interactions. Generally, after the initial contact the examiner will be working with BSA compliance personnel.
(8) The initial interview, or the requirement to provide records prior to the initial interview, should be set after 30 days from the date the appointment letter is made available. Examiners need to give the financial institution adequate time to secure requested records.
(9) The examiner should confirm the appointment a day or two prior to the scheduled appointment date to ensure the financial institution is prepared for the appointment. This will reduce the potential lost time traveling to an appointment when the financial institution is not prepared for the examination or may not be available.
(10) The examiner must document the initial conversation with the financial institution on Lead Sheet #130, Initial Title 31 Entity Contact Check Sheet. The lead sheet will assist the examiner in conducting the initial conversation with the financial institution.
(11) The examiner must inquire as to any computer records and systems available. The examiner must inquire as to any point of sale system which can identify financial transactions and the availability of securing a download of the transactions.
(12) The examiner will request the appropriate records on a Form 4564 (IDR) and submit this form to the financial institution at the time the initial appointment is scheduled. The IDR is sent with the appointment letter. The IDR and /or issues may be discussed with the financial institution during the initial contact call. During the discussion, the examiner will explain to the financial institution that the examination will be facilitated by having the information and documentation organized before the initial interview. Examples of IDRs for each type of NBFI are included in IRM 4.26.9, Examination Techniques for Bank Secrecy Act Industries. The IDRs are examples that must be expanded or contracted as the facts and circumstances of each examination warrant.
(13) The IDR is used to document all requested information and documents needed to support items being examined. The IDR lists the specific records, information, and documents the financial institution should have available at the initial interview. Examiners should always carefully consider what data is necessary. Requests should be specific and should avoid requesting more information than is essential to verify their compliance with the BSA.
(14) In some instances, especially headquarters’ examination, it may be beneficial to have specific records be made available prior to the initial interview appointment. When setting the date for the records to be provided, the examiner needs to make sure their schedule allows them time to review the records prior to the initial interviews.
(15) The examiner must discuss with the financial institution the need for a download of computer records for all financial transactions be made available at the initial appointment. Requesting these computer records prior to starting the examination will avoid delays and give the financial institution time to secure computer records from their principal, if required.
(16) BSA managers are required to utilize the Specialist Referral System prior to initiating any BSA examination activity on entities owned by Indian Tribal Governments. The Office of Indian Tribal Governments (ITG) manager will assist examiners in addressing proper protocol for contacting (appointment letter addressee), interacting and executing agreements (Letter 1112 addressee) with tribal government officials and representatives. ITG field personnel, with BSA staff agreement, may assist BSA examiners. The type of assistance may include contacting the appropriate tribal representative regarding any pending actions and accompanying the examiner on visits to the tribe. ITG field personnel will not participate in the actual examination unless requested to do so by the examiner.
Note: The Office of Indian Tribal Governments has jurisdiction over tribal owned entities only. All potential BSA matters relating to individuals on or near Indian lands, or businesses not wholly owned by Tribal governments, remain within the sole jurisdiction of the Director, BSA. However, group managers will notify the applicable ITG manager in advance of any contact involving a non-tribal entity known to be located on an Indian reservation or on tribal lands. ITG will provide input regarding any potential political or security issues. ITG may assist in facilitating any resolution of issues upon request of the group manager.
(17) The Activity Record is used to record all contacts with the financial institution and any other case activity. The BSA examiner must document what was discussed with specific personnel and the dates of those discussions.
Examination Process
(1) Examiners will follow the examination steps in Lead Sheet #105, Administrative Plan to Close.
(2) Examination techniques for specific BSA industries are found in IRM 4.26.9, Examination Techniques for Bank Secrecy Act Industries.
(3) The examiner is required to make a final assessment on the internal controls of the financial institution, "Is the AML program adequate to ensure compliance with the BSA requirements?". The assessment is documented on Lead Sheet #140, AML Compliance Program - Title 31. This lead sheet is mandatory and requires a conclusion.
BSA Examination Techniques
(1) The examiner must first determine if the entity is subject to BSA requirements. This is the first exam step listed on the Issue Specific Lead Sheet. Each specific step taken to make this determination must be documented in workpapers and cross-referenced to the Issue Specific Lead Sheet.
(2) The BSA defines a financial institution as a:
Casino - If it is duly licensed or authorized as a casino or card club in the United States (U.S.) and has more than $1,000,000 in gross annual gaming revenue (GAGR).
MSB - If it meets the definition of an MSB for each financial service or product offered.
(3) Once records are reviewed to determine if the entity is subject to the BSA requirements, the case can no longer be closed as a "Survey After Assignment (SAA)". The case will be closed as a "no-issue" case and Letter 4029 will not be sent to the entity. See IRM 4.26.6.5.3.9 for closing procedures.
(4) One of the first exam steps should be to review any BSA independent reviews conducted internally or by an external independent reviewer. The analysis should not be limited to the most current independent review. A financial institution’s failure to take corrective action on deficiencies identified during prior independent reviews may indicate a systemic breakdown in their AML program and consequently BSA violations. Best practice would have the financial institution identifying the corrective action on each deficiency, documenting the person responsible for the corrective action and the estimated time frame to bring their program into compliance. The examiner needs to determine if the financial institution has a plan to correct the deficiency.
(5) Examination techniques will vary significantly depending upon the type of records maintained. It is common to have both computerized and manual records based upon the type of financial service provided. For instance, an MSB may have computerized records for wire transmissions and manual records for check cashing.
(6) The examiner should determine whether it is appropriate to request electronic downloads based on the records available at the financial institution. Third party downloads should not be requested for entities that have a sufficient POS system or have other records to make proper BSA compliance determinations. A money order seller that maintains closeout reports is an example where the electronic record may not be needed. A POS system that identifies a customer’s purchase of multiple financial services as one unique transaction may help identify suspicious activity more efficiently than reviewing the downloads of each financial service.
(7) The examiner must question the financial institution to determine if the computerized systems generate any type of reports that can be used to identify recordkeeping requirements or reportable transactions. The provider’s computerized systems may generate reports used to ensure their agents’ compliance.
