BAI Procedure Resources
BAI provides compliance professionals with industry-specific, actionable content that helps them make informed decisions during the policy and procedure management process. The policy procedures resources listed below are only available as part of the BAI Policy Manager. Each procedure resource includes industry best practices that is updated to the latest regulatory requirements. And each resource is easily customizable to meet the needs of your financial services organization.
| BAI Procedure Resources | Description |
|---|---|
| Acceptable Use | Procedures to ensure use and ownership guidelines are in place to mitigate cybersecurity risks, events and the legal and compliance issues that arise from them. |
| Accounts Payable and Employee Expense | This procedure includes accounts payable processing guidance, employee expense guidelines, and employee reimbursement procedures. |
| Adverse Action Notice Checklist | Checklist for reviewing declined consumer loan applications requests, reviewing the adverse action notices for required content and any timing requirements financial institutions must follow. |
| Annual Escrow Analysis Calculator | A calculator tool used to perform annual escrow analysis, and determine if the escrow analysis statements prepared by the core system are accurate and comply with RESPA. |
| Antivirus Guidelines | Procedure template used to provide guidance to users on maintaining an effective and up-to-date anti-virus system. |
| Appraisal Checklist | Checklist created for reviewing policies governing residential real estate appraisals and evaluation, and the requirements to comply with Regulation B and FFIEC requirements and guidelines. |
| Audit Procedures | Procedures include internal audit guidelines, and external audit guidelines. |
| Automated Clearing House (ACH) | Procedures include credit underwriting guidelines, consumer risk assessment guidelines, guidelines for internet gambling customers, processing an approved origination request, processing a declined origination request, data breach notification procedures, reconciliation, transaction processing, and funding |
| Beneficial Ownership Information Safeguarding | To access BOI, organizations must satisfy several security and confidentiality requirements. The requirements include establishing standards and procedures to protect the security and confidentiality of BOI, entering into an agreement with FinCEN specifying those standards and procedures, establishing and maintaining a secure system for storing BOI, establishing and maintaining auditable BOI request records, restricting access to BOI, conducting audits, and providing FinCEN with reports and certifications. |
| Branch Closing | Procedures for financial institutions to complying with regulatory requirements when they close a branch, including notification requirements to regulators and customers. |
| Branch Opening and Closing | Procedures used for frontline staff who open or close a branch, comply with the Bank Protection Act, and keep employees aware of potential risks and how to mitigate them. |
| BSA Comprehensive | The procedures are used to address each of the requirements under the BSA and OFAC regulations, which include CIP, CTRs, SARs, funds transfers, monetary instrument log, training, OFAC, due diligence requirements, |
| BSA Elder Abuse Identification | Procedures used to identify risk factors for elder abuse, and what institutions can do to protect consumers from becoming victims. |
| BSA Risk Assessment | A list of customers, products and services, and geographical areas which have a higher risk of money laundering or terrorist financing activities. |
| Community Reinvestment Act (CRA) | Procedures include a list of loan types, services, community development loans, services, and investments which are CRA reportable, requirements for CRA reporting and providing disclosures, including a code systems that could be used for an institutions LOS or CORE System. |
| Complaint Management Tracking Tool | A spreadsheet tracking tool used to track consumer regulatory complaints, investigations, communication, resolution, or any consumer harm that was experienced by the consumer. |
| Compliance Risk Assessment | A risk assessment template used to list the major federal consumer regulatory requirements, a description of them, who is responsible, a risk rating drop down system, and which department and personnel are assigned to oversee the areas. |
| Corporate Governance | Procedures include Board of Directors meeting guidelines, section dedicated for detailing management’s succession plan, risk assessment process guidance, FDIC examples of credit-related stress testing, OCC examples of portfolio stress testing, and more. |
| Fair Credit Reporting Act (FCRA) | Procedures include important definitions, handling medical information and credit score and adverse action disclosure requirements, permissible purposes for consumer reports, notice to home loan applicants, duties of furnishers, receiving and processing credit report disputes from consumers, information reporting to CRAs, active duty and fraud alerts processing, identity theft notifications, address discrepancy procedures. |
| Fair Lending Risk Assessment | A risk assessment template used to list the major fair lending risks to an organization, and the mitigating controls used to protect consumers and the organization. |
| Fair Lending Second Review | Procedures which include process for reviewing declined consumer loan applications to ensure policies and procedures are applied consistently, decisions are well-documented, and to identify any fair lending or unfair treatment of applicants of a protected class. |
| Flood Insurance | Procedures for determining the minimum flood insurance required, maximum flood coverage, tools to track flood insurance on loans secured by real estate which fall in special flood hazard designated area, regulatory definitions, forced place insurance requirements, and other considerations. |
| Garnishment Work Program Checklist | The checklist includes what a financial institution needs to do when they receive a garnishment order, timing requirements, lookback period requirements, protected funds, notice to accountholder letter and delivery requirements. |
