Login to View Full Member Content:

Compliance Testing & Consulting

Your League’s compliance team offers compliance audits in selected areas.  We will publicize new services. To schedule or learn more about your League's compliance audits, please contact Clark Jefferson at 800.768.3344, ext. 616 or cjefferson@vacul.org

ACH Self Audit

Reduce your liability by managing your ACH Risk. Your League's audit procedures include tests of documentary evidence supporting compliance with the ACH Rules. We also review the following areas that exceed the scope of the audit requirements found in Appendix Eight of the NACHA Operating Rules:

  • Compliance with 31 C.F.R. Part 210 and the Green Book for processing Federal Government ACH transactions
  • Reclamations and Death Notification Entries
  • Review of Regulation D as it relates to non-transaction accounts and the ACH network
  • Review of Regulation E statement disclosure requirements

The NACHA Operating Rules require all participating depository financial institutions, Third-Party Service Providers, and Third-Party Senders to conduct an annual ACH compliance audit. Failure to complete the audit may result in monetary fines.

BSA Independent Testing

Effective independent BSA testing is valued by examiners in identifying and monitoring a credit union’s specific risks. Effective independent testing will assist examiners in determining the BSA/AML examination scope and in identifying areas requiring less review.

Your League's Compliance Team will test to assess the adequacy of your BSA/AML compliance program. We will review your board-approved, written BSA/AML compliance program to ensure it contains a system of internal controls.

The review will ensure that you:

  • Established BSA policies, procedures and processes;
  • Conducted an annual BSA/AML risk assessment;
  • Implemented a Member Identification Program (MIP) as required by Section 326 of the USA PATRIOT Act;
  • Adhered to checking new account names against the Office of Foreign Assets Control (OFAC) list and Section 314(a) FinCEN list;
  • Established adequate CDD policies, procedures, and processes;  
  • Provided comprehensive training for board and staff;
  • Established integrity and accuracy with your Management Information Systems used in the BSA/AML compliance program;
  • Reviewed large currency transactions, aggregate daily currency transactions, funds transfer transactions, monetary instrument sales transactions; and 
  • Meet the requirements in filing of CTRs and SARs.   

Sound practice is for a credit union to conduct independent testing every 12 months, commensurate with your BSA/AML risk profile. Failure to maintain BSA/AML compliance procedures are subject to civil and criminal penalties.

SAFE Act Independent Testing

The Secure and Fair Enforcement for Mortgage Licensing Act (SAFE Act) of 2008 mandates a nationwide licensing and registration system for residential mortgage loan originators (MLOs). Your credit union must implement written policies and procedures that ensure compliance with the rules of the Act and these policies and procedures should be in place prior to the initial registration of employees.

These policies must be appropriate to the nature, size, complexity and scope of the institution’s mortgage activities.

§ 761.104(f) requires that credit unions conduct independent testing at least annually by credit union personnel or by an outside party.

Your League's Compliance Team will test your policies and procedures to ensure that you:

  • Establish a process for identifying which employees are required to be registered mortgage loan originators;
  • Inform all employees who are mortgage loan originators of the registration requirements of the S.A.F.E. Act and be instructed on how to comply with such requirements and procedures;
  • Establish procedures to comply with the unique identifier requirements in § 761.105;
  • Establish reasonable procedures and tracking systems for monitoring compliance with registration and renewal requirements and procedures;
  • Provide for appropriate action in the case of any employee who fails to comply with the registration requirements of the S.A.F.E. Act;
  • Establish a process for reviewing employee criminal history background reports received pursuant to this part, taking appropriate action consistent with applicable Federal law, including section 206 of the Federal Credit Union Act (12 U.S.C. 1786(i)); and
  • Establish procedures designed to ensure that any third party with which the credit union has arrangements related to mortgage loan origination has policies and procedures to comply with the S.A.F.E. Act.

A civil penalty may be imposed on a loan originator operating in Virginia in amounts up to $25,000 for each act or omission under 12 U.S.C. 5107 and in accordance with subpart C of 24 CFR part 3400.