BSA & OFAC Compliance Audits

The responsibility of compliance with the Bank Secrecy Act belongs to almost everyone within a credit union, including the Board of Directors, senior management, as well as the designated BSA officer and the member-facing employees.  

In addition to satisfying BSA requirements, credit unions also must comply with NCUA Rules and Regulations, which require credit unions to have an annual independent audit of their BSA compliance measures.

The Five Pillars of BSA/AML Compliance

In 1970, the Bank Secrecy Act (BSA) established the requirements by credit unions and other financial institutions to implement anti-money laundering (AML) and financial crimes safeguards.

For a credit union to be in compliance with the BSA, the credit union must develop and maintain procedures for fulfilling the requirements. These are known as the “four pillars” of BSA compliance. In May 2018, a fifth pillar was added.

      1. Develop a program of internal safeguards to support ongoing compliance
      2. Appoint a BSA Compliance Officer to maintain the financial institution’s BSA audit program and ensure it’s being followed
      3. Perform independent testing of BSA policies and procedures
      4. Train employees in procedures to ensure compliance of internal controls
      5. Create and follow internal policies to identify beneficial owners of customer legal entities

Office of Foreign Asset Control (OFAC) Compliance

The Office of Foreign Asset Control enforces economic sanctions which target foreign countries, terrorist organizations, and international narcotics traffickers. 

While the Office of Foreign Assets Control (OFAC) requirements are not part of the BSA, both the BSA and OFAC share similar goals for national security. Therefore, it is common to review OFAC compliance and internal procedures at the same time as BSA/AML examinations.

The Role Of CPAs In Compliance Requirements

Independent testing (or audit) evaluates the adequacy of the financial institution’s overall BSA program.  It is usual that the BSA and OFAC compliance audits are conducted by qualified outside auditors, such as the accounting professionals at Griffin & Furman, CPA firm. 

The annual independent audit required by the NCUA and conducted by Griffin & Furman includes:

        • Evaluate internal controls
        • Test samples for compliance
        • Decide if personnel are adequately trained
        • Examine Currency Transaction Reports (CTRs) and Suspicious Activity Reports (SARs)
        • Review Customer Information Policy and Customer Notice
        • Test record keeping procedures

Credit Union BSA and OFAC Compliance Audits 

The certified public accountants at Griffin & Furman are engaged in detecting and preventing money laundering, fraud, counter-terrorist financing, and other financial crimes.  

Give us a call to talk more about a regular audit process for your credit union. 

Stephen Griffin CPA
Robert Furman CPA
Angela M. Warden
Stephen Griffin CPA
Robert Furman CPA


2270 7th St., Suite 1
Mandeville LA 70471
(985) 727-9924 Phone

West Monroe

Send Us A Message

15 + 14 =