FFIEC Released Updated CDD Exam Procedures – What You Need to Know

Now that we’ve crossed the May 11th, 2018 deadline, the enhanced Customer Due Diligence requirements (otherwise known as “Beneficial Ownership”) are in effect. With that, the Federal Financial Institutions Examination Council (FFIEC) issued new examination procedures that apply to financial institutions, including banks; savings and loan associations; credit unions; and branches, agencies, and representative offices of foreign banks. These procedures were created in close collaboration with FinCEN and the U.S. Department of the Treasury. 

The new procedures are replacing those in the current section titled “Customer Due Diligence – Overview and Examination Procedures”.  You can read the full documents here, but we wanted to highlight a few major changes that you should pay special attention to.

In addition to updated overviews and key definitions as they relate to the revised rule, the FFIEC also provides guidance on the creation of policies and procedures, including:

  • Conducting customer due diligence – Specifically, all banks are required to “develop and implement appropriate risk-based procedures for conducting ongoing customer due diligence.” Your risk profile is unique to your financial institution and you have to create a CDD program that reflects that.
  • Gathering customer information on a risk-based approach – The level and type of information you need to record varies based on a customer’s risk profile: more information is required on customers with a higher risk profile and less information on lower risk customers.
  • On-going customer monitoring – This ties into existing practices used to identify and report suspicious activity. Now, however, your policies must also include event-driven, risk-based procedures for performing ongoing monitoring of the customer relationship, including beneficial ownership information. As customer information is updated, you may need to reassess their risk profile. Make sure your procedures indicate who in your organization is authorized to change or update a customer’s risk rating.
  • Beneficial Ownership – This is the biggest update to the CDD rule. It states that banks are required to collect beneficial ownership information “at the 25 percent ownership threshold regardless of the customer’s risk profile.” Banks are required to obtain this information on all accounts that are opened on or after May 11, 2018. You are not required to retroactively obtain this information on accounts opened before the deadline, but you may need it as part of your on-going customer monitoring.

This list isn’t exhaustive, but focuses on some of the larger changes highlighted in the updated examination procedures.

One of the biggest takeaways from all of these CDD rule updates is that the “assessment of customer risk factors is bank-specific. There are no required risk profile categories and the number and detail of these categorizations will vary based on the bank’s size and complexity.” As we mentioned above, your risk profile is unique to your financial institution and we get that. With BAM+, we give you a solution that is tailored to fit your risk profile. You get full control and flexibility to keep you in accordance with these updated rules.

If you have concerns about your financial institution’s compliance or are in need of assistance with complying, Banker’s Toolbox Professional Services are here to help.  We can provide a comprehensive review with our Fifth Pillar Program Evaluation. We’ve also created a useful repository for CDD/Beneficial Ownership information on our website.  We’re dedicated to your success, so if you need further help, please don’t hesitate to contact us for more information.

-Kevin Gulledge, CAMS

Kevin Gulledge, CAMS, is a Senior Risk Management Consultant with over a decade of experience in the retail banking industry. He worked with mid-sized and large international institutions in a variety of roles, from Teller to New Account Representative to Compliance Analyst to BSA Investigator and BSA Department Manager. He has been in his current role as consultant and educator since 2014, where he has trained institutions on functionality and best BSA/AML practices, as well as calibrated risk-based systems and consulted and worked with BSA officers and regulators on internal and external projects; including program efficiency reviews, policy and procedure drafting, risk assessments and more. Kevin is CAMS-certified and is a member of National ACAMS (Association of Certified Anti-Money Laundering Specialists) and the Central Texas ACAMS Chapter.