(8) If a financial institution issues customer cards or account numbers and these records are used to ensure BSA records and reports are made, examiners must determine if the financial institution has procedures in place to detect customers with multiple cards or account numbers. In addition, if the information associated with these cards or account numbers is used to file BSA reports, determine whether the financial institution has procedures in place to periodically review this data and update the information when outdated, such as the form of identification when expired or a change in address.
(9) Examiners will sort the data to identify transactions which require a record to be made and retained or a report filed. These transactions must be compared to filed reports to identify any errors on the filed reports, such as incorrect dollar amounts, failure to aggregate all transactions on a filed report, or customer information on the electronic record that was omitted on the filed report.
Example: Examiners must review a sample of filed CTRs to determine if the transaction dates reflected are correct. A financial institution employee may input an incorrect transaction date to make the CTR filing appear to be timely. If the examiner identifies multiple transaction date input errors, this could be an indication that the financial institution is purposely filing reports with incorrect information to avoid late filings. This type of error could be an indication that the examiner cannot rely on reports provided and therefore, the examiner may need to verify all data. It also could indicate a pattern or willingness of the financial institution employees to hide or alter records to avoid suspicious activity detection and reporting.
(10) The analysis of the electronic records must also look for potentially structured transactions. Basic sorts for requirements of the BSA include:
Currency Transaction Reporting. Single transactions, with fee, where the total amount is greater than $10,000 and aggregated transactions where a customer conducted multiple transactions during one business day where the amount, plus fee, is greater than $10,000.
Reporting requirements applies to both the "sender" and "beneficiary".
Suspicious Activity Reporting.
Recordkeeping Requirement.
(11) If computerized records are available for some transactions but not for others, a combination of manual and computer examination techniques should be used.
Example: For an MSB that cashes checks and sells money orders, the examiner must ensure that money orders purchased, as part of the proceeds of a check cashed greater than $10,000, did not reduce the currency to $10,000 or less, below the threshold for filing a CTR.
(12) Where multiple financial services are involved, examiners must watch for:
Customers who consistently conduct transactions using multiple financial services where it appears the transactions are conducted to circumvent the CTR requirements.
Unusual patterns of activity that meets the suspicious activity reporting thresholds.
Suspicious activity that meets the threshold reporting requirements.
(13) Where multiple financial services are involved, such as an MSB that has multiple agency agreements to transmit funds, examiners must combine all transactions into one file, prior to analyzing the transactions for BSA requirements, especially analyzing for suspicious activity. Exam steps must identify customers using multiple services to disguise potentially suspicious activity.
(14) When conducting a headquarters’ examination, examiners must analyze the transaction records for all agents/branches as one set of records. Examiners must identify customers using multiple agents/branches to potentially circumvent BSA requirements and to identify any underlying pattern of suspicious activity.
(15) Examiners, analyzing wire transmittals, must include exam steps to identify related senders and beneficiaries, often associated with the practice of smurfing. The examination process of using a technique where senders and beneficiaries are "coded" and "linked" through the analysis is discussed in detail in IRM 4.26.9.
(16) Examiners who hold a financial institution responsible for a pattern of suspicious activity that was identified from electronic records, must be able to show that the financial institution had the ability to identify the pattern based on their available information.
Example: The examiner identifies an unusual pattern of money orders sold from a daily close-out report and issues an IDR to the money order issuer for copies of the front and back of the cleared money orders. The examiner identifies the money orders were all deposited into the same bank account and based on all known facts there does not appear to be a "known business purpose" for the transactions. The financial institution under examination has no access to information from the cleared money orders; consequently, the suspicious activity may not be known at their level. The examiner would be prohibited from citing a SAR violation which is only known from the review of the cleared money orders.
Example: The examiner secures a six-month download of wire transmittals. Various sorts find several unusual patterns of activity. The financial institution’s electronic system, which is provided by their principal, only has 90-days of transactions available to the agent. The examiner needs to determine whether the activity could have been identified within this limited time prior to citing a SAR violation.
(17) FCQ should be reviewed to determine if any CTRs, CMIRs, SARs, or FBARs were filed in the names of employees, agents, or nominees, which may indicate possible unreported transactions.
(18) The examiner should document the facts and circumstances with respect to each violation. Good customer service requires the examiner to keep the financial institution apprised of all issues as they arise and to solicit an explanation for each violation. Violations should not be raised at the closing conference which have not previously been discussed with the financial institution.
(19) Refer to the MSB Examination Manual and IRM 4.26.9 for in-depth examination techniques.
(20) If structured transactions are detected, refer to IRM 4.26.13, Structuring.
Initial Appointment Meeting
(1) Use of Lead Sheet #135, Initial Appointment Agenda, is mandatory.
(2) Every effort should be made to hold the initial appointment within 28-35 calendar days of the first action on the case; however, quality standards dictate the first appointment must be conducted within 45 calendar days from the first action.
(3) "First action" is considered to have occurred when the appointment letter is mailed to the financial institution or substantial work has taken place on the case, regardless of whether time has been charged. "First action" is determined on a case-by-case basis.
(4) Examiners have the responsibility to determine the most reasonable place to conduct the examination based on the circumstances. Generally, the examination will be conducted at the financial institution’s place of business which is likely where the system of records and source documents are maintained. This includes all phases of the examination, the initial interview, review of books and records, fact finding, issue resolution, report writing, and the closing conference.
(5) The Mutual Commitment Date (MCD) is a tool used by SB/SE revenue agents to promote cooperation and the timely submission and review of records, resulting in a more efficient examination.
(6) Notify the group manager if there is a need to change the MCD by more than 30 calendar days.
(7) The MCD is the date the parties agree the examiner will issue the closing letter (generally the closing conference date) and should be established with the input of the financial institution and/or representative at the end of the first appointment. If the initial appointment is scheduled for multiple days, then the MCD should be established at the end of the last day.
(8) The MCD process establishes mutual responsibilities such as:
Identifying and discussing potential areas of examination (including issues raised by the entity),
Requesting, providing and reviewing pertinent information necessary to determine the reporting and recordkeeping requirements,
Applying the appropriate BSA law to make a correct determination,
Keeping all parties advised of unavoidable delays,
Addressing all parties’ questions and concerns raised during the examination, and
Keeping all parties fully informed about potential violations, deficiencies in the AML program, and the progress of the examination.
