Current through September 30, 2024
Section 1020.210 - Anti-money laundering program requirements for banks(a)Anti-money laundering program requirements for banks regulated by a Federal functional regulator, including banks, savings associations, and credit unions. A bank regulated by a Federal functional regulator shall be deemed to satisfy the requirements of 31 U.S.C. 5318(h)(1) if it implements and maintains an anti-money laundering program that:(1) Complies with the requirements of §§ 1010.610 and 1010.620 of this chapter;(2) Includes, at a minimum:(i) A system of internal controls to assure ongoing compliance;(ii) Independent testing for compliance to be conducted by bank personnel or by an outside party;(iii) Designation of an individual or individuals responsible for coordinating and monitoring day-to-day compliance;(iv) Training for appropriate personnel; and(v) Appropriate risk-based procedures for conducting ongoing customer due diligence, to include, but not be limited to:(A) Understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and(B) Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information. For purposes of this paragraph, customer information shall include information regarding the beneficial owners of legal entity customers (as defined in § 1010.230 of this chapter); and(3) Complies with the regulation of its Federal functional regulator governing such programs.(b)Anti-money laundering program requirements for banks lacking a Federal functional regulator including, but not limited to, private banks, non-federally insured credit unions, and certain trust companies. A bank lacking a Federal functional regulator shall be deemed to satisfy the requirements of 31 U.S.C. 5318(h)(1) if the bank establishes and maintains a written anti-money laundering program that:(1) Complies with the requirements of §§ 1010.610 and 1010.620 of this chapter; and(2) Includes, at a minimum:(i) A system of internal controls to assure ongoing compliance with the Bank Secrecy Act and the regulations set forth in 31 CFR Chapter X;(ii) Independent testing for compliance to be conducted by bank personnel or by an outside party;(iii) Designation of an individual or individuals responsible for coordinating and monitoring day-to-day compliance;(iv) Training for appropriate personnel; and(v) Appropriate risk-based procedures for conducting ongoing customer due diligence, to include, but not be limited to:(A) Understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and(B) Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information. For purposes of this paragraph, customer information shall include information regarding the beneficial owners of legal entity customers (as defined in § 1010.230 ); and(3) Is approved by the board of directors or, if the bank does not have a board of directors, an equivalent governing body within the bank. The bank shall make a copy of its anti-money laundering program available to the Financial Crimes Enforcement Network or its designee upon request.85 FR 57137, Sept. 15, 2020 81 FR 29457, 5/11/2016; 85 FR 57137, 11/16/2020