AML Program. Anti-Money Laundering Program

Transcription

1 AML Program 1. (A) Introduction to the Broadview Mortgage Anti-Money Laundering Program 2. (B) Money Laundering and Terrorist Financing 3. (C) Anti-Money Laundering Laws and Regulatory Agencies 4. (D) The Office of Foreign Asset Control 5. (E) The Financial Crimes Enforcement Network 6. (A) Broadview Mortgage Anti-Money Laundering Program 7. (B) Risk Assessment 8. (C) Compliance 9. (D) Internal Policies, Procedures, and Controls 10. (E) Training 11. (F) Audit 12. (A) All Broadview Mortgage Employees 13. (B) Management Oversight 14. (C) AML Compliance Officer 15. (D) Bank Secrecy Act (BSA) Supervisory User 16. (E) Legal Counsel/Counsultations 17. (F) Compliance Department 18. (G) Other Loan Related Departments 19. (H) Internal Audit 20. (A) Customer Identification Program 21. (B) Office of Foreign Asset Control 22. (C) Currency Transaction Report 23. (D) Shell Banks 24. (E) Foreign Banks 25. (F) Red Flag Program 26. (G) SAR Reporting Responsibilities 27. (H) Emergency Notification to Law Enforcement 28. (I) Sharing Information with Other Financial Institutions 29. (J) FinCEN Requests 30. (K) Prohibited Practices 31. (L) Penalties 32. (M) Training 33. (N) Third Party Service Providers 34. (O) Independent Audit Anti-Money Laundering Program

2 1--INTRODUCTION AND BACKGROUND (A) Introduction to the Broadview Mortgage Anti-Money Laundering Program This Anti-Money Laundering Program (AML Program) establishes governing principles and standards to protect the company from being used to launder money or conduct terrorist financing. The AML Program is designed to accomplish the following: 1. Define the scope of anti-money laundering responsibilities and obligations relative to Broadview Mortgage. 2. Establish the parameters of the company AML Program. 3. Implement internal policies, procedures, and controls to minimize money laundering risk. 4. Educate company employees regarding money laundering risks and exposure. 5. Introduce sufficient audit control to ensure anti-money laundering prevention protocols are effective. The standards and policies detailed in this Program are dictated by governing legal and regulatory guidance and apply throughout the organization in its everyday business operations. The protocols outlined herein are designed to prevent company employees, third party vendors, and service providers from being used for the commission of financial crime(s), including crimes such as money laundering and terrorist financing. The purpose of this Program is to implement Anti-Money Laundering policies, strategies, and reporting as required by the United States Bank Secrecy Act (BSA) and the USA Patriot Act and related regulations.

3 Whenever local regulations are stricter than the requirements defined in this Program, the stricter standard shall be applied. If any applicable laws are in conflict with this Program, the appropriate legal counsel must be contacted to resolve the conflict. Broadview Mortgage Corporation requires this Program be reviewed no less than annually. The annual review shall include compliance with current laws, regulations, directives or regulatory guidance, as well as the procedural implementation of this Program within the current scope of the company s business lines. (B) Money Laundering and Terrorist Financing Money laundering is the criminal practice of attempting to conceal and disguise the true origin of capital, which may be the proceeds of illegal activity. This capital may be filtered through multiple transactions so that the capital appears to have been derived from a legal source. The actual capital may have been sourced from or positioned to facilitate a myriad of illegal activities, including, but not limited to drug smuggling, securities fraud, tax evasion, and terrorist financing. These crimes transpire internationally and domestically. Money laundering is usually executed as follows: 1. Placement Physically depositing of illegally obtained capital into the financial system. 2. Layering Disguising the origin of the illegal capital through one or more transactions designed to obscure the audit trail and provide anonymity. 3. Integration Introducing the illegal capital back into the mainstream economy manifested as a legitimate economic resource. Money laundering may involve many financial instruments, products and services, including residential mortgage backed securities. Terrorist financing is the employment of capital to coerce a population or government through violence. The detection of terrorist financing poses unique challenges to law enforcement as many terrorist organizations procure capital through lawful means, such as using the proceeds from real estate owned assets to finance and facilitate illegal operations.

