BSAC Exam Prep – 2025 with
Complete Solutions
True or False:
The credit union's BSA Officer is ultimately responsible for the credit union's BSA
compliance. - ANSWER-False.
Although the BSA Officer is responsible for coordinating and monitoring day-to-day
BSA/AML compliance and managing all aspects of the BSA compliance program, the
credit union's board of directors is ultimately responsible for the credit union's
compliance. This is why it is critical that the board of directors designate a qualified BSA
officer and receive appropriate BSA/AML training annually.
The BSA Officer must be knowledgeable of:
A. The BSA, and related regulations;
B. The credit union's products and
services;
C. The credit union's members;
D. The credit union's neighborhoods;
E. a & b
F. All of the above. - ANSWER-The answer is F.
The BSA Officer is expected to be fully knowledgeable of the Bank Secrecy Act and all
related regulations, as well as understand the money laundering and terrorist financing
risks associated with the credit union's products, services, members, and geographic
locations of each credit union office and branch. The BSA Officer should be in a position
to regularly apprise the senior management staff and the board of directors of ongoing
compliance with the BSA/AML requirements.
True or False:
If you are a small credit union (less than $100 million) it is acceptable to have the BSA
Officer identify when BSA- related reports must be filed, fill out the reports, and
determine when members are eligible to be exempt from BSA reporting. - ANSWER-
False.
As part of the credit union's internal controls, you must have policies and procedures in
place to limit and control risks associated with BSA/AML. Such internal controls include
the segregation of duties whenever possible, so that it isn't the same person
determining who is exempt from filing, when a report should be filed, and actually
completing the reports. It is important to have a "checks and balances" system in place.
Regulators recommend that independent testing of your BSA program should be done:
,A. Annually
B. Every 12 to 18 months
C. Whenever necessary
D. Before each exam - ANSWER-The answer is B.
The frequency of the required independent testing is not specifically defined in the
regulation, however, the regulators recommend that it be done every 12 to 18 months,
depending on the credit union's risk profile.
Which of the following products and services may have a higher risk for illegal
activities?
A. Wire transfers
B. Monetary instruments
C. Traveler's Checks
D. All of the above - ANSWER-The answer is D.
Although attempts to launder money or conduct other illegal activities through a credit
union can emanate from many different sources, certain products, services, members,
and geographic locations may be more vulnerable or have historically been known to be
abused by money launderers and criminals. For example, some products and services
may allow a higher degree of anonymity ( such as electronic funds payments), or
involve the handling of high volumes of currency (such as monetary instruments like
cashier's checks, money orders, and traveler's checks).
The identification and verification rules do NOT apply to which of the following?
A. Joint owners
B. Beneficiaries
C. Co-borrowers
D. Non-resident aliens
E. Applies to A, B, C & D. - ANSWER-The correct answer is "B."
The CIP/MIP regulations apply to anyone applying to open an account, which includes
any accountholder on the account (members and non-members). This will include joint
owners and trustees, as well as both resident and non-resident aliens. However,
beneficiaries are not signers on an account and may not even know they are
beneficiaries; therefore, they are not included on this list. Additionally, the definition of
"account" means any "formal banking or business relationship established to provide an
ongoing service, dealing, or other financial transaction." This definition is broad enough
to include loans, and therefore co-borrowers would also fall under the requirements.
Yes or No:
Does the CIP/MIP rule prohibit a minor from opening an account? - ANSWER-No.
The CIP/MIP rule states that the credit union's "member" includes an individual who
opens the account for an individual who lacks legal capacity, such as a minor. In other
words, if a parent opens an account for a child, the member for purposes of the CIP/MIP
rule is the parent. If, however, a minor opens the account, then the minor is the
member. According to NCUA, when a minor opens the account, he/she can be verified
, through documentary methods such as a driver's license or work permit. If these are not
available, the minor could be identified through nondocumentary methods such as
verification by an existing member, using public databases, or verification of identity by
parent/teacher. A credit union's CIP/MIP policy must specify what types of documentary
and/or non-documentary evidence it will accept for a minor's account and the
circumstances under which such documentation will be acceptable.
The credit union cannot disclose a 314(a) request to anyone other than who? -
ANSWER-FinCEN, its regulator, or the law enforcement agency on whose behalf
FinCEN requested the information.
In order to participate in voluntary information sharing, the credit union must: -
ANSWER--Complete a notice to share information with FinCEN, which is effective for
one year.
-Designate a point of contact for receiving and providing information.
-Establish a process for sending and receiving information sharing requests.
n order to share information under the safe harbor, the credit union must: - ANSWER--
Take reasonable steps to verify that the other financial institution has also submitted the
required notice to FinCEN before sharing any information; and
-Have procedures in place to ensure the security and confidentiality of information
received from other 314(b) institutions.
True or false?
Section 314(a) of the USA Patriot Act requires credit unions to maintain a separate
watch list for all subjects of 314(a) information requests. - ANSWER-False.
The 314(a) list is not a permanent watch list. These lists generally relate to one-time
inquiries that are not updated or corrected if an investigation is terminated. Compliance
with Section 314(a) requires credit unions to conduct a one-time search of its records to
identify accounts or transactions of a named suspect. The credit union has 14 days to
search its records and report positive matches to FinCEN via the agency's web-based
secure sharing site.
What must a credit union do if it fails to complete a required 314(a) search received
during the previous 12 months?
A. File a suspicious activity report (SAR)
B. Obtain the prior request(s) from
FinCEN and perform a retroactive
search of its records.
C. Immediately change the credit union's points of contact for receiving requests.
D. Ignore the request since the previous list was likely terminated and replaced by a
new set of subjects. - ANSWER-"B." The credit union must immediately obtain the prior
request(s) from FinCEN and perform a retroactive search of its records.
