Skip to content

BSA / AML Examination Manual 2021 Updates

The Federal Financial Institutions Examination Council (FFIEC) on December 1, 2021 released updates to three sections of the Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual. These updates affect the following sections; however no new requirements or emphasis resulted.

  • Charities and Nonprofit Organizations
  •  Independent Automated Teller Machine Owners or Operators
  • Politically Exposed Persons

These sections provide information and considerations related to certain customers that may indicate the need for bank policies, procedures, and processes to address potential money laundering, terrorist financing, and other illicit financial activity risks. As a result, key points to consider include the following:

Charities and Nonprofit Organizations (NPO’s)

Institutions should assess the adequacy of systems to manage the risks associated with accounts of charities and non-profit organizations and management’s ability to implement effective due diligence, monitoring, and reporting systems.

Because NPOs can be used to obtain funds for charitable organizations, the flow of funds both into and out of the NPO makes them susceptible to abuse by money launderers and terrorists. Large dollar donations can be given anonymously, making the source of funds difficult to track.

To assess the risk of NPO customers, a financial institution should conduct adequate due diligence based on risk considerations.

For accounts considered to be higher risk (NOT local churches, for example), stringent documentation, verification, and transaction monitoring procedures should be established. NPO accounts that are at higher risk for BSA/AML concerns include those operating or providing services internationally, conducting unusual or suspicious activities, or lacking proper documentation.

Independent Automated Teller Machine Owners and Operators

If Privately Owned ATM’s are present and/or customer handles their own replenishment, the Risk Assessment is automatically “High Risk” and the institutions should perform expanded due diligence.

Politically Exposed Persons (PEP)

The term PEP is commonly used in the financial industry to refer to foreign individuals who are or have been entrusted with a prominent public function, as well as to their immediate family members and close associates.

Examiners evaluate to determine that the financial institution’s policies, procedures, and processes to assess, manage, and mitigate potential risks associated with foreign individual customers who the financial institution has designated as politically exposed persons (PEPs). This includes compliance with regulatory requirements, such as customer identification, customer due diligence (CDD), beneficial ownership of legal entity customers, and suspicious activity reporting, with respect to these customers.

Examiners will determine whether the financial institution has developed and implemented appropriate, written risk-based procedures for conducting ongoing CDD for identified PEP customers.

Policies, procedures and processes generally include whether and when, based on risk, it is appropriate to obtain and review additional customer information, including guidance for resolving issues when insufficient, inaccurate, or unverifiable information is obtained.