03/31/2008
An issue has arisen at my bank concerning the need for a signatory on a homeowners association account to submit his social security number. My bank's BSA Officer believes that he must do so. I am not so sure. This individual has no personal accounts with our bank, but is listed as a signatory on two accounts dealing with homeowner's associations. The person in question refuses to give his social security number. How are HOAs classified for purposes of the USA Patriot Act? It's my understanding that the HOA is the owner of the account. I know that the signatory situation was in the proposed rules, but not the final ones. I would appreciate it if someone could provide me with some guidance.
07/09/2007
We are having a misunderstanding at my financial institution about the USA PATRIOT Act. We were first opening corporate accounts and gathering identification documentation and social security numbers on all the signers on corporate accounts. We were then instructed that it was unnecessary to obtain this information on the signers. Then about a year later we were instructed that the USA PATRIOT Act does require us to get this information. Does BSA or the PATRIOT Act require financial institutions to get ID for signers on corporate accounts as of 2007? If it does not, where can I find this information?
05/28/2007
We have a customer who had their Visa debit card stolen. He filed a police report and we filed a dispute. The dispute came back denied because they had a signature, but it was not his signature. Why are [Name of Discount Stores Withheld] not responsible for these charges as they did not check the ID of their customer? The signature is clearly different, what can we do?
04/02/2007
I have searched and reviewed current postings and questions and have not yet seen anything about filing CTRs incomplete for multiple transactions. The argument is that per administrative ruling 92.2, issued by the Department of the Treasury on 11/16/1992, a bank must make a reasonable effort to retrieve the transactor information on all multiple transactions. I am speaking of transactions that are conducted each under 10, but at the end of the day the bank has knowledge they have aggregated over 10 and must be reported. We have many customers that go to different locations and make deposits and current policy states that we are to make every effort including calling the customer to see who brought in each transaction, even if under 10, and get all the reportable information. My ultimate concern is not only that it is lots of extra work for BSA, but for banking offices as well. How are we to know that the information being provided over the phone is even accurate? Is this “ruling” still in effect and what would be the definition of "reasonable effort"?
03/12/2007
I am a new compliance officer and in the process of developing a procedure pertaining to ID theft. How do some institutions handle holds on accounts for customers that are a victim of identity theft (FACT ACT)? I know that we could close the deposit account that is affected by the ID theft and reopen a new one, but what about the other deposit accounts the customer has with our institution?
01/08/2007
We currently take copies of picture ID when opening new accounts and place the imaged document on our mainframe. We do not have paper files. The question came up whether there are any Reg B violations since this info is readily available to the lenders. We have been through several OCC exams and nothing has been said but now I wonder if there are any problems having this available. From what I see, it is no different than having a paper file with the ID in it but I wanted someone else's opinion.
11/06/2006
At one time we were not to copy drivers license and put them into the credit file. I understand a recent interagency agreement has changed that procedure. Do you have any knowledge of the change?
06/12/2006
What forms of identification are acceptable for compliance with the Patriot Act?
05/15/2006
Have the red flag guidelines under the FACT Act gone into effect yet, or is the law still a request?
02/20/2006
I oversee the bank website and have been told that new compliance guidelines will soon be in effect, making it mandatory for us to have customers use two different types of verification procedures. This would involve more than just a login and password; a second type of verification procedure would be necessary. Can you clarify exactly what we need to do to be compliant?