12/08/2008
Among credit risk, market risk and operational risk, developing a good operational risk management program seems to be the most challenging. Can't our existing compliance processes (e.g., AML, Red Flags, GLBA, etc.) contribute to operational risk management?
11/24/2008
We had a customer come in to make a withdrawal on a savings account. He stated the balance of the account was about $6,000, but our records show he has had an average balance of only $1,300. Later in the day he was able to produce what he claims to be three 2007 statements mailed to him from us. These statements do not look anything like what we produce and had many errors with interest, balances, dates, statement periods and logos. It also does not match the activity we show for 2007 and appears to us to be badly produced fraudulent statements. We are currently pulling all statements since he opened the account to see if we can find any errors in the activity. Since 12/07 his account has been on our do not mail list because of a wrong address. Should we have him sign a statement regarding the statements he produced for us stating they were received in the mail for future reference if they are proved to be fraudulent? I am following up on the research of the account to verify, but it appears that he is attempting to commit fraud since his produced statements do not match our statements for the same period.
09/08/2008
A customer opened an individually owned CD and listed a beneficiary. The CD was opened with $13,000 in cash, so we will file a CTR. Does the CTR have to include the beneficiary?
01/07/2008
If a customer claims that two bills they received from the bank were counterfeit, what are the proper procedures for handling this situation and reporting it accordingly?
05/14/2007
Are we required to obtain an affidavit from customers if they report a check counterfeit and want it returned?
03/05/2007
We are not currently participating in Check 21 and converting documents. We have had customers claim that a check is a forgery. The check cleared as an IRD and all we have is the replacement document sent to us from the depository bank. When the customer files a police report the police are asking for the original check back so they can test for fingerprints. When we contact the depository bank we are told that the original check has been destroyed. I understand that they have to truncate the check for 14 days then it can be destroyed. After 14 days, what suggestions do you have when the police want the original check to prove forgery and press charges and have you had this come up on previous questions?
11/27/2006
Currently we do a social security verification or a credit report on all new accounts to verify identity/and/or other information. Some reports verify the individual information to be the same as what we have on the person but will not verify that the social security number is actually issued to that person, but gives the date of issue and the state issued in. According to the CIP rules, are we required to verify that the number given is actually issued to that person? If so, do you know where or how to obtain that specific information?
10/30/2006
Question on Reg Z: In instances of fraud, can Reg Z apply? A cash advance was made from a credit card to a checking account. The funds are held in an internal GL. The department holding the funds claims that applying the money to the credit card fraud loss would be a "blatant violation" of the Reg. They feel that sending a check to the fraudster is more appropriate! Please help.
09/11/2006
We're being requested by the US Treasury to handle, over the telephone, amongst other things:* non-receipt of ACH credit claims, * request for account ownership info, and others that they want to give to us. We do not have to resolve the actual issue real-time over the phone but at a minimum, take in their claim/request. They're referring to the Social Security Act (Section 1441, Title 26, Title II the Railroad Retirement Act of 1974 and the Right to Financial Privacy Act (12 U.S.C. 3413 (K)) and saying that we're required to comply. Are you familiar with this and what are we required to do?
03/20/2006
I have a potential new customer opening a business account for a privately-held company; however, he is part of a publicly-held company. He claims that due to this relationship with a publicly-held company, he does not need to provide CIP information to us.