(9) The MCD should be reasonable and attainable. The following factors should be considered when determining the MCD:
Number of anticipated additional visits,
Days needed between visits to get information properly prepared, and
Availability of records.
(10) BSA examiners must:
Document the MCD on Lead Sheet #135, Initial Appointment Agenda, and Form 4318, Exam Workpaper Index – Title 31 (upper right-hand side),
Discuss the MCD with the group manager during the Group Manager Concurrence Meeting (GMCM) and ensure the discussion is documented on Lead Sheet #125, Group Manager Concurrence Meeting Check Sheet, and
Promptly notify the group manager if the financial institution and/or representative declines to establish a MCD or fails to cooperate. If this occurs, the group manager should contact the financial institution and/or representative to discuss expectations and responsibilities of the Service and the financial institution and/or representative during the examination. Based on the results of the discussion, the group manager and examiner will establish and document an Estimated Closing Date (ECD).
(11) Both the MCD and ECD may be extended if:
The examination is expanded to new issues,
The examination is expanded to pick up related entities,
New information is discovered,
The financial institution and/or representative become uncooperative, or
Unforeseen circumstances arise.
(12) An extension of the MCD must be communicated to the financial institution/representative. If the MCD is extended more than 30 calendar days, the examiner must also notify the group manager and discuss the reasons for the extension. The examiner must document the discussions with the financial institution/representative and group manager on a workpaper cross referenced to Lead Sheet #135, Initial Appointment Agents, or Activity Record.
(13) Whether or not the financial institution or representative agrees to establish a MCD or in the event a financial institution and/or representative fails to work with the Service in a collaborative manner, the examiner will be expected to use the full extent of IRS’ authority to obtain the information necessary for an effective examination, make an appropriate determination and conclude the examination in a timely manner.
Interview
(1) A thorough interview is essential in conducting a quality examination. It is extremely important for the examiner to establish and document the level of Bank Secrecy Act (BSA) knowledge that the owners, managers, and employees of a financial institution have at the beginning of the examination. Knowledge of the BSA is an important factor in establishing the degree of compliance with the BSA reporting, registration, recordkeeping, and Anti-Money Laundering (AML) program requirements.
(2) A properly planned and executed interview will provide an understanding of the financial institution’s history, business operations, and system of records. The case file should reflect in-depth planned interviews throughout the examination. Sufficient questions should be asked to gain a clear understanding of the financial institution, as well as the operations of the business.
(3) The examiner must explain that FinCEN is made aware of all findings and States, where IRS has a MOU, are provided findings in accordance with the MOU.
(4) The elements of an adequately documented interview include:
Interview outline addressing items specific to the financial institution under examination. The type of financial services provided, and relevant facts and circumstances are considered in the interview outline, such as "How do you acquire currency to fund the check cashing services?" or "Do you deal with any international exchange houses to secure currency for your transactions?".
Sufficient depth to give a clear understanding of the nature of the financial institution's business history and day-to-day operations.
Explanations of LUQ items and whether such explanations resolve the potential issues.
Description of how each financial service is conducted. For wire transmittals, the interview must cover the cycle of a transaction from the customer walking in, or the transaction initiated virtually, to how funds are paid out to the beneficiary, who provides the funds and how to the beneficiary, and how the services are "settled" with their provider.
Description of systems and records maintained and how they work to ensure compliance with the BSA. The interview is to include a demonstration of the systems. The examiner should secure "print screen shots" for any warnings that come up requiring additional customer information at certain dollar thresholds.
Complete explanation of how the financial institution identifies transactions that require a report or a record to be maintained.
Complete explanation of how their suspicious activity reporting program works.
Complete explanation of management’s, including the compliance officers, monitoring to ensure compliance with all BSA requirements.
(5) The examiner must interview the person(s) responsible for compliance with the BSA including compliance personnel, business operations personnel and management personnel. The examiner must interview employees that conduct the transactions to ensure they understand their responsibility for BSA compliance and they know their responsibilities under their AML program. During the interview, the examiner should, at a minimum, inquire as to:
The presence of an AML program with all required elements.
The name and title of officers or employees who handle cash transactions and who are responsible for filing Currency Transaction Reports (CTRs).
The specific duties and responsibilities of those individuals.
The responsible persons’ knowledge of the reports and records required under the BSA.
The responsible person’s knowledge of their responsibilities under their AML program’s function.
The history of filing CTRs and Suspicious Activity Reports (SARs).
Foreign bank accounts which would require reporting.
The volume of BSA relevant transactions, both in terms of number of transactions and dollar volume, on a daily, weekly, and monthly basis, with documented variations for such factors as seasonality.
The amount of cash on hand, sources and uses of cash, and cash controls.
The internal controls of the financial institution regarding cash transactions (including approval authority by dollar amount).
The type of computer system used.
The types of records maintained on all other transactions.
The procedures used by the financial institution to ensure that the information contained in the records and reports is complete and accurate.
The types of records maintained on transactions required to be reported on CTRs.
The types of records maintained to meet BSA recordkeeping requirements.
The internal (or external) controls in place to ensure compliance with BSA requirements.
The systems in place, or the manual operations, used to make the initial identification of unusual activity all the way to the steps taken to make a risk-based decision on whether a SAR should be filed.
The internal controls of the financial institution with regard to suspicious activity reporting, when such reporting is required by the BSA.
The training of employees relative to BSA regulations and any written or oral policies or procedures regarding cash transactions.
The processes used internally to identify and correct issues that can lead to compliance problems.
Local competition/competitors offering the same or similar services.
(6) Note that the above list is not all inclusive. Refer to IRM 4.26.9 for a list of possible interview questions for each specific industry.
(7) It is important for the examiner to ask appropriate follow-up questions and properly document the interview without hindering the flow of information. Examiner’s should:
Take brief notes during the interview for significant responses to questions and note those areas that need additional development. It is not advisable to take extensive notes during the interview as it can be distracting and hinder the flow of the interview.
