Scribd
Upload
134 views4 pages

Risk Assessment - Outline

Uploaded by

Jessica Doe
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
134 views4 pages

Risk Assessment - Outline

Uploaded by

Jessica Doe
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

BSA Risk Assessment

Overview
 A well-developed risk assessment will assist in identifying the credit union’s
BSA/AML risk profile.
 Understanding the risk profile enables the credit union to apply appropriate risk
management processes to the BSA/AML compliance program to mitigate risk.
 The risk assessment should provide a comprehensive analysis of the BSA/AML risks
in a concise and organized presentation

Method
 No one method of risk assessment is required by examiners.
 Whatever format management chooses to use for its risk assessment, it should be
easily understood by all appropriate parties.
 In general a BSA risk assessment should meet these two objectives:
o Identify the specific risk categories (i.e., products, services, members,
entities, transactions, and geographic locations) unique to the credit union.
o Conduct a more detailed analysis of the data identified to better assess the
risk within these categories.

Identification of Specific Risk Categories


 The first step of the risk assessment process is to identify the specific products,
services, members, entities, and geographic locations unique to the credit union.
 Certain products, services, members, entities, and geographic locations may be more
vulnerable for illicit activity or have been historically abused by money launderers
and criminals.
 Depending on the specific characteristics of the particular product, service, or
member, the risks are not always the same. For example, the credit union should
consider:
o The number and volume of transactions
o Geographic locations
o The nature of the member relationships
o The differences in the way a credit union interacts with members (face-to-
face contact versus electronic banking)

Products and Services


 Certain products and services offered by credit unions may pose a higher risk of
money laundering or terrorist financing depending on the nature of the specific
product or service offered.
 For instance, some products and services may facilitate a higher degree of
anonymity, or involve the handling of high volumes of currency or currency
equivalents.

1
BSA Risk Assessment
 Examples of products and services that may be considered higher risk include:
o Electronic funds payment services — electronic cash (e.g., prepaid and
payroll cards), funds transfers (domestic and international), payable upon
proper identification (PUPID) transactions, third-party payment processors,
remittance activity, automated clearing house (ACH) transactions, and
automated teller machines (ATM).
o Electronic banking.
o Private banking (domestic and international).
o Trust and asset management services.
o Monetary instruments.
o Foreign correspondent accounts (e.g., bulk shipments of currency, pouch
activity, payable through accounts (PTA), and U.S. dollar drafts).
o Trade finance.
o Services provided to third party payment processors or senders.
o Foreign exchange.
o Special use or concentration accounts.
o Lending activities, particularly loans secured by cash collateral and
marketable securities.
o Nondeposit account services (e.g., nondeposit investment products and
insurance).

Members and Entities


 Although any type of account is potentially vulnerable to money laundering or
terrorist financing, by the nature of their business, occupation, or anticipated
transaction activity, certain members and entities may pose specific risks.
 Some examples of members and entities that may pose more of risk include:
o Foreign financial institutions, including banks and foreign money services
providers (e.g., casas de cambio, currency exchanges, and money
transmitters).
o Nonbank financial institutions (e.g., money services businesses; casinos and
card clubs; brokers/dealers in securities; and dealers in precious metals,
stones, or jewels).
o Senior foreign political figures and their immediate family members and
close associates (collectively known as politically exposed persons (PEP)).
o Nonresident alien (NRA) and accounts of foreign individuals.]
o Foreign corporations and domestic business entities, particularly offshore
corporations (such as domestic shell companies and Private Investment
Companies (PIC) and international business corporations (IBC)) located in
higher-risk geographic locations.
o Deposit brokers, particularly foreign deposit brokers.
o Cash-intensive businesses (e.g., convenience stores, restaurants, retail stores,
liquor stores, cigarette distributors, privately owned ATMs, vending machine
operators, and parking garages).
o Nongovernmental organizations and charities (foreign and domestic).

2
BSA Risk Assessment
o Professional service providers (e.g., attorneys, accountants, doctors, or real
estate brokers).

Geographic Locations
 Identifying geographic locations that may pose a higher risk is essential to a credit
union’s BSA/AML compliance program.
 Credit unions should understand and evaluate the specific risks associated with
doing business in, opening accounts for members from, or facilitating transactions
involving certain geographic locations.
 Geographic risk alone does not necessarily determine a member’s or transaction’s
risk level, either positively or negatively.
 Some examples of higher risk locations include:
o Countries subject to OFAC sanctions, including state sponsors of terrorism
o Countries identified as supporting international terrorism
o Jurisdictions determined to be “of primary money laundering concern” by the
Secretary of the Treasury
o Jurisdictions or countries monitored for deficiencies in their regimes to
combat money laundering and terrorist financing by international entities
such as the Financial Action Task Force (FATF).
o Major money laundering countries and jurisdictions identified in the U.S.
Department of State’s annual International Narcotics Control Strategy Report
(INCSR), in particular, countries which are identified as jurisdictions of
primary concern.
o Offshore financial centers (OFC)
o Other countries identified by the credit union as higher-risk because of its
prior experiences or other factors (e.g., legal considerations, or allegations of
official corruption).
o High Intensity Drug Trafficking Areas (HIDTA)
o High Intensity Financial Crime Areas (HIFCA)

Analysis of Specific Risk Categories


 The second step of the risk assessment process entails a more detailed analysis of
the data obtained during the identification stage in order to more accurately assess
BSA/AML risk.
 This step involves evaluating data pertaining to the credit union’s activities
 The detailed analysis is important because within any type of product or category of
member there will be accountholders that pose varying levels of risk.

Developing the BSA/AML Compliance Program Based Upon The Risk


Assessment
 Management should structure the credit union’s BSA/AML compliance program to
adequately address its risk profile, as identified by the risk assessment.

3
BSA Risk Assessment
 Management should understand the credit union’s BSA/AML risk exposure and
develop the appropriate policies, procedures, and processes to monitor and control
BSA/AML risks.

Updating the Risk Assessment


 An effective BSA/AML compliance program controls risks associated with the credit
union’s products, services, members, entities, and geographic locations; therefore,
an effective risk assessment should be an ongoing process, not a one-time exercise.
 Management should update its risk assessment to identify changes in the credit
union’s risk profile, as necessary (e.g., when new products and services are
introduced, existing products and services change, higher-risk members open and
close accounts, or the credit union expands through mergers and acquisitions).
 Even in the absence of such changes, it is a sound practice for credit unions to
periodically reassess their BSA/AML risks at least every 12 to 18 months.

You might also like