Scoping and Planning

SCOPING AND PLANNING INTRODUCTION

Objective: Develop an understanding of the bank’s money laundering, terrorist financing (ML/TF), and other illicit financial activity risk profile. Based on the bank’s risk profile, develop a risk-focused examination scope, and document the Bank Secrecy Act/anti-money laundering (BSA/AML) examination plan. 

Examiners assess the adequacy of the bank’s Bank Secrecy Act/anti-money laundering (BSA/AML) compliance program, relative to its risk profile, and the bank’s compliance with BSA regulatory requirements. The scoping and planning process enables examiners to understand the money laundering, terrorist financing (ML/TF), and other illicit financial activity risk profile of the bank. The scoping and planning process also enables examiners to focus their reviews of risk management practices and compliance with BSA requirements on areas of greatest ML/TF and other illicit financial activity risks. Examiners assess whether the bank has developed and implemented adequate processes to identify, measure, monitor, and control those risks and comply with BSA regulatory requirements. 

The scoping and planning process should include determining BSA/AML examination staffing needs, including technical expertise, and identifying the BSA/AML examination and testing procedures to be completed. The federal banking agencies generally allocate more resources to higher-risk areas and fewer resources to lower-risk areas. Each section in this Manual includes an introductory overview and accompanying examination and testing procedures, as applicable, for examiners to follow.

Whenever possible, the scoping and planning process should be completed before the onsite portion of the examination, although some information may not be available during this process. The scope of a BSA/AML examination varies by bank and should be tailored primarily to the bank’s risk profile. Other factors to consider in determining the examination scope may include the bank’s size or complexity, and organizational structure. The request letter should also be tailored to, and correspond with, the planned examination scope.[1]For purposes of this Manual, a request letter also means a pre-examination request list or a first day request letter.

The scoping and planning process generally begins with a review of the bank’s BSA/AML risk assessment, independent testing (audit), analyses and conclusions from previous examinations, other information available through offsite and ongoing monitoring processes, and request letter items received from the bank.[2]For purposes of this Manual, references to the terms “independent testing” and “audit” are synonymous. Subsections of Scoping and Planning provide information to help examiners understand the bank’s risk profile and develop the BSA/AML examination plan. 

Many banks rely on technology to aid in BSA/AML compliance and, therefore, the scoping and planning process should include developing an understanding of the bank’s information technology sources, systems, and processes used in the BSA/AML compliance program. This information assists examiners in the scoping and planning process to determine what, if any, additional examiner subject matter expertise is warranted. 

Office of Foreign Assets Control (OFAC) regulations are not part of the BSA, and an OFAC review is not required during each examination cycle. However, OFAC compliance programs are frequently assessed in conjunction with BSA/AML examinations. Factors to consider when determining whether to include a review of OFAC compliance in the examination scope include the bank’s OFAC risk profile, in particular the number, dollar amount, and type of international activity; the bank’s size or complexity; and organizational structure. The federal banking agencies’ primary role relative to OFAC is to evaluate the sufficiency of the bank’s implementation of policies, procedures, and processes for complying with OFAC-administered laws and regulations, not to identify apparent OFAC violations.[3]OFAC determines violations of its regulations. If OFAC compliance will be part of the review, examiners should also review the bank’s OFAC risk assessment and related independent testing to determine the appropriate scope of the review. Refer to the Office of Foreign Assets Control section for more information.

 

< Previous Page
Introduction
Next Page >
Risk - Focused BSA/AML Supervision