§ 21.21Procedures for monitoring Bank Secrecy Act (BSA) compliance.
(a)Purpose. This subpart is issued to assure that all national banks establish and maintain procedures reasonably designed to assure and monitor their compliance with the requirements of subchapter II of chapter 53 of title 31, United States Code, and the implementing regulations promulgated thereunder by the Department of the Treasury at 31 CFR Chapter X.
(b)Establishment of a BSA compliance program—(1) Program requirement. Each bank shall develop and provide for the continued administration of a program reasonably designed to assure and monitor compliance with the recordkeeping and reporting requirements set forth in subchapter II of chapter 53 of title 31, United States Code and the implementing regulations issued by the Department of the Treasury at 31 CFR Chapter X. The compliance program must be written, approved by the bank's board of directors, and reflected in the minutes of the bank.
(2)Customer identification program. Each bank is subject to the requirements of 31 U.S.C. 5318(l) and the implementing regulations jointly promulgated by the OCC and the Department of the Treasury at 31 CFR 1020.220, which require a customer identification program to be implemented as part of the BSA compliance program required under this section.
(c)Contents of compliance program. The compliance program shall, at a minimum:
(1) Provide for a system of internal controls to assure ongoing compliance;
(2) Provide for independent testing for compliance to be conducted by bank personnel or by an outside party;
(3) Designate an individual or individuals responsible for coordinating and monitoring day-to-day compliance; and
(4) Provide training for appropriate personnel.
(Approved by the Office of Management and Budget under control number 1557-0180)