Skip to main content

Non-IT Compliance Testing

ACH Audit

The ACH audit will review the institution's compliance with the National Automated Clearing House Association (NACHA) Audit guidelines and the Board of Directors' approved policy.

+ Audit Includes

After gathering general information about the bank’s ACH environment, the following areas will be covered as appropriate based on the types of ACH functions performed by the financial institution:

  • ACH Background
  • General Information
  • ACH Receipt
  • Third-Party Service Providers/Third Party Senders
  • ODFI ACH Origination
  • Treasury ACH

BSA Audit

SBS can help with the establishment of your BSA program and/or perform an audit/test of your existing program.

Credentialed Resources – SBS' dedicated BSA review team is made up of experienced consultants who are former bank executives and BSA officers.

+ Audit Includes

The audit scope includes, but is not limited to the items listed below:

  • BSA/AML/OFAC compliance risk assessments
  • BSA/AML/OFAC compliance program, including policies and procedures
  • BSA/AML/OFAC internal controls, including board and senior management oversight
  • Review of independent testing, including prior audit and examination findings and corrective actions
  • Staff qualifications for BSA compliance and day-to-day monitoring
  • Scope, frequency, and documentation of employee training program
  • Customer Identification Program (CIP), including sampling
  • Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD), including sampling
  • Suspicious Activity Reporting (SAR), including transaction sampling
  • Currency transaction reporting (CTR), including transaction sampling
  • CTR exemption review
  • Information sharing, 314(a) and 314(b)
  • Monetary instrument sales, including transaction sampling
  • Wire transfer operations, as it pertains to BSA, including transaction sampling
  • Nonbank Financial Institutions (NBFI), including money service businesses (MSB)
  • Prepaid Access Devices
  • Unlawful Internet Gambling Enforcement Act (UIGEA)
  • Financial Elder Abuse
  • Recordkeeping and retention requirements

Website Compliance Audit

An SBS Website Compliance Audit is broken down into four areas:

  1. Website Compliance: The website must be in compliance like a brick-and-mortar facility. Website compliance verifies compliance and adequacy with federal and state regulations.
  2. Product and Service Offerings: Verifies that products and services offered in the electronic branch via the website are consistent with those offered in the brick and mortar.
  3. Website Functionality: Reviews the use of web links, calculators, and record retention.
  4. Website Security: Reviews the bank’s use of certificates and registrar information.
+ Audit Includes
  • Logos
  • Regulation B – Equal Credit Opportunity Act
  • Regulation E – Electronic Funds Transfer Act
  • E-sign – Electronic Signatures
  • Regulation DD – Truth in Savings Act (TISA) – APY
  • Regulation Z – Truth in Lending – APR
  • Regulation C – Home Mortgage Disclosure Act
  • Regulation BB – Community Reinvestment Act
  • Regulation X – Real Estate Settlement Procedures Act
  • Children’s Online Privacy Protection Act
  • Gramm-Leach-Bliley Act – Online Privacy Protection
  • Equal Employment Opportunity Act
  • Customer Complaints
  • Health Information Portability and Accountability Act
  • Credit CARD Act
  • Products and Services
  • Availability
  • Variable Rate Accounts
  • Balance Requirements
  • Non-Deposit Investment Products
  • Loan Products
  • Closed End Credit
  • Open End Credit
  • Home Equity Rules
  • Payment of Overdrafts
  • Website solicitations or Applications for Credit Cards


  • Calculators and Links
  • Web-linking to Third Parties
  • Retention
  • Website Security
Let's Connect
SBS CyberSecurity LinkedIn SBS CyberSecurity Facebook SBS CyberSecurity Twitter
© 2017 SBS CyberSecurity
Primary Mailing Address: 700 S Washington Ave Ste 200, Madison, SD 57042
(605) 923-8722