[tgerst]

In our recent BSA audit, we were criticized for not conducting customer due diligence for accounts opened via our website or mobile app.

When a customer comes into the bank in person to open an account, we have a series of questions we ask about their expected activity.

This is not as easy to do on the website or mobile app. The customer goes through a much more rigorous ID verification process when opening an account this way, but we do not ask questions regarding their expected activity.

Any suggestions for conducting customer due diligence for accounts not opened in person?

[rcooper]

Answer by Don Blaine:

Great comment and question on the regulatory finding that examiners expect CDD to be performed on accounts opened online and how to do so. It’s great that your bank has heightened CIP protocols for online customers but banks also need to address CDD expectations in addition to CIP. Many banks struggle with obtaining the same information from online or mobile banking customers since bank processes are more geared to pulling out the old paper checklist or filling out a soft form checklist on their automated transaction monitoring system while the customer is standing in front of them. I don’t think the examiner really had any choice based on the following guidance in the FinCEN BSA/AML manual shown verbatim below (emphasis added for effect):

Core Section on CDD

The cornerstone of a strong BSA/AML compliance program is the adoption and implementation of comprehensive CDD policies, procedures, and processes for ALL customers, particularly those that present a higher risk for money laundering and terrorist financing. The objective of CDD should be to enable the bank to predict with relative certainty the types of transactions in which a customer is likely to engage.

Management should have a thorough understanding of the money laundering or terrorist financing risks of the bank’s customer base. Under this approach, the bank should obtain information at account opening sufficient to develop an understanding of normal and expected activity for the customer’s occupation or business operations.

Expanded Examination Overview – Electronic Banking

E-banking systems, which provide electronic delivery of banking products to customers, include automated teller machine (ATM) transactions; online account opening; Internet banking transactions; and telephone banking. For example, credit cards, deposit accounts, mortgage loans, and funds transfers can all be initiated online, without face-to-face contact. Management needs to recognize this as a potentially higher-risk area and develop adequate policies, procedures, and processes for customer identification and monitoring for specific areas of banking.

Accounts that are opened without face-to-face contact may be a higher risk for money laundering and terrorist financing for the following reasons:

1) More difficult to positively verify the individual’s identity.
2) Customer may be out of the bank’s targeted geographic area or country.
3) Customer may perceive the transactions as less transparent.
4) Transactions are instantaneous.
5) May be used by a “front” company or unknown third party

Based on the above regulatory guidance, banks need to be more invasive – if that is possible- and ask more questions regarding anticipated types of transactions and volumes or amounts of online customers than those potential customers that walk into a branch to open an account. The bottom line is that you will need to include your typical CDD checklist (perhaps somewhat modified) in your online account opening processes and literally force the customer to provide you with responses before you open the account or shortly thereafter. I’m sure you are already obtaining information such as purpose of the account, source of any funds being deposited or used as a loan down payment, occupation of account owner(s), deposit/withdrawal volumes broken down into checks, ATM, ACH etc, wire transfer activity (incoming or outgoing and to/from), etc.

Let’s dress up this pig in a poke. Perhaps you can sell these questions as a customer service and indicate to the potential online customer that the purpose of the CDD questions is to assist the bank in identifying intended activity from potentially fraudulent activity after the account is opened that could cause delays or result in monetary loss. For example, you might say that special forms are needed for outbound wires and you can provide the necessary form now in order to speed up the process. (I’m assuming that there actually is a form that needs to be completed by the customer before the wire transfer is sent). You might also wish to state in your online questions that the bank has certain ATM withdrawal limitations and you need to know how often that transactions are anticipated to occur at your ATM such as cash withdrawals in terms of dollar volume and total number of accounts per day. Finally, you might wish to say that part of the purpose of the questions is to ensure that the bank is doing its job in matching up the customer with the account that is best for the customer such as asking about the number of monetary instruments that might be purchased because certain accounts include fee free purchase of monetary instruments.

Also, asking the question is the best way to clear the Pep, MSB, check cashing, hurdles. Gook luck and be creative with those questions that accompany your online account opening processes.

[Author]

Posts