12 CFR 208.63 – Procedures for monitoring Bank Secrecy Act compliance
(a) Purpose. This section is issued to assure that all state member banks establish and maintain procedures reasonably designed to assure and monitor their compliance with the provisions of the Bank Secrecy Act (31 U.S.C. § 5311, et seq.) and the implementing regulations promulgated thereunder by the Department of Treasury at 31 CFR part 103, requiring recordkeeping and reporting of currency transactions.
(b) Establishment of BSA compliance program—(1) Program requirement. Each bank shall develop and provide for the continued administration of a program reasonably designed to ensure and monitor compliance with the recordkeeping and reporting requirements set forth in subchapter II of chapter 53 of title 31, United States Code, the Bank Secrecy Act, and the implementing regulations promulgated thereunder by the Department of the Treasury at 31 CFR part 103. The compliance program shall be reduced to writing, approved by the board of directors, and noted in the minutes.
(2) Customer identification program. Each bank is subject to the requirements of 31 U.S.C. § 5318(l) and the implementing regulation jointly promulgated by the Board and the Department of the Treasury at 31 CFR 103.121, which require a customer identification program to be implemented as part of the BSA compliance program required under this section.
(c) Contents of compliance program. The compliance program shall, at a minimum:
(1) Provide for a system of internal controls to assure ongoing compliance;
(2) Provide for independent testing for compliance to be conducted by bank personnel or by an outside party;
(3) Designate an individual or individuals responsible for coordinating and monitoring day-to-day compliance; and
(4) Provide training for appropriate personnel.