Wipfli logo
Insights - Articles, Blogs and on-demand webcasts

Articles & E-Books


BSA refresher: Are you capturing all areas in your monitoring?

Jul 18, 2022

The COVID-19 pandemic, the Great Resignation and baby boomers retiring have all wreaked havoc on financial institutions over the last two years. Remote working environments have also disrupted the norm and day-to-day processes. With so many moving targets, tasks can fall behind or off the radar to focus on the “important” items.

What is important to remember during these challenging times is that identifying money laundering, suspicious activity and fraud at your financial institution should remain a priority. A financial institution’s Bank Secrecy Act (BSA) program is still a priority for regulators, and criminals continually find new ways to infiltrate the banking system, either directly or by scamming your consumers.

Commonly overlooked areas in BSA

Let’s take a minute to cover some commonly overlooked areas to monitor from a BSA perspective. Filing currency transaction reports (CTRs) on a timely basis, reviewing your high-risk customers and cash-intensive businesses periodically, and performing annual reviews of your exempt CTR customers are all evident staples of a sound BSA program.

What more could there be? Consider the following areas:

  • Prepaid access sales
  • Monetary instrument log sales
  • Early CD withdrawals or early loan payoffs with cash
  • Accounts opened online

Do you have an individual assigned to review these areas on a periodic basis? Does the individual assigned understand what they are looking for from a BSA perspective? Let’s briefly cover these items to understand the importance of each control.

Prepaid access sales

Offering consumers gift cards or travel cards through your financial institution may appear to be a non-risky service; however, prepaid access is an easy way for individuals to launder money.

While not required, it is a best practice for your financial institution to maintain a log or report of all prepaid access sales. Periodic review of the prepaid access sales can identify frequent purchases by the same individual, large-volume purchases with cash by the same individual or multiple reloads for high-dollar amounts by the same individual. Scenarios that come up after investigation may identify that a local business is paying its workers in cash by purchasing gift cards for employees or that your long-term customer is involved in a romance scam and sending gift cards to their “significant other” overseas.

Monetary instrument log sales

Financial institutions are required to maintain records of monetary instrument sales purchased with cash in amounts of $3,000 to $10,000. Some may think this is another burden imposed by regulation and not give the control another thought beyond documenting the required information.

What you may be overlooking is that your customer may be trying to evade taxes or other liens, so they continually take funds in cash and then make purchases or payments through purchases of money orders or cashier’s checks from your institution. Another possible scenario is that Jane Doe, whose occupation is listed as dental hygienist, is coming in every other week with cash to purchase a monetary instrument payable to herself.

Early CD withdrawal or loan payoffs

Loan payoff and large withdrawal reports are commonly reviewed by financial institutions to understand shifts in loan-to-deposit ratios or the organization’s asset liability management needs. The reports are most commonly not considered from a BSA perspective when reviewed. Periodic reviews of these reports should be conducted to identify potential suspicious activity.

Upon investigation, you may find that John Doe, who lost his spouse a year ago, has since depleted his CD accounts, meant for retirement, after meeting his new fiance online. Or you may find that a local business that is not cash-intensive has paid off two of its loans with $10,000 in cash payments, spread over the prior couple of months, for which the source of funds is unknown.

Online account opening

The pandemic pushed many financial institutions toward online account opening and remote banking to reach consumers and stay relevant during the shifting consumer landscape. The push at your financial institution might have been to obtain and implement the service or product as quickly as possible, but were BSA controls considered when implementing it?

If not, now would be a good time to revisit your controls for online account opening to understand the ones for new customers opening an account who reside out of your market area, the volume of fraud your organization may be experiencing from accounts opened online and whether your customer due diligence controls are effective when the online account is opened. For example, if your practice is to collect occupation and anticipated transactions for in-person account opening, that same process should be extended to accounts opened online.

How Wipfli can help

Hopefully you are feeling confident about the monitoring controls of your BSA program after reviewing these control areas. If you identified that any of these areas have fallen through the cracks these past couple of years or were never considered at your financial institution, it’s not too late to implement controls to get your BSA program back on track. A monitoring log that encompasses all BSA control areas of your financial institution, the individual responsible for the review, and the frequency of the review is a good idea.

Wipfli performs both BSA independent audits and custom BSA consulting engagements such as assisting financial institutions with setting up due diligence programs for high-risk customers like money service businesses or marijuana-related businesses or assisting with high-risk monitoring. Our compliance consultants can provide the support you need. Contact us to learn more.

Sign up to receive additional financial institutions content and information in your inbox, or continue reading on:


Erica Dornfeld
View Profile