Bank Secrecy act (BSA)

Bulletproof your BSA

What is the Bank Secrecy Act (BSA)?

The BSA was enacted in 1970 to help prevent the US banking system from being used for illegal purposes such as money laundering and the funding of terrorist activity. All financial institutions are required comply with the requirements of the BSA, which include obtaining identifying documentation about customers/members and maintaining records of transactions, as well as reporting certain transactions to law enforcement.

What’s happening with BSA now?

In the second half of 2014 and first quarter of 2015 BSA weaknesses have been the leading cause of enforcement actions against financial institutions of all shapes and sizes. On top of that, BSA audits are becoming more stringent than ever. Some of the most common errors cited in BSA audits are:

  • Lack of a documented procedure for repeat Suspicious Activity Report (SAR) filings
    • when to advise management

    • when to review the total customer/member relationship

    • when to close accounts

    • when to notify law enforcement

  • Lack of compliance with the BSA’s information sharing (314(a)) program requirements - missing search dates or late responses
  • Lack of a documented procedure for periodically reviewing automated BSA software

    • this needs to be done by someone who does not have responsibility for setting software parameters

    • review shoud be done at least annually

  • Insufficient identification/verification of nonbank financial institutions (NBFIs) and money services businesses (MSBs) when opening new accounts.

Bulletproof your BSA

There have not been a lot of changes to BSA recently and because of that some institutions are becoming complacent about their BSA program. When reviewing your policies and procedures, here are a few actionable insights to help improve your program:

  • Spot the focal points in recent enforcement actions

  • Identify the most frequently cited BSA/AML audit findings

  • Understand the root causes of typical program deficiencies

  • Pinpoint the factors that lead to strong monitoring and oversight

  • Adjust your internal controls environment to avoid common pitfalls

  • Apply best practices for ensuring proper reporting

How can Continuity help?

The Compliance Core™ was created to help financial institutions reduce the burden of compliance by automatically assigning the right task to the right person at the right time. This is accomplished via “ToDos” (Continuity’s way of letting the appropriate people know when there is a task to be completed), ToDos include all the necessary worksteps for each task to ensure that you stay in compliance. Once the ToDo is completed, reports can easily be generated to provide the documentation needed for monitoring, auditing, and regulatory examinations.

With the Compliance Core you work with a Client Care Strategist to set up your BSA program on our Control Platform. During this one-time process, you will assign and schedule ToDos so that they are received by the right people at the right time. 

After that, you can rest easy, knowing that nothing will be missed and that your institution won’t become complacent about BSA!

Click Here to see the ToDos available on the Control Platform. Because the Compliance Core is completely customizable, you can create additional ToDos at any time for tasks that are specific to your institution.

White Papers


Compliance Blog