Examiners don't just evaluate your AML program - they evaluate your documentation of it. Here's the specific documentation that examiners request in every BSA examination and how to organize it for maximum impact.
BSA examiners evaluate your compliance program through its documentation. A program that is well-designed and actively managed but poorly documented will generate findings. A program that is adequately designed and consistently documented will generally pass examination. Documentation is not a substitute for a good program - but it is the lens through which examiners evaluate your program, and it must be organized, complete, and current.
The standard examination document request includes: your written AML program and all policies and procedures; your most recent risk assessment with the date of last update; training records for the past 24 months, including content, dates, and attendee names; CTR and SAR filing records for the past 24 months; independent testing reports for the past 24 months; customer due diligence records for a sample of customers; and board or senior management approval of the AML program.
Organization matters as much as completeness. Examiners who receive a disorganized pile of documents spend more time searching for what they need - and the time they spend searching is time they spend forming impressions about your program's maturity. A well-organized documentation package - with a clear table of contents, tabbed sections for each program element, and a cover memo that summarizes the program - signals that your compliance function is professionally managed.
The most commonly missing documentation items are: board or senior management approval of the AML program (required but frequently absent), independent testing reports (required but frequently not conducted), and training records for all covered employees (frequently incomplete for part-time or seasonal staff). Review your documentation against this list before any examination and address gaps proactively.
Currency is as important as completeness. A risk assessment from 2020, a training record from 2021, and an independent testing report from 2019 tell an examiner that your program is not being actively maintained. Every document in your examination package should have a date, and those dates should reflect a program that is being managed on an ongoing basis. If your documentation is stale, update it before the examination - not after.
Tags
Compliance Program Specialist · Soflo Consulting
Specializes in BSA/AML program development and compliance training for regulated businesses nationwide - from community banks and fintech startups to real estate professionals and money services businesses.
View all articles by Sofia DelgadoKey Takeaways
- 1Documentation is the lens through which examiners evaluate your program - organization and currency matter
- 2Standard examination requests include written program, risk assessment, training records, filing history, and testing reports
- 3Board or senior management approval of the AML program is required but frequently missing
- 4Well-organized documentation packages signal professional compliance management to examiners
- 5Stale documentation signals an unmanaged program - currency is as important as completeness
Need Expert Guidance?
Put these insights into action. Schedule a free consultation with a Soflo Consulting compliance specialist.
Stay Ahead of Compliance
Get FinCEN updates, BSA/AML guidance, and federal compliance news delivered to your inbox no fluff.
