08/11/2008
The reader's digest version
by Russ Horn, CISA, CISSP, CoNetrix
03/17/2008
Can you direct us to a government list regarding search requirements under 314a? The FDIC has requested that we include ACH debits and credits as well as bill pay payees. They also advised us that the sale of monetary instruments has no threshold, so all transactions are to be checked not just 3-10K.
10/01/2007
What are the rules for reporting SAR filings to the Board of Directors?
07/23/2007
Is it required to show proof of training for AML-BSA and/or regulatory compliance? If it is, where is the requirement identified?
03/12/2007
We have had several customers express ardent displeasure with multi-factor authentication and the desire to be "opted out." Our system allows for opt-out but an FDIC examiner has told us that opt-out should never be allowed. I understand that it should be extremely limited, but if a very good customer says "turn it off," why should they not have the choice since it is being put in place for their security - provided they are willing to sign some kind of hold harmless agreement. From a Regulatory compliance standpoint we are meeting our obligations by putting multi-factor generally in place, but is the expectation that no customer ever be given a choice?
09/25/2006
In reviewing an auto loan app today I noticed the customer has had 13 auto loans in the last 24 months (June '04 to June '06). He trades them in, usually with the same dealer. He has never made more than 2 payments on a loan. He first became our customer in July '02 and through Aug '03 received 9 separate auto loans, with this same pattern - one or two payments and trades off. Three off the loans in his whole portfolio received large principal reductions as one of their payments. None appear to be in cash. Is there cause here for a SAR? Or is this simply an aggravating customer?
07/24/2006
Just completed listening to a CD that we purchased from you titled Multi-Factor Authentication. Unfortunately, I don't get a chance to ask questions, so I'm sending this one off to you in hopes that either Mary Beth Guard or someone familiar with the topic can answer. It was never mentioned whether adding another ID/password challenge is an acceptable form of additional authentication and where appropriate would satisfy the FFIEC directive for end of this year?
05/01/2006
SAR Form Completion Tips ? A Trend Analysis of Frequently Asked Questions Received on FinCEN?s Regulatory Helpline
05/01/2006
Guidance on when a SAR must be filed was first set forth in the October 2000 SAR Activity Review: Tips, Trends & Issues.
05/01/2006
In an effort to improve the consistency and quality of information being reported in SARs, and to guide financial institutions on compliance with suspicious activity reporting requirements, FinCEN