When dispositioning alerts from our automated BSA/AML monitoring system, how much information is enough?

Answer: TCA continues to see examiner scrutiny on alert resolution. When documenting a response to an alert, it does not need to be as in-depth as an investigation narrative; however, it must explain the who, what, where, when, why, and how. This creates continuity for other BSA staff, examiners, and auditors to understand how you arrived at your conclusion. Here are some tips:

Who: Include a brief overview of the customer, i.e., type of business/customer’s occupation, utilize all available customer due diligence (CDD) and enhanced due diligence (EDD) information.

What: A description of the activity that caused the alert to generate, (i.e., cash transactions, evidence of structuring, wires, ACH)

Where: A description of where the transactions took place (i.e., ATM’s, multiple branches, other financial institutions.)

When: Document when the potentially suspicious transactions took place and include the time period of transactions included in the alert review.

Why: Document a clear conclusion statement describing why the activity is or is not suspicious.

How: Describe the flow of funds and the source of funds if known. If the alert generated on suspicious deposited funds, also consider how the funds were used. Remember to follow the money!

Do You Need Compliance Help?

We’re here to review your current compliance strategy and help you find A Better Way to manage risk.



Email for Non-Confidential Information Only

[email protected]

Office Location

2021 Midwest Road, Suite 200,
Oak Brook, IL 60523

Endorsed By