(a) Anti-money laundering program
requirements for banks regulated by a federal functional regulator,
including banks, savings associations, and credit unions. A bank
regulated by a federal functional regulator shall be deemed to satisfy
the requirements of 31 U.S.C. 5318(h)(1) if it implements and maintains
an anti-money laundering program that:
(1) Complies with the requirements of sections
1010.610 and 1010.620 of this chapter;
(2) Includes, at a minimum:
(i) A system of internal controls to
assure ongoing compliance;
(ii)
Independent testing for compliance to be conducted by bank personnel
or by an outside party;
(iii)
Designation of an individual or individuals responsible for coordinating
and monitoring day-to-day compliance;
(iv) Training for appropriate personnel;
and
(v) Appropriate risk-based
procedures for conducting ongoing customer due diligence, to include,
but not be limited to:
(A) Understanding the nature and purpose of customer relationships
for the purpose of developing a customer risk profile; and
(B) Conducting ongoing monitoring to identify
and report suspicious transactions and, on a risk basis, to maintain
and update customer information. For purposes of this paragraph, customer
information shall include information regarding the beneficial owners
of legal entity customers (as defined in section 1010.230 of this
chapter); and
(3) Complies with the regulation of its
federal functional regulator governing such programs.
(b) Anti-money laundering program requirements
for banks lacking a federal functional regulator including, but not
limited to, private banks, non-federally insured credit unions, and
certain trust companies. A bank lacking a federal functional
regulator shall be deemed to satisfy the requirements of 31 U.S.C. 5318(h)(1)
if the bank establishes and maintains a written anti-money laundering
program that:
(1) Complies
with the requirements of sections 1010.610 and 1010.620 of this chapter;
and
(2) Includes, at a minimum:
(i) A system of internal
controls to assure ongoing compliance with the Bank Secrecy Act and
the regulations set forth in 31 CFR chapter X;
(ii) Independent testing for compliance
to be conducted by bank personnel or by an outside party;
(iii) Designation of an individual or
individuals responsible for coordinating and monitoring day-to-day
compliance;
(iv) Training for
appropriate personnel; and
(v)
Appropriate risk-based procedures for conducting ongoing customer
due diligence, to include, but not be limited to:
(A) Understanding the nature and purpose
of customer relationships for the purpose of developing a customer
risk profile; and
(B) Conducting ongoing
monitoring to identify and report suspicious transactions and, on
a risk basis, to maintain and update customer information. For purposes
of this paragraph, customer information shall include information
regarding the beneficial owners of legal entity customers (as defined
in section 1010.230); and
(3) Is approved by the board of directors
or, if the bank does not have a board of directors, an equivalent
governing body within the bank. The bank shall make a copy of its
anti-money laundering program available to the Financial Crimes Enforcement
Network or its designee upon request.
