33
Securing Customer Relationships May 23, 2017 Scott Bailey, Development Supervisor
Securing Customer Relationships
May 23, 2017Scott Bailey, Development Supervisor
Relationship Management
Overview
• Abandoned Property Exclusions by Product Type
• Change Customer Type
• Uniquely Identifiable Information (UII) Encryption
• eAlerts Update
• Beneficial Ownership
4
Exclude Accounts from Abandoned Property Processing by Product Type
Abandoned Property
5
Abandoned Property
6
7
8
Maintain Customer Type After the Customer is Created
Relationship Management
9
Relationship Management
10
Relationship Management
11
Relationship Management
12
• Things to remember…
– Review customer record, especially NRA and required/requested fields
– Demographic information is not transferred
– Review customer-to-account relationships
– Alert note is set when customer type change is complete
13
Uniquely Identifiable Information (UII) Encryption
UII Encryption
• UII Data Included
– SSN / Tax ID Number
– Driver’s License Number
– Passport Number
– Military ID Number
• Applications Included
– Relationship Management
– Year End
– Mortgages and Loans
– Teller and CTR
– Interfaces and Middleware
14
UII Encryption
15
UII Data residing in files
will be replaced with a
token and the actual data
will be stored in an
encrypted database.
UII Data displaying on
screens and reports will
be masked.
Authorized users can
choose to view the actual
values on selected
screens.
Relationship Management
16
Relationship Management
17
Relationship Management
18
UII Encryption
19
All SSN / TIN data
will be tokenized
Only ID types selected
by the institution will
be tokenized
Relationship Management
20
Relationship Management
21
UII Encryption
22
• Other considerations …
– Middleware port control
– Security in published RMINQ APIs
– Accessing TIN and ID numbers in queries
– Data extracts and interfaces
– IRA Plan Numbers and Alternate Electronic Access Numbers
23
eAlerts Update
HORIZON eAlerts
24
Suppress loan account
alerts for customers in
bankruptcy
Set the time of day that
daily alerts are
generated
Relationship Management
25
HORIZON eAlerts
26
• OLB Pilot Status
– Turnkey pilot went live on January 30, 2017
– Data center pilot went live on April 11, 2017
• CeB Integration Status
– CeB is in QA testing now
– Pilot planned for 3rd or 4th quarter 2017
• Future development
– BeB Integration
– Quiet Times
27
Beneficial Ownership
Mandatory Compliance Effective Date: May 11, 2018
FinCEN Beneficial Ownership
28
• Beginning on the Compliance Effective Date, covered financial institutions must identify and verify the identity of the beneficial owners of all legal entity customers at the time a new account is opened (Deposits and Loans)
– The financial institution may comply either by
Obtaining the required information on a standard certification form offered by WKFS and iDO
Or by any other means (i.e. electronically) that comply with the requirements
– The financial institution may rely on the beneficial ownership information supplied by the customer
Has no knowledge to call into question the reliability of the information
– The identification and verification procedures for beneficial owners are very similar to those for individual customers under the existing customer identification program (CIP)
For beneficial owners, the institution may rely on copies of identity documents
– Financial institutions are required to maintain records of the beneficial ownership information for each entity account
Not just a one once and forget about it
– Certain accounts are exempt
Listed in final ruling
New Requirements for Entity Accounts
FinCEN Beneficial Ownership
29
• Identification. Covered financial institutions are required to identify
– Up to 4 (four) beneficial owner(s) 25% or more AND
– One controlling individual (always required)
• Verification can be conducted by documentary and/or non-documentary methods
– The account cannot be used until the verification process has been completed
– All of the identifying information for each of the beneficial owners must be retained for five years after the date the account is closed
• Develop a customer risk profile
– Requires that all covered financial institutions understand the nature and purpose of customer relationships necessary to develop a customer risk profile.
• Monitoring
– While there is no requirement that a financial institution obtain updated beneficial ownership information from its customers on a regular basis, it is expected that should a financial institution learn as a result of its normal monitoring that the beneficial owners of a legal entity customer may have changed, it should update the customer information accordingly. Including for those accountsexisting on the Compliance Effective Date
Collecting Information
FinCEN Beneficial Ownership
30
• For each individual, if any, who owns, directly or indirectly, 25 percent or more of the equity interests of
the legal entity customer:
– First and last name
– Date of birth
– Address (residential or business street address)
– Taxpayer ID number (SSN for US person; passport number and country of issuance or similar ID number for foreign persons)
• AND for one individual with significant responsibility for managing the legal entity (always required):
– Title (CEO, CFO, President, Vice President etc.)
– First and last name
– Date of birth
– Address (residential or business street address)
– Taxpayer ID number (SSN for US person; passport number and country of issuance or similar ID number for foreign persons)
Customer-to-Customer Relations
FinCEN Beneficial Ownership
31
• HORIZON will use Customer-to-Customer Relationships to relate Beneficial Owners and Entity
Managers to the Entity Customer
• Why Customer-to-Customer?
– Avoids confusion of tellers
– Allows user to view total influences of a customer who has beneficial ownership of more than one entity
• Will iDO workflow be enhanced to queue the user to obtain beneficial ownership?
– Yes, when a HORIZON non-personal customer is added to an iDO account title, the user will be asked to verify if
beneficial ownership information collection is necessary
– Response will be reported
• How will users document the evaluation activity?
– HORIZON customer and account notes may be used to document how information was collected.
Touchpoints
FinCEN Beneficial Ownership
32
• Touchpoints for origination of legal entities:
– New account policies and procedures for legal entities
Deposits and lending
– Training of staff
– Coordination with your compliance office
– Customer education
– Integrated Deposit Origination (iDO) forms and workflow
– Loan origination forms and workflow
– HORIZON account title setup and maintenance
– HORIZON Relationship Types
– HORIZON RM account title setup and maintenance
– Integration to BSA/AML solutions