Prepare a Memorandum of Interview (MOI) immediately following the meeting or shortly thereafter, fully documenting the statements and replies made by the representatives. The MOI and the handwritten interview notes will serve to document statements made, refute subsequent contradictory statements, and support examination positions taken.
(8) The examiner must prepare a separate MOI at the end of each interview to summarize the significant facts obtained during the interview(s). By its very nature, the MOI is limited to those issues discussed during the interviews. The examiner is prohibited from adding personal comments or examination findings. Case files may be reviewed by many individuals after closing, including the examiner who conducts the follow-up examination. This could also include an examiner, who may need to provide testimony during litigation. The interview(s) should be documented in sufficient detail that no unanswered questions remain.
(9) The interview should be documented on the Lead Sheet #205, Initial Interview Questions and Notes-Title 31.
Conducting Tours of Business Sites
(1) Tours of business sites should be conducted during examinations of all financial institutions. Generally, the headquarters’ location should be visited if it is a principal remitter, issuer of money orders, or the headquarters’ location of a large grocery store chain offering financial services as an agent of a principal.
(2) Tours should be conducted after the initial interview and early in the examination process. This clarifies what was said during the interview and provides a frame of reference when interpreting information in the records. This assists examiners to correctly determine the scope and depth of the examination and avoid unnecessary exam steps.
(3) Tours should be conducted with knowledgeable individuals. Examiners may need multiple individuals to conduct the tour as each area may have their own expertise. For example, a tour of a principal remitter may have multiple tours with multiple individuals as one may be responsible for on-boarding agents, one may be responsible for monitoring the systems which identify reportable transactions, and another person could be responsible for the enhanced due diligence on their foreign counterparts.
(4) Tours should be planned to address all Bank Secrecy Act functions identified during the pre-plan analysis or interviews. Tours should include a demonstration of the system, including conducting test transactions based on the requirements of their Anti-Money Laundering program.
Example: If identification is required at $1,000, the examiner should have the responsible person conduct a "test" transaction at $1,500 to see if the system blocks the transaction until required information is entered. Screen shot prints should be secured when any warnings are displayed.
Example: If a source of funds is required at $7,000, the examiner should have the responsible person conduct a "test" transaction at $8,000 to see if the system blocks the transaction until required information is entered. Screen shot prints should be secured when any warnings are displayed. It is also suggested that the examiner tour the area that approves the source of funds prior to completing the transaction.
(5) Design the tour to fit the type of business.
(6) Tours should cause as little disruption in the business operations as possible. Some disruption cannot be avoided.
Group Manager Concurrence Meeting
(1) The group manager concurrence meeting (GMCM) is an opportunity for the group manager and examiner to discuss the scope and depth of the examination, as well as the Mutual Commitment Date (MCD). Group manager involvement in the early stages of an examination results in fewer delays, increased efficiency and higher quality cases.
(2) The GMCM must occur within 30 calendar days after completion of the initial appointment meeting.
(3) The examiner should schedule the concurrence meeting on the date the initial appointment is set. The GMCM may also be conducted prior to the initial appointment, for example, when the taxpayer or representative is procrastinating and has rescheduled the initial appointment multiple times.
(4) GS-12, and below, examiners are required to use the GMCM. GS-13 examiners are encouraged to utilize a GMCM to provide updates on cases and obtain guidance from group managers.
(5) The examiner should be prepared to discuss:
The initial appointment meeting and MCD
Accomplishments and planned actions for completing the case
Issues currently identified
Location of the examination work, and
Concerns or barriers to closing the case
(6) The GMCM is documented on Lead Sheet #125, Group Manager Concurrence Meeting Check Sheet.
Inspection of Books and Records
(1) The review of books and/or records as well as policies and procedures is critical to measure the degree of compliance with the BSA.
(2) The examiner must utilize the required records, including AML program records maintained by the financial institution, to determine the level of compliance.
(3) The examiner must be alert to situations which may be an attempt to evade the reporting requirements, such as:
A single transaction structured as multiple transactions of $10,000 or less,
Currency transactions structured to appear as non-currency transactions, for example, the issuance of a check to the customer by a financial institution which then cashes the check for the customer, or
A pattern or series of transactions of $10,000 or less conducted over a period by or for the same person. See IRM 4.26.13, Structuring, for an in-depth discussion on structuring.
(4) Every examination must include a risk-based analysis of transactions for suspicious activity. The limited scope of an examination, three to six months, restricts the examiners ability to identify any underlying pattern of suspicious activity. To overcome this restriction the examiner will analyze the transactions for the examination period to identify any "unusual" pattern of activity. These unusual patterns can be based on:
Dollar thresholds
Location of where the funds are paid out
Use of multiple senders and beneficiaries
Activity consisting of multiple complex financial transactions
Example: A customer sending multiple transactions where the aggregated amount exceeds $10,000 in the six-month examination period.
Example: A customer exchanging U.S. dollars for pesos along the border where the aggregated amount exceeds $5,000 in the three-month examination period.
(5) The "unusual" patterns of activity will be given back to the financial institutions with the request that they provide prior transactions for all individuals identified in the activity, and any additional individuals identified during this research. The scope of the examination is not being expanded, the sole purpose for requesting the additional transactions is to determine if the financial institution failed to identify and report patterns of suspicious activity.
(6) If the pattern of activity appears suspicious, the examiner must request the financial institution to provide any source of funds or business purpose for the transactions. Not all financial institutions are required to have a Know Your Customer (KYC) program. However, all financial institutions, except check cashers, are required to have a SAR program. It is virtually impossible to have an effective SAR program unless the institution also has a KYC program. The financial institutions should have enhanced due diligence procedures that require them to obtain additional information on customers who do a higher volume of recurrent transactions in significant sums which places the financial institution at risk for potential money launder or other illegal activity.
(7) Taking the financial institution through the process of making the initial identification of the "unusual" activity, requiring research for prior transactions on all individuals identified in the activity, and then making a risk-based decision as to whether a SAR should be filed provides the financial institution a picture of what is required in an effective AML program.
(8) A financial institution that reports suspicious activity based strictly on filters within their system may be in violation of their requirement to develop and implement a SAR program. Their AML program must include procedures to adequately investigate flagged transactions further and to take further action against the suspicious activity identified, such as notifying law enforcement directly or banning individuals from using their financial services.
