Section



[Code of Federal Regulations]
[Title 12 Volume 1]
[Revised as of January 1, 2004]
From the U.S. Government Printing Office via GPO Access
[CITE: 12CFR21.21]

[Page 232]
 
                       TITLE 12--BANKS AND BANKING
 
   CHAPTER I--COMPTROLLER OF THE CURRENCY, DEPARTMENT OF THE TREASURY
 
PART 21--MINIMUM SECURITY DEVICES AND PROCEDURES, REPORTS OF SUSPICIOUS ACTIVITIES, AND BANK SECRECY ACT COMPLIANCE PROGRAM--Table of Contents
 
    Subpart C--Procedures for Monitoring Bank Secrecy Act Compliance
 
Sec. 21.21  Procedures for monitoring Bank Secrecy Act (BSA) compliance.


    (a) Purpose. This subpart is issued to assure that all national 
banks establish and maintain procedures reasonably designed to assure 
and monitor their compliance with the requirements of subchapter II of 
chapter 53 of title 31, United States Code, and the implementing 
regulations promulgated thereunder by the Department of Treasury at 31 
CFR part 103.
    (b) Establishment of a BSA compliance program--(1) Program 
requirement. Each bank shall develop and provide for the continued 
administration of a program reasonably designed to assure and monitor 
compliance with the recordkeeping and reporting requirements set forth 
in subchapter II of chapter 53 of title 31, United States Code and the 
implementing regulations issued by the Department of the Treasury at 31 
CFR part 103. The compliance program must be written, approved by the 
bank's board of directors, and reflected in the minutes of the bank.
    (2) Customer identification program. Each bank is subject to the 
requirements of 31 U.S.C. 5318(l) and the implementing regulation 
jointly promulgated by the OCC and the Department of the Treasury at 31 
CFR 103.121, which require a customer identification program to be 
implemented as part of the BSA compliance program required under this 
section.
    (c) Contents of compliance program. The compliance program shall, at 
a minimum:
    (1) Provide for a system of internal controls to assure ongoing 
compliance;
    (2) Provide for independent testing for compliance to be conducted 
by bank personnel or by an outside party;
    (3) Designate an individual or individuals responsible for 
coordinating and monitoring day-to-day compliance; and
    (4) Provide training for appropriate personnel.

(Approved by the Office of Management and Budget under control number 
1557-0180)

[52 FR 2859, Jan. 27, 1987, as amended at 68 FR 25111, May 9, 2003]