Complete Solutions
True or False:
The credit union's BSA Officer is ultimately responsible for the credit union's BSA
compliance. - ANSWER-False.
Although the BSA Officer is responsible for coordinating and monitoring day-to-day
BSA/AML compliance and managing all aspects of the BSA compliance program, the
credit union's board of directors is ultimately responsible for the credit union's
compliance. This is why it is critical that the board of directors designate a qualified BSA
officer and receive appropriate BSA/AML training annually.
The BSA Officer must be knowledgeable of:
A. The BSA, and related regulations;
B. The credit union's products and
services;
C. The credit union's members;
D. The credit union's neighborhoods;
E. a & b
F. All of the above. - ANSWER-The answer is F.
The BSA Officer is expected to be fully knowledgeable of the Bank Secrecy Act and all
related regulations, as well as understand the money laundering and terrorist financing
risks associated with the credit union's products, services, members, and geographic
locations of each credit union office and branch. The BSA Officer should be in a position
to regularly apprise the senior management staff and the board of directors of ongoing
compliance with the BSA/AML requirements.
True or False:
If you are a small credit union (less than $100 million) it is acceptable to have the BSA
Officer identify when BSA- related reports must be filed, fill out the reports, and
determine when members are eligible to be exempt from BSA reporting. - ANSWER-
False.
As part of the credit union's internal controls, you must have policies and procedures in
place to limit and control risks associated with BSA/AML. Such internal controls include
the segregation of duties whenever possible, so that it isn't the same person
determining who is exempt from filing, when a report should be filed, and actually
completing the reports. It is important to have a "checks and balances" system in place.
Regulators recommend that independent testing of your BSA program should be done:
,A. Annually
B. Every 12 to 18 months
C. Whenever necessary
D. Before each exam - ANSWER-The answer is B.
The frequency of the required independent testing is not specifically defined in the
regulation, however, the regulators recommend that it be done every 12 to 18 months,
depending on the credit union's risk profile.
Which of the following products and services may have a higher risk for illegal
activities?
A. Wire transfers
B. Monetary instruments
C. Traveler's Checks
D. All of the above - ANSWER-The answer is D.
Although attempts to launder money or conduct other illegal activities through a credit
union can emanate from many different sources, certain products, services, members,
and geographic locations may be more vulnerable or have historically been known to be
abused by money launderers and criminals. For example, some products and services
may allow a higher degree of anonymity ( such as electronic funds payments), or
involve the handling of high volumes of currency (such as monetary instruments like
cashier's checks, money orders, and traveler's checks).
The identification and verification rules do NOT apply to which of the following?
A. Joint owners
B. Beneficiaries
C. Co-borrowers
D. Non-resident aliens
E. Applies to A, B, C & D. - ANSWER-The correct answer is "B."
The CIP/MIP regulations apply to anyone applying to open an account, which includes
any accountholder on the account (members and non-members). This will include joint
owners and trustees, as well as both resident and non-resident aliens. However,
beneficiaries are not signers on an account and may not even know they are
beneficiaries; therefore, they are not included on this list. Additionally, the definition of
"account" means any "formal banking or business relationship established to provide an
ongoing service, dealing, or other financial transaction." This definition is broad enough
to include loans, and therefore co-borrowers would also fall under the requirements.
Yes or No:
Does the CIP/MIP rule prohibit a minor from opening an account? - ANSWER-No.
The CIP/MIP rule states that the credit union's "member" includes an individual who
opens the account for an individual who lacks legal capacity, such as a minor. In other
words, if a parent opens an account for a child, the member for purposes of the CIP/MIP
rule is the parent. If, however, a minor opens the account, then the minor is the
member. According to NCUA, when a minor opens the account, he/she can be verified
, through documentary methods such as a driver's license or work permit. If these are not
available, the minor could be identified through nondocumentary methods such as
verification by an existing member, using public databases, or verification of identity by
parent/teacher. A credit union's CIP/MIP policy must specify what types of documentary
and/or non-documentary evidence it will accept for a minor's account and the
circumstances under which such documentation will be acceptable.
The credit union cannot disclose a 314(a) request to anyone other than who? -
ANSWER-FinCEN, its regulator, or the law enforcement agency on whose behalf
FinCEN requested the information.
In order to participate in voluntary information sharing, the credit union must: -
ANSWER--Complete a notice to share information with FinCEN, which is effective for
one year.
-Designate a point of contact for receiving and providing information.
-Establish a process for sending and receiving information sharing requests.
n order to share information under the safe harbor, the credit union must: - ANSWER--
Take reasonable steps to verify that the other financial institution has also submitted the
required notice to FinCEN before sharing any information; and
-Have procedures in place to ensure the security and confidentiality of information
received from other 314(b) institutions.
True or false?
Section 314(a) of the USA Patriot Act requires credit unions to maintain a separate
watch list for all subjects of 314(a) information requests. - ANSWER-False.
The 314(a) list is not a permanent watch list. These lists generally relate to one-time
inquiries that are not updated or corrected if an investigation is terminated. Compliance
with Section 314(a) requires credit unions to conduct a one-time search of its records to
identify accounts or transactions of a named suspect. The credit union has 14 days to
search its records and report positive matches to FinCEN via the agency's web-based
secure sharing site.
What must a credit union do if it fails to complete a required 314(a) search received
during the previous 12 months?
A. File a suspicious activity report (SAR)
B. Obtain the prior request(s) from
FinCEN and perform a retroactive
search of its records.
C. Immediately change the credit union's points of contact for receiving requests.
D. Ignore the request since the previous list was likely terminated and replaced by a
new set of subjects. - ANSWER-"B." The credit union must immediately obtain the prior
request(s) from FinCEN and perform a retroactive search of its records.