| Hardware and Electronic Media Disposal | Written procedures used to implement the proper disposal of hardware and electronic media. The risk of having sensitive information shared with unauthorized individuals is high, and having sound procedures for IT professionals to follow will ensure it is handled safely and the integrity of customer data and the organizations assets will be protected. |
| Human Resources Salary Administration | Procedures include position evaluation guidelines, hiring salary guidelines, performance and salary increase procedures. |
| Human Resources Whistleblower | Procedures covered include improper action reporting, retaliatory action, and establishing an improper action hotline. |
| BAI Procedure Resources | Description |
|---|---|
| Incident Response Preparedness | Procedures include general incident handling procedures, malware control procedures, information sharing procedures, and unauthorizes access to consumer information procedures. |
| Indirect Dealer Lending | Procedures include general underwriting guidelines, and dealer approval guidelines. |
| Internet Banking | Procedures include weblinking guidelines, electronic payment guidelines, multi-institution reporting guidelines, consumer setup and maintenance procedures, E-mail related fraud procedures, website spoofing procedures, account takeover procedures, daily internet banking system operational procedures, internet banking system administration procedures, protection standards and procedures, online privacy procedures, general incident handling procedures, malware control procedures, information sharing procedures, and unauthorized access to consumer information. |
| IT Risk Assessment | A risk assessment template that lists the possible threats to the institutions IT assets, and operations. Including documenting the likelihood, and possible impact if the threat were to actually occur. |
| Lobby Notice Checklist | Checklist developed for making sure all federal lobby notice requirements are listed and have been met. |
| Minimum Flood Insurance Calculator | Procedures for determining the minimum flood insurance required, maximum flood coverage, tools to track flood insurance on loans secured by real estate which fall in special flood hazard designated area, regulatory definitions, forced place insurance requirements, and other considerations. |
| Overdraft | Procedures to develop and manage the processes necessary to manage the risks associated with offering overdraft products, including suspension or closure of overdraft service. Which are unsecured extensions of credit and require approval within established credit authorities. |
| Overdraft Program Checklist | Checklist for reviewing an Overdraft Protection Program has meet the minimum requirements based on the regulatory requirements and program guidelines for disclosures, policies, procedures, practices, periodic statements, advertising, monitoring excessive usage of the OD accounts, and recommended best practices. |
| Patch Management | Written procedures used to implement patch management requirements and serve as a guide for IT professionals who must abide by them. |
| Processing and Analyzing Consumer Complaints | Procedures used to process, investigate, and analyze consumer complaints which apply to federal, or state regulations. |
| Record Retention Schedule | A record retention schedule which lists the major retention requirements for Credit Unions. |
| Reg E: Error Resolution | Procedures used for management for receiving and processing unauthorized transactions on electronic access devices, including communication and disclosure requirements. |
| Regulation B (ECOA) Act | Procedures include definitions of the different types of protected classes, actions financial institutions should do and not do in order to comply with the Equal Credit Opportunity Act and Fair Housing Act especially through the application and underwriting processing, co-signer/guarantor guidance, proper terms for marital and familial status, appraisal notification and delivery requirements, joint credit procedures, action taken (including adverse action) notification requirements, lobby poster requirements, appraisal notification and appraisal delivery requirements, and application record retention requirements. |
| Regulation CC | Describe the different types of holds, when they should be applied, and the maximum amount of time the funds can be held. The calculator determines what day, and how much of the funds should be released depending on the type of hold that was placed. |
| Regulation O | Procedures for making sure credit extended to executives and board members complies with regulatory rules. |
| Remote Deposit Capture | Procedures include consumer risk assessment guidelines, dollar and transaction limit establishment guideline, guidelines for internet merchant consumers, additional guidelines for internet gambling consumers, and service establishment. |
| Social Media | Procedures include an overview of risk assessment standards, operating standards, protocols for submitting social media posts for approval, types of social media posts that are considered acceptable, addressing social media comments, and best practices for submitting reports to the Board of Directors on social media posts. |
| Stored Value and Prepaid Card Program | Procedures include operational overview guidelines for selling, and processing stored value and prepaid gift cards issued by the institution. |
| Student Loan Program | Procedures include underwriting guidelines, application processing and loan servicing guidance for institutions who offer student loan products and services. |
| Teller Cash Handling | Procedures for handling teller cash transactions, safe handling of cash, identification of counterfeit bills. |
| Teller Check Handling | Procedures for different types of checks, what makes a check legal, what to look for with fraudulent checks. Additionally, it includes what to do when a teller receives a forged or altered check, and how to comply with the UCC rules, and guidance on how to mitigate risks to the organization. |
| Teller Over and Short | Written procedures used to safely open and close a branch in accordance with the Bank Protection Act, and Regulatory Guidance. It incudes entering and leaving a branch, all clear signals, and other necessary procedures. |
| UDAAP Risk Assessment | A risk assessment template used to cover the UDAAP risks that apply to financial institutions. |
| Website and Advertising Checklist | Checklist created to list each of the advertisement requirements for consumer deposit and lending products, including FDIC-NCUA insurance logo requirements. |