Retained Copies of Reports
(1) Data reflected on the CTR is separated into two categories, critical fields and non-critical fields. Fields designated with an asterisk (*) are critical. FinCEN provided guidance in March 2012 (FIN-2012-G002), for both critical and non-critical elements. The guidance states, financial institutions should complete those items for which they have relevant information, regardless of whether the individual items are deemed critical for technical filing purposes.
(2) For critical items, financial institutions must either provide the requested information or affirmatively check the "Unknown" box provided on the FinCEN CTR.
(3) Examiners are required to review filed CTRs for any critical fields which include obviously incorrect data (ea. SSN 111-11-1111). To complete the filing process, a financial institution may file a CTR with data in a mandatory field that it knows is incorrect. The examiner must still verify the information is indeed incorrect. If information is incorrect, the financial institution is cited for failure to file a complete and accurate CTR. To adequately evaluate the financial institution’s policies and procedures and identify potential risks and weaknesses, it is important to determine why the financial institution entered incorrect data. Based on the analysis of the cause of any failure to file an accurate CTR, the examiner might also cite the financial institution for failure to have an adequate AML program. Policies and procedures must be in place to ensure CTRs are filed with accurate and complete information.
(4) For non-critical items, FinCEN expects financial institutions to provide the most complete filing information available on each CTR, consistent with existing regulatory expectations. A financial institution may leave non-critical fields (fields without an asterisk) blank when the information is not available. If the information is readily available, a financial institution that has non-critical field information must include it on the CTR filed. CTRs filed with missing or inaccurate information have ramifications to the various law enforcement agencies that use the data.
(5) Failure to provide critical field or non-critical field data, for which the financial institution has the information, is a violation and would result in citing the financial institution for failing to file a complete and accurate CTR. To cite a financial institution for failure to file a CTR with complete and accurate information you must determine if the financial institution had a requirement to provide the data.
(6) Financial institutions have a requirement to secure all required data prior to completing a reportable transaction.
(7) A large financial institution may file hundreds or thousands of CTRs during an examination period, thus performing a 100% analysis of the filings will be time consuming. Therefore, the examiner should take a risk-based approach to reviewing the filed CTRs and select a reasonable sample size to analyze and determine if the CTRs were filed with inaccurate or incomplete information. On the other hand, a small financial institution may file only a few CTRs and performing a 100% analysis would be reasonable and necessary based on the financial institution’s risk.
(8) The examiner must determine if a financial institution is maintaining all the required records. This would include records from the current exam period and records prior to the exam period. With a financial institution creating millions of records each year it is not feasible or efficient to review every record. The examiner will need to select a reasonable sample size to determine whether the financial institution is complying with the regulation.
(9) The examiner must review a reasonable amount of records from the current exam period to determine if the financial institution is compliant with record retention requirements. The BSA E-Filing System is not a record keeping program; consequently, financial institutions are not able to access or view previously filed reports. The BSA E-Filing System does provide tracking information on past report submissions and acknowledgements for accepted BSA reports. FinCEN does not provide copies of filed reports to filers. Many financial institutions have computerized systems which can store copies of filed CTRs. A financial institution may save a copy of the CTR to a computer hard drive, network or other secure storage device or print a paper copy for their records. These are all acceptable methods to meet the retention standard. Financial institutions that cannot provide verification or confirmation they filed a CTR on the E-Filing System have not met the retention requirement. Financial institutions must have an electronic version or paper copy to meet the requirement.
Example: For an examination period of January 1, 2016 through March 31, 2016, research determined the financial institution filed 4,118 CTRs for the five-year period ending December 31, 2015. The examiner randomly selects 50 CTRs to review to determine the financial institution is maintaining the required records. The examiner selects CTRs from each of the prior 5 years for the analysis, 15 CTRs from 2015, 12, from 2014, 10 from 2013 8 from 2012, and 5 from 2011 to determine if the financial institution is maintaining the required records.
(10) It is important to remember that just because a financial institution filed a CTR and FCQ reflects it, this does not mean the record retention requirement of the BSA regulation has been met. The FCQ is not a record repository for the financial institution.
Lack of Records
(1) When the examiner determines that records are lacking or inadequate, it may be necessary to request records from banks and other third parties.
(2) The examiner may request the financial institution obtain the information from their principal, such as the principal remitter or the issuer of money orders.
(3) The examiner should request third-party information on Form 4564 (IDR) whenever possible. A copy of all IDRs must be maintained in the examination file.
(4) Third-party contact notification (IRC 7602 (c)(1), Notice of Third Parties) is not applicable to BSA examinations. The purpose of a BSA examination is to determine compliance with the BSA requirements. IRC 7602(c) is limited to the determination or collection of a taxpayer’s tax liability.
(5) If the third party will not accept the request on an IDR, the BSA examiner should consider issuing a BSA Summons, FinCEN Form 113. Refer to IRM 4.26.8, Special Procedures, for BSA Summons procedures.
(6) The examiner must discuss lack of records and the recordkeeping requirements with the appropriate official(s) of the financial institution. This discussion should address the impact of the lack of records on the effectiveness of the AML program and on the ability of the officials to monitor their own compliance with BSA requirements. The lack of records would also limit the ability of their independent reviewer or regulatory agency from determining their compliance.
Closing the Examination
(1) When the information-gathering stage of the examination is complete, the examiner will document findings and proceed to closing the examination.
(2) The examiner is required to assess the internal controls of the financial institution. The assessment is documented on Lead Sheet #140, AML Compliance Program - Title 31. This lead sheet is mandatory and requires a conclusion.
(3) Once records are reviewed to determine if the entity is an MSB, the case can no longer be closed as a "Survey After Assignment (SAA)". The case will be closed as a "No-Issue" case and Letter 4029 will not be sent to the entity.
(4) If the examination was erroneously conducted based on the information from the Title 31 Database; however, the entity is a "new" entity the group manager is to call their BSA ECS Title 31 coordinator and follow the survey/replacement case procedures. BSA ECS will assign the new entity to the field along with new CI clearance. The original case will be Surveyed After Assignment (SAA), disposal code "101", with all hours charged to the original case. The replacement case examination can be completed and closed with the issuance of the appropriate letter. See IRM 4.26.6.5.1.
