Please note that the FFIEC has updated its manual.
The updates remind examiners that no specific customer type automatically presents a higher risk of money laundering, terrorist financing, or other illicit financial activity. Banks must have appropriate risk-based procedures for conducting ongoing CDD to understand the nature and purpose of customer relationships, and to develop customer risk profiles. Consistent with a risk-based approach, the level and type of CDD should be commensurate with the risks presented by the customer relationship.
The manual provides instruction to examiners for assessing a bank’s BSA/AML compliance program and its compliance with other BSA regulatory requirements.
The Manual sections updated are (1) Introduction – Customers; (2) Charities and Nonprofit Organizations; (3) Independent Automated Teller Machines Owners or Operators; and (4) Politically Exposed Persons.
Examiners are expected to take a risk-based approach and examination procedures performed will depend on factors such as the bank’s risk profile, size, or complexity, expansionary activities, adoption of new innovations or technologies, changes to the bank’s BSA/AML compliance officer, or department, the quality of the bank’s independent testing, and other relevant factors. As appropriate, examiners will assess whether the bank has developed and implemented adequate policies, procedures, and processes to identify, measure, monitor, and control risks customers may pose, and to otherwise comply with related BSA/AML regulatory requirements.
We suggest visiting the FFIEC manual frequently to ensure your processes are aligned with the requirements.