To satisfy Federal, State, and Institutional legal requirements, MSBs must construct, implement, and maintain a unique compliance program suited to the company.
A compliance manual and proof of training of your employees customarily addresses compliance with three federal compliance topics:
NCC’s partner institutions will only accept Independent Reviews from professionals with requisite AML knowledge specializing in the MSB sector.
MSB’s are obligated to adhere to all federal and/or state requirements.
The Compliance Manual
Neither auditors nor banks will accept anything less than a thorough, tailored manual containing the following:
Adopting the compliance program, including and not limited to corporate resolutions, an accurate record retention system must be managed, maintained and available.
MSBs are required to provide an “Employee Compliance Handbook” which must contain information on the Bank Secrecy Act, USA PATRIOT Act, Money Laundering Control Act, and other anti-money laundering laws and regulations, and more importantly, detail how the MSB’s employees are going to help the company remain in compliance with those laws and regulations.
MSBs must create an in-house training program that is an effective and customized solution to meet the MSB’s “Employee Training” requirements and must document proof of this training.
Audited Compliance Programs need to be conducted by Independent Auditors, who are not involved with the day-to-day operations of the MSB’s business or compliance program, and who must be knowledgeable regarding the latest anti-money laundering requirements.
MSBs must designate a Compliance Officer in place who administers sound procedures, and provides a written report of findings that, among other things, offers suggestions for improvement.
The designated Compliance Officer is responsible for making sure the day-to-day compliance work is completed.
The Compliance Program maintenance includes any, or all of, the following:
The Compliance Manual
To be included in the Compliance Manual; The Gramm Leah Bliley Act (GLBA) requires institutions that collect nonpublic personal information to retain that information in a secure fashion. Additionally, privacy notices must be distributed in the event that consumers’ information is released or sold (except as permitted by law). Similar to anti-money laundering requirements, a Compliance Officer must be designated and procedures for complying with this act must be documented.
If the GLBA topic is not included in the MSB’s anti-money laundering manual, the Office of Foreign Assets Control compliance and procedures requires a free standing document focusing solely on protecting the privacy of the MSB’s consumers.
MSBs must protect the privacy of the consumer with the help of their employees. Employees must know what to do, and perhaps more importantly, what not to do, with the information they collect.
Documentation regarding training on this topic along with anti-money laundering training is a requirement of the Office of Foreign Assets Control.
The Compliance Manual
After the September 11th, 2001 terrorist attacks, the Office of Foreign Assets Control (OFAC) issued a statement saying “MSBs can no longer ignore their OFAC compliance responsibilities”. As a financial institution in the United States, MSBs are not allowed to complete a transaction with a consumer that appears on OFAC’s Specially Designated Nationals (SDN) list, regardless of the type or amount. Consequently, MSBs must have procedures in place to confirm that this requirement was not violated.
Traditionally, this topic is addressed in the same anti-money laundering manual and protection of consumer privacy compliance procedures; if this is not the case, a freestanding document focusing solely on meeting OFAC requirements must be available and current.
To comply with OFAC requirements, the transaction(s) must be terminated before completion. MSB employees are the only ones capable of determining that a consumer utilizing your services is on the SDN list and must terminate the transaction before it is completed. Consequently, they must be trained on OFAC requirements, when and how to screen consumers, and what to do if there’s a match.