Answer: TCA continues to see examiner scrutiny on alert resolution. When documenting a response to an alert, it does not need to be as in-depth as an investigation narrative; however, it must explain the who, what, where, when, why, and how. This creates continuity for other BSA staff, examiners, and auditors to understand how you arrived at your conclusion. Here are some tips:
Who: Include a brief overview of the customer, i.e., type of business/customer’s occupation, utilize all available customer due diligence (CDD) and enhanced due diligence (EDD) information.
What: A description of the activity that caused the alert to generate, (i.e., cash transactions, evidence of structuring, wires, ACH)
Where: A description of where the transactions took place (i.e., ATM’s, multiple branches, other financial institutions.)
When: Document when the potentially suspicious transactions took place and include the time period of transactions included in the alert review.
Why: Document a clear conclusion statement describing why the activity is or is not suspicious.
How: Describe the flow of funds and the source of funds if known. If the alert generated on suspicious deposited funds, also consider how the funds were used. Remember to follow the money!