Notification of Findings
(1) If no BSA violations or significant AML program issues have been found, prepare Letter 4029.
(2) The examiner must discuss apparent violations with their group manager. If BSA violations are found which are technical, minor, infrequent, isolated, or not substantive, a Letter 1112 should be issued. See IRM 4.26.8.
(3) If the apparent BSA violations appear to meet criminal referral guidelines, the group manager will contact the Fraud Technical Advisor to determine if a Form 2797, Referral Report of Potential Criminal Fraud Cases, is warranted. See IRM 4.26.8. Examiners do not issue a Letter 1112 if a criminal referral is being contemplated.
(4) If apparent BSA violations are found which appear to meet the referral criteria cited in IRM 4.26.8 and the violations do not meet criminal referral guidelines or CI has declined the criminal referral, the group manager will contact the BSA Policy technical advisor to determine if the case should be referred to FinCEN on a Form 5104, Report of Apparent Violation of Financial Recordkeeping and Reporting Regulations. The examiner will issue the Letter 1112.
(5) IRM 4.26.8 provides guidance where a simultaneous referral to CI and FinCEN may be warranted.
(6) If information is discovered which may be considered for a possible income tax or employment tax examination, prepare Form 5346, Examination Information Report. See IRM 4.26.6.5.3.16.
Holding the Closing Conference
(1) A closing conference must be held at the close of the examination.
(2) A closing conference is held to discuss all identified and verified violations, including deficiencies in policies, procedures, internal controls and AML programs. The examiner should advise the financial institution of any deficiencies in its policies, procedures, internal controls, compliance program, recordkeeping, and reporting requirements. The financial institution should be provided with a list of potential violations and deficiencies prior to the scheduled closing conference so they can review the potential violations and provide any evidence that would prove a violation is not warranted. The examiner should provide feedback to the financial institution to avoid future violations. The examiner should document the date of the closing conference, who attended, and the nature of the discussion during the closing conference.
(3) Generally, the closing conference should be held at the financial institution’s office. If the cost of travel is an issue, the conference call may be conducted via a conference call.
Letter 1112 Response
(1) When a Letter 1112 is issued, the financial institution is asked to provide a response, amend the AML program, and implement recommendations.
If the response presents no rebuttal to the violations and provides an amended or original AML program, the examiner will review the program for adequacy and document the workpapers.
If the response presents additional facts that changes the outcome of the examination, the examiner will issue a revised Letter 1112 and update the workpapers.
If no amended or original AML program is provided, or if the program provided is not adequate, the examiner will discuss with the group manager whether a referral to FinCEN is warranted.
If the financial institution disagrees with the violations and refuses to implement corrective actions, or does not respond, examiners will document the workpapers and discuss with the group manager whether a referral to FinCEN is warranted.
(2) Complete documentation of the financial institution’s knowledge of the law, monitoring processes, and response to the recommendations is the basic evidence needed for any criminal or civil enforcement proceedings.
Delinquent BSA Forms Procedures
(1) The examiner may find that the financial institution failed to file required reports during a BSA examination. If no criminal referral is contemplated, the examiner will ask the entity to electronically file delinquent BSA reports. Filing can be verified on FCQ and documented in the case file.
(2) Refer to IRM 4.26.8 for an in-depth discussion on requesting the filing of delinquent BSA forms.
Case File Closing Procedures
(1) The case file should be assembled using the current BSA lead sheet package and the file should be forwarded to the group manager (see procedures below).
(2) After review, the group manager will forward the case file according to current instructions from BSA ECS.
Referrals and Notification
(1) The examiner may prepare referrals to CI or FinCEN if violations warrant. See IRM 4.26.8 for instructions on referral preparation.
Examination Information Report, Form 5346
(1) Information discovered during the examination may be used for other purposes when the information has a "high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, the conduct of intelligence or counter-intelligence activities, including analysis, to protect against domestic and international terrorism".
(2) The examiner should only request records during an examination for determining compliance with BSA requirements. Information is not to be requested during an examination if the only reason for requesting such information is for tax compliance purposes.
(3) If information is identified during the examination that warrants referral for a possible tax examination, the examiner should complete the Form 5346, Examination Information Report, on the customer or the financial institution, as applicable.
(4) Some examples of transactions that may warrant submitting a Form 5346 are:
Large cash deposits with inadequate records.
The lack of cash deposits by a financial institution that usually generates large amounts of cash.
Suspicious transactions that indicate the correct amount of income may not have been reported for Title 26 purposes.
Potential structuring cases.
Customers cashing business checks to potentially avoid paying employment taxes. Indicate on these Form 5346 that they are submitted for a potential employment tax issue.
(5) Examples of potential employment tax issues:
A garment district employee consistently comes in each Thursday and cashes a business check for $8,600.
An owner of a construction business consistently comes in every other week and brings in an $8,900 check and purchases large amounts of money orders in face amounts of $500 and $300.
A customer who has a roofing business comes in with a $24,000 check from a general contractor. The check casher retains $15,000 and places these funds in an "accounts payable" fund and returns $9,000 to the customer. Employees of the roofing business come in and cash their payroll checks or provide a voucher to the check casher. The check casher provides cash to the employees and reduces the "accounts payable" by the amount of the employee checks cashed.
A contractor sets up an agreement with the check casher to issue stored value cards to 12 of his employees. The contractor brings an $18,000 check from a construction firm to the check casher. The check casher funds the 12 stored value cards totaling $8,500 and provides cash to the contractor of $9,500.
(6) Examiners are prohibited from expanding the scope or depth of the examination to obtain additional information solely for information report purposes.
(7) The "other information" section on the Form 5346 must state the type of information that is available at the financial institution for the tax issues, for example, a check cashing card listing all checks cashed.
(8) The following project codes should be used on Form 5346 leads generated from BSA examinations:
Project Code "441" should be used on the income tax examination resulting from the lead.
Project Code "147" should be used if the income tax case is referred for fraud.
(9) Copies of Form 5346 are not maintained in the case file. Document workpapers to indicate that forms were prepared by annotating the workpapers with "Forms 5346 prepared" or by placing a tick mark next to the transactions warranting the report.
