Anti-Money Laundering – The Red Flags You Need to Know

Suspicious activity reporting is the cornerstone of the Bank Secrecy Act (BSA), according to the Federal Financial Institutions Examination Council (FFIEC). And, the FFIEC also states that “(i)t is critical to the United States’ ability to utilize financial information to combat terrorism, terrorist financing, money laundering, and other financial crimes.” Before a Suspicious Activity Report (SAR) is filed, it’s critical to first understand the process of how suspicious activity is identified.

While financial institutions utilize various methods to identify unusual or suspicious activity, such as automated and/or manual transaction monitoring systems, law enforcement inquiries, or National Security Letters. Perhaps the best method is you, the employee. Do you know what red flags to watch for as you interact with customers during the loan process? Do you know your financial institution’s procedures for reporting the identification of unusual or suspicious activity?

Red Flags

Red flags can be considered as examples of potential suspicious activity. However, it’s important to note that just because you may identify a red flag, it doesn’t necessarily mean that criminal activity has occurred. What does mean is that further scrutiny may be necessary. Your responsibility is simply to report the suspicious activity according to your organization’s procedures. More than likely, the BSA compliance officer or a committee will determine if a SAR should be filed.

Based on the FFIEC BSA/AML Examination Manual, Appendix F, here are examples of red flags of which you need to be aware as you work with loan customers and/or process loan transactions.
Customers Who Provide Insufficient or Suspicious Information

A customer uses unusual or suspicious identification documents that cannot be readily verified. A customer provides an individual taxpayer identification number after having previously used a Social Security number. A customer uses different taxpayer identification numbers with variations of his or her name.

A business is reluctant, when establishing a new account, to provide complete information about the nature and purpose of its business, anticipated account activity, prior banking relationships, the names of its officers and directors, or information on its business location.

A customer’s home or business telephone is disconnected.

Lending Activity

Loans secured by pledged assets held by third parties unrelated to the borrower.
Loan secured by deposits or other readily marketable assets, such as securities, particularly when owned by apparently unrelated third parties.

Borrower defaults on a cash-secured loan or any loan that is secured by assets which are readily convertible into currency.
Loans are made for, or are paid on behalf of, a third party with no reasonable explanation.
To secure a loan, the customer purchases a certificate of deposit using an unknown source of funds, particularly when funds are provided via currency or multiple monetary instruments.

Loans that lack a legitimate business purpose, provide the bank with significant fees for assuming little or no risk, or tend to obscure the movement of funds (e.g., loans made to a borrower and immediately sold to an entity related to the borrower).


Employee exhibits a lavish lifestyle that cannot be supported by his or her salary. Employee fails to conform to recognized policies, procedures, and processes, particularly in private banking. Employee is reluctant to take a vacation. Employee overrides a hold placed on an account identified as suspicious so that transactions can occur in the account.

Other Unusual or Suspicious Customer Activity

Customer repeatedly uses a bank or branch location that is geographically distant from the customer’s home or office without sufficient business purpose. The stated occupation of the customer is not commensurate with the type or level of activity. A customer obtains a credit instrument or engages in commercial financial transactions involving the movement of funds to or from higher-risk locations when there appear to be no logical business reasons for dealing with those locations.

Reporting Identified Red Flags

Your responsibility is simply to report the suspicious activity. Do you know what to do? What is the process to notify the right person? Be sure to know your financial institution procedures. The key is report, not prove that an activity or person is suspicious. You may even see a red flag outside of what the FFIEC has documented in Appendix F. Or, you may have a ‘hunch’ that something’s not right. The key is to report!

Mortgage Compliance Magazine wants to hear from you! Bring the talent in our industry to the forefront by submitting a nominee from your organization. From your submissions, we will select and showcase one Mortgage Compliance Professional of the Month from nominees in regulatory compliance from banks, credit unions, or mortgage companies. Get started here!

Around the Industry:

Happening Now

The OCC posted its Semiannual Risk Perspective for Spring 2019. Highlights include:

Credit quality is strong when measured by traditional performance metrics, but successive years of growth, incremental easing in underwriting, risk layering, and building credit concentrations result in accumulated risk in loan portfolios.

Operational risk is elevated as banks adapt to a changing and increasingly complex operating environment. Key drivers for operational risk include persistent cybersecurity threats as well as innovation in financial products and services, and increasing use of third parties to provide and support operations that are not effectively understood, implemented, and controlled.

Compliance risk related to Bank Secrecy Act/Anti-Money Laundering (BSA/AML) is high as banks remain challenged to effectively manage money laundering risks.

Interest rate risk and the related liquidity risk implications pose potential challenges to earnings given the uncertain rate environment, competitive pressures, changes in technology, and untested depositor behavior.


Web Statistics