Target Training: Utilizing Testing and Reviews to Target your Training on Key BSA/AML Items

Training is an extremely important part of the BSA/AML program for financial institutions. Sometimes staff training itself can be challenging, but making sure the training is understood is even more difficult. By implementing a target training system, to go along with your normal annual training, you may be able to help your institution analyze and review what type of training is being given, to whom the training is given, if the training is being practiced in the field and if employees are adhering to the institution's policies and procedures.

Target training can also help to risk rate the departments in the institution to know where there may be possible weaknesses in BSA/AML compliance or where issues could arise. The program can also look at the employees of the institution to gauge their comprehension of BSA/AML compliance — for example in creating a Know Your Employee (KYE) program—to show where employees may need assistance with their comprehension of BSA/AML compliance. The program may also fix any discrepancies in the training and/or seeing any possible issues in the institution's current policies and procedures. Utilizing the target training process may also help you show examiners/auditors that the training you provide to staff is being understood and followed appropriately.

The target training process should go along with any current testing and reviews that are performed within the institution. The testing and reviews can come from any key aspect of BSA/AML requirements (i.e., Customer Identification Program (CIP) tracking), and in using those tests and reviews you will be able to rate areas of the institution on how they are performing with their BSA/AML compliance.

How it Works

The testing and reporting to management is broken down into two parts the BSA/AML review report and the Know Your Employee (KYE) report.

In the first part the department or branch is rated on the aspect of BSA/AML they completed. In the second part, employees are rated on the aspect of BSA/AML they completed. This rating can help to create accountability in individuals to ensure they understand the importance of following the regulations.

By the end of the review you should be able to risk rate the department and/or branch as well as the individuals in their performance of their BSA/AML duties.

The BSA Review

When testing and reviewing key BSA/AML requirements it is important to break down the review into small categories and take samples of the items to review.

Based on your institution's policies and procedures you would determine what and how each aspect may be tracked in the report. Obtaining an error rate and giving a point value to that rate is a factor in determining the rating for the department.

There are numerous aspects of BSA/AML to test and many ways to test them. Chart 1 gives an example of the flow process.


Examples of the Reviews and Test for BSA

Customer Identification Review (CIP): This review is based on a review of customer identification that front line staff obtains per the bank's CIP policy and procedure. The review analyzes the number of exceptions found in the review and is broken down into critical exceptions. Critical errors are defined as missing any of the following: Name, Physical Address, Date of Birth, and TIN (EIN, SSN, or ITIN etc.).

Customer Due Diligence Review: The new account CDD review is based on a review of all new customers (CIS records) opened for that month.

Currency Transaction Reporting (CTR): The CTR review is a review of completed CTRs filed by staff for accuracy and completeness.

Negotiable Instruments Review: The NIL review tests to ensure proper information was placed in the teller system for the purchase of negotiable items.

Data Validity Review: The data validity review tests to ensure proper information was in place in the bank's systems. Items to be included in the review can be from transactions completed by tellers to customer information placed into the system.

Training Review: The training review is completed to ensure all staff completed required online courses prior to the six month and one year deadline for completion of said courses. This review is mostly to notify management of staff that have not taken their required BSA/AML training for the year and against whom accountability needs to be enforced.

Suspicious Activity Review: The suspicious activity review looks at the referrals that staff has sent the BSA team. Also, the review looks at cases the BSA team has uncovered and if the branch should have notified the BSA team of the activity when it occurred. This review looks to see if red flag training may be needed by particular departments or individuals to help them understand what to look for in regards to customer activity that may be atypical and unusual.

Fraud: This is a review of the branches that have sent risk management fraud cases. The review assesses how the branch did in handling the case and if there were missed red flags that should have been caught to minimize the loss or exposure.

Missing Signature Cards: The review can be a part of the CIP review. In particular the review shows what documents are missing and which branches are guilty of missing the information.


Once all the reviews are completed it is time to calculate points so a rating can be determined for the department. Calculating points can be done in the following manner. You take the total number of errors divided by total number of items reviewed to give you the error rate, based on that rate you give the points that the rate falls into. An example of this is given in Chart 2.

Once you have completed all of your reviews you total up the points and divide by the number of reviews you performed, that will give you the rating for the department (see Chart 3).

The final rating is then given to the branch/business line and action items are documented for them to follow (see Chart 4).

Know Your Employee (KYE)

In the second part, the KYE report, employees are rated on the aspect of BSA/AML they completed, this can help create accountability for individuals to ensure they understand the importance of following the regulations.


The KYE review breaks down errors noted in the BSA reviews to associate them with the employees that make the errors. Employees with high error rates would need to review items and the part of BSA in which the error occurred and re-train on that section of BSA to gain a better understanding of the process.


The following factors are taken into account when reviewing the KYE report.

  • Associating the customer with the transactions they perform.
  • Performing OFAC and ID verification checks on NEW customers.
  • Gathering proper CIP for new customers.
  • Updating customer information when existing customers open new accounts.
  • Completing Currency Transaction Reports (CTR) accurately and completely.
  • Completing cash purchases of negotiable items accurately and completely.

In knowing your employee you can assess risk factors by looking at the employee's performance errors and assessing the individual's and department's risk based on certain pre-set factors of the company's choice. Some examples of possible risk factors are stated below.

Example for tellers and platform: Along with reviewing the tellers and platform employees you would take their BSA/AML performance (gathering CIP, CDD, completing CTRs, etc.) you could also assess the number of their customers that are rated as high risk in your BSA/AML customer risk assessments. Include in the review if you have had any investigations on their customers for possible filing of reports. For branch personnel you can also risk rate the branch based on numbers of accounts opened, CTRs filed, high-risk customers etc.

Example Private Banking/Commercial Officer: For a private banking/commercial officer employee you would take their BSA/AML performance (gathering CIP, CDD, etc.) you could then also assess the number of their customers that are rated as high risk in your BSA/AML customer risk assessments. As before include if you have had any investigations on their customers for possible filing of reports.


Looking at Trends

In doing the review you can also show trends of how the institution is performing in their BSA/AML duties and if the institution is showing improvement or having issues with certain areas of BSA. Sample Trending analysis is in Chart 5.


In doing BSA/AML reviews and testing it helps to better know your employees and their comprehension of BSA/AML job functions. It allows you to, along with regular required training, target train certain departments or individuals to help alleviate any issues or gaps there may be or may arise from a lack of BSA/AML comprehension.

R. Joseph Soniat, CAM, CFE, bank secrecy act officer, Union First Market Bank, Richmond, VA, USA,

Leave a Reply