(10) The examiner will prepare the Form 5346 electronically for their group manager's approval. The group manager will forward the approved Form 5346 plus any supporting documentation to *SBSE BSA Info Reports/Referrals mailbox.
Information Items
(1) Form 3949, Information Report Referral, will be used to forward any information acquired during a BSA examination which is not an apparent BSA violation, but that warrants referral to CI. The group manager should follow IRM 25.1.12.9, BSA Leads to CI, and send an electronic copy to *SBSE BSA Info Reports/Referrals mailbox.
(2) Apparent BSA violations committed by banks or other financial institutions which are not under IRS jurisdiction, but have been identified during a BSA examination, should be submitted to FinCEN as follows:
Prepare an IRS memorandum and attach all supporting documentation.
Submit the information item to the BSA FinCEN Liaison.
Examiner-Filed SARs
(1) The examiner may identify transactions or patterns of transactions that warrant the filing of a SAR(s) that the financial institution either does not agree are suspicious or would not have knowledge of. In this situation, the examiner must file a SAR. Per a prior National Office Memorandum, examiners are to use the consolidated EIN 52-1782822 on examiner-filed SARs. Procedures for BSA filed SARs are in IRM 4.26.8.
(2) If the transactions or patterns of transactions are potentially related to terrorist activity, the examiner must call the Terrorist Hotline at 1-866-556-3974. The examiner must also contact the group manager who will notify the BSA Policy program manager.
Workpapers
(1) Generally Accepted Government Auditing Standards (GAGAS) require a record of the auditors' work be retained in the form of working papers. GAGAS requires that workpapers allow for the review of audit quality by providing the reviewer written documentation of the evidence supporting the auditors' significant conclusions and judgments. Workpapers should contain:
Examination objectives, scope, and methodology, including any sampling criteria used for each examination step undertaken.
Documentation of the work performed to support significant conclusions and judgments, including descriptions of transactions and records examined that would enable an experienced auditor to examine the same transactions and records.
Evidence of supervisory reviews of the work performed.
(2) Examination workpapers include all evidence gathered by the BSA examiner and serve to:
Organize and coordinate all phases of the examination.
Aid group managers and reviewers in reviewing the work performed by the examiners.
Facilitate the preparation of the final closing documents.
Substantiate and explain in detail the opinions and findings of the examination.
(3) Workpapers should contain all essential information but must not include any superfluous material. Audit tests usually involve the examination of numerous documents. Nonetheless, in many instances, the only appropriate entry in the workpapers is a notation by the examiner indicating that certain supporting documents have been inspected. The examiner should not copy documents for inclusion in the case file unless they support violations or issues or document the audit trail.
Example: Include a copy of the bank statement with identified deposits selected for review using tick marks because it documents the audit trail.
Example: Include the summary screen of FCQ documents and only those BSA documents that identify unusual transactions that should be further investigated.
Example: Do not include entire spreadsheets of money transfers. Include only the pages that identify transactions that need further investigation. Individual sorts should be saved on the primary case disk and cross referenced in the workpapers to document all steps taken to identify violations or issues.
Example: Do not include copies of cleared money orders that do not represent a violation. On the document identifying the cleared money orders requested, a tick mark would indicate the money orders reviewed and that there was no issue.
(4) Workpapers must also clearly identify factual statements and matters of judgment. Every factual statement and every figure in the report should be supported and explained in the workpapers. There should be no hesitancy in adding full explanatory remarks to any schedule or analysis prepared during any part of the examination. Workpapers are not limited to quantitative data; they should include notes and explanations which record fully what was done by the examiners, their reasons for following certain audit procedures and omitting others, and their reactions and opinions concerning the quality of the data examined, the adequacy of the internal controls in force, and the competence of the persons responsible for the operations or records under review.
(5) As workpapers are prepared, the examiner will use different symbols to identify specific steps in the work performed. These symbols, or "tick marks", provide a concise means of indicating the auditing procedures applied to specific step. Whenever tick marks are employed, they must be accompanied by a legend explaining their significance.
(6) Violations or issues must be supported by source documents, such as:
Bank account records such as bank statements, deposit tickets, copies of cashed checks or deposited items.
Cash receipts journals and other internal control records.
Copies of CTRs, FBARs, SARs, and CMIRs.
MSB registration form and acknowledgement letter.
Daily cash reconciliations.
Customer control cards.
Wire transfer send and receive forms.
Money order daily sales summaries.
(7) Workpapers are to be indexed contemporaneously throughout the audit. Where references are necessary between workpapers, there must be adequate cross-indexing. Documents or statements should only be in the file at one location. It is not necessary to cross-reference all supporting workpapers to the lead sheet, however, supporting workpapers should be cross-referenced to each other when necessary to document the audit trail. Any issue that bases a conclusion on the document or statement should be cross referenced to the one location in the case file.
(8) The exam steps completed should fully document the purpose for conducting each exam step and the findings. Workpapers should include comments by the examiners indicating their conclusions on each aspect of the work. Examiners should take a stand on all findings, including each transactional test they conduct.
Example: The examiner working a money transmitter case must disclose each sort conducted, the outcome of each sort, and how the resulting transactions were resolved. A sort by the phone number of the sender must be documented in the workpaper to explain that this sort was conducted to determine if individuals were using the same phone number and then provide the names of those senders or state that there were no common phone numbers. The examiner must then conclude whether violations were identified from these results. The examiner must also address and document if the financial institution had a system in place (risk-based) to review for these types of transactions; if not, a weakness existed in the AML program.
Example: For a check casher that does not keep records of checks cashed, the examiner may select deposits of $9,000 and above to determine if there is structuring of multiple checks cashed aggregating greater than $10,000. From these deposits, the examiner makes a risk-based decision to request copies of all deposited items of $3,000 and above from the MSB. The workpaper must clearly document the examiner’s decision to select these specific deposits and deposit items. The examiner must also document the results of this examination step which would include listing questionable checks or making the statement that there were no checks greater than $3,000.
(9) Verify spelling and punctuation are correct. Use spell-checker and proofread for grammatical and other errors that will not be identified by the spell-checker.
Automated Workpapers
(1) The BSA Title 31 Lead Sheet Package is provided as a guide for the development of workpaper content and organization and to promote uniformity among examiners’ workpapers.
(2) The issue specific lead sheets are an index to the examination steps completed. The examination steps on the lead sheets are either requirements of the law or reminders of areas to consider. The extent and scope of compliance testing should be clearly stated in the workpapers and cross-indexed to the lead sheet exam step for which the test was performed. The actual examination steps and the extent of transactional testing are based on the examiner’s judgment of risk and the adequacy of internal controls and the independent review.
(3) The BSA Title 31 Master Template is located on the BSA Policy SharePoint site at https://organization.ds.irsnet.gov/sites/SbseFraudBSA/BkSecAct/SitePages/Home.aspx
Workpaper Format
(1) Lead sheets are organized into the following sections:
Numbering Series | Category |
---|---|
100s | Administrative and Planning |
200s | Memoranda |
300s | Title 31 Issues |
400s | Violations |
500s | Miscellaneous |
(2) Form 4318, Examination Workpapers Index, is an index to all workpapers.
(3) Section 100 lead sheets are mandatory for all Title 31 cases; consequently, they must not be altered.
(4) Issue specific lead sheets are only included in the case file if they pertain to the financial institution under examination.
Form 9984 - Activity Record
(1) Form 9984, Examining Officer’s Activity Record, must document examination activities and record delays encountered during the examination. It must show the complete and accurate case history. It is used to document each action taken on the case, including the date, time charged, and an explanation of each activity or contact. All activities should be documented contemporaneously.
(2) All activity on the case should be recorded, including actions by non-examiners, for example, BSA ECS Title 31 Coordinators, group managers, or clerical staff.
(3) Information recorded on the Activity Record includes, but is not limited to:
Work performed prior to entity contact.
Research activities.
Date, place, and time of appointments.
Brief summaries of telephone conversations.
Record of contacts with employees, representatives, and third parties.
Causes of delays or lack of cooperation.
Group manager involvement, including informal discussions, field visits, and case or workload reviews.
Collateral requests or referrals.
Actions to protect the statute of limitations.
Receipt of signed Letter 1112 from the entity, response to violations, and amended anti-money laundering program (if applicable).
Date closed to group manager.
(4) Activity need not be described in detail. The actual work should be documented in the workpapers. An accurate, concise and professional appearance is essential.
(5) The Activity Record should clearly show what has been done to date, allowing a new examiner to continue to work the case, when that is necessary.
National Standard Time Frames
(1) The recommended national standard time frames for which action should be taken (calendar days, unless otherwise stated):
45 days to start the examination - first action to first appointment.
45 days between significant activities. The term "significant activity" includes any activity where the examiner performed substantial work that moved the case toward a conclusion. This does not include phone calls to, or from, the taxpayer to cancel or change appointments. It would, however, include phone calls if issues were discussed that helped move the case toward a conclusion, appointments, requests for information, research, and other similar items.
One day (next business day) to return telephone calls.
14 days to reply to correspondence from entity or representative.
20 days for case closures for agreed or no-change examinations - from the date the report is received or the date the no-change status is communicated to the financial institution to the date the case is closed from the group.
20 days to close the case to the group manager when a Form 5104, Report of Apparent Violation of Financial Recordkeeping and Reporting Regulations, referral is made. The count starts when the final conference is held to discuss violations found during the examination.
(2) Reasonable or unavoidable delays must be documented on Form 9984.
Case File
(1) To create a well-organized, professional case file, the workpapers in the case file should be arranged in the numbering sequence shown on Form 4318, Exam Workpaper Index, -Title 31.
(2) Attach to outside of case file:
Case Control Document.
Form 3198, Special Handling Notice for Examination Case Processing.
TD F 15-05.11, Sensitive But Unclassified (SBU) Cover Sheet, if SAR information or copies of SARs are enclosed.
(3) Attach to inside left-hand side of case file:
Computer Compact Disc (CD) of electronic records.
Encrypted CD created by examiner that contains all electronic workpapers and sorts of data downloads.
Reminder: The entity folder should be deleted from the examiner’s computer once it is saved to a CD.
(4) Enclose the following forms inside the case file:
Form 5346, Examination Information Report, if applicable (loose on top).
Form 4318, Examination Workpaper Index, workpaper package.
"To Be Opened by Addressee Only" envelope with SARs and SAR-related workpapers, if applicable.
Safety
(1) Safety of the examiner should be a primary concern when conducting an examination. If there is a safety concern, there are several options available to the examiner:
Notify the group manager and Criminal Investigation.
The group manager may direct the examiner to team up with another examiner to complete the examination.
Ask the financial institution to bring all records to the IRS office.
Follow IRS safety procedures.
Technical Assistance
(1) The examiner should contact the group manager with any questions pertaining to the BSA or if technical and/or procedural assistance is needed.
(2) If necessary, the group manager will contact the BSA Policy Technical Advisors or Analysts for additional assistance. If needed, Technical Advisors and Analysts will forward a formal question to FinCEN through the BSA Policy Liaison to FinCEN. The response will be relayed back to the group manager.
BSA Program Web and SharePoint Sites
(1) The BSA web site address is http://mysbse.web.irs.gov/examination/examorg/specialtyexamination/banksecrecyact/default.aspx.
(2) The BSA SharePoint site address is: https://organization.ds.irsnet.gov/sites/SbseSpec/BSA/SitePages/Home.aspx.
Activity Code
(1) Time spent on BSA activities should be charged to activity code "591".
Power of Attorney
(1) Form 2448, Power of Attorney and Declaration of Representative, may be used for BSA examinations.
(2) Refer to IRM 4.26.8, Special Procedures, for instructions regarding the Powers of Attorney for BSA examinations.
Disclosure
(1) IDRS contains Title 26 tax information and must not be accessed for BSA purposes.
(2) UNAX is always a consideration. UNAX is applicable to all systems including IDRS, FCQ and Accurint. The examiner should only access information that is necessary and relevant to the examination.
(3) Refer to IRM 4.26.14, Disclosure, for an in-depth discussion on disclosure.