4 Individuals or entities that launder funds may also be culpable and face penalties similar to the actual perpetrators of the criminal activity. Non-Depository Mortgage Lending Financial Institutions, such as Broadview Mortgage, may be susceptible to illegal money laundering schemes via mortgage loan origination and secondary market transactions. On the surface, these transactions may appear routine and innocuous; however, the company may be a victim of and/or an unsuspecting participant in illegal money laundering and the financing of terrorist activity. Accordingly, every effort must be undertaken to mitigate this risk by diligently guarding the company against mortgage fraud, identity theft, and similar illegal activity and reporting these crimes to the appropriate authorities. (C) Anti-Money Laundering Laws and Regulatory Agencies (i) The Bank Secrecy Act (12 USC ) -- The purpose of the Bank Secrecy Act (BSA) is to require certain reports or records where they have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, including analysis, to protect against international terrorism. The BSA was originally enacted in 1970 and has been amended over the years to address advancement in money laundering sophistication, innovation, and technology. The definition of financial institution used within BSA is broad and encompasses many businesses and types of business not generally considered within this category and for whom these laws and regulations have yet to be applied. Under BSA, a financial institution includes a loan or finance company. (ii) The Uniting and Strengthening America by Providing Appropriate Tools to Intercept and Obstruct Terrorism Act of 2001 (USA Patriot Act)--The USA Patriot Act, an enhancement of the BSA, was adopted in response to the September 11, 2001 terrorist attacks on the United States of America. The USA Patriot Act places several new obligations upon financial institutions. Specifically, it requires the development of a Customer Identification Program (CIP), expands record keeping requirements, adds enhanced due diligence, and allows for certain information sharing between the government, financial institutions, and among financial institutions. The USA Patriot Act requires that financial institutions establish an AML Program. (D) The Office of Foreign Asset Control

5 The Office of Foreign Asset Control (OFAC) requires companies to block or freeze the assets of specific countries that are subject to U.S. economic sanctions, certain other individuals such as suspected terrorists and narcotics traffickers or Specially Designated Nationals (SDNs). OFAC requirements are separate and distinct from the BSA; however, both OFAC and BSA share a common national security goal. (E) The Financial Crimes Enforcement Network The Financial Crimes Enforcement Network (FinCEN), a bureau of the Department of the Treasury, was created to enhance U.S. national security, deter and detect criminal activity, and safeguard financial systems for abuse by promoting transparency in the U.S. and international financial systems. On February 14, 2012, FinCEN published a Final Rule defining non-bank residential mortgage lenders and originators as loan or finance companies for the purpose of requiring them to establish anti-money laundering programs and report suspicious activities under the BSA with implementation no later than August 13, The final rule is intended to cover initial purchase money loans and traditional refinancing transactions facilitated by non-bank lenders and originators. FinCEN defines Residential Mortgage Lenders and Originators (RMLO) as any business that, on behalf of one or more lenders, accepts a completed mortgage loan application, even if the business does not in any manner engage in negotiating the terms of a loan. FinCEN also intends the final rules to cover businesses that offer or negotiate specific loan terms on behalf of a lender or borrower, regardless of whether they also accept a mortgage loan application. The final rule does not contemplate coverage of an individual employed by a loan or finance company or financial institution, and provides an exception for individuals financing the sale of their own real estate. FinCEN intends both a broad definition of RMLO and to differentiate RMLO from the SAFE ACT definition of Mortgage Loan Originator (MLO).

6 2--AML PROGRAM COMPONENTS (A) Broadview Mortgage Anti-Money Laundering Program The Bank Secrecy Act requires the implementation of a comprehensive anti-money laundering program. It further requires, at a minimum, that an anti-money laundering program have the following components: 1. Internal policies, procedures and controls. 2. An appointed AML Compliance Officer. 3. A robust employee training program. 4. An independent audit function. (B) Risk Assessment Broadview Mortgage performs a risk assessment that includes all business lines, products, services, customers, and geographic locations. This risk assessment identifies overall exposure and serves as the basis for the anti-money laundering policies and procedures encompassed herein. Effective controls have been put into place to manage identified risks. (C) Compliance The company requires that its own organization, its employees, approved brokers, approved correspondent lenders, third party vendors and service providers comply with all requirements of this Program, the Bank Secrecy Act, Anti-Money Laundering regulations and Suspicious Activity Reporting requirements as they exist, or, from time to time, may be amended. (D) Internal Policies, Procedures, and Controls Broadview Mortgage maintains policies, procedures and controls that effectively protect the company from being used for illegal money-laundering. All internal policies, procedures and controls provide for: A risk assessment and ongoing enterprise risk assessment process Enforcement of a due diligence system Informing Executive Management about ongoing issues A system for timely filing of SARs by trained employees Protocols for the timely response to 314(a) and 314(b) requests under the US Patriot Act Compliance with OFAC requirements

7 Protocols for filing Form 8300 with the IRS (Report of Cash Payments over $10,000 Received in a Trade or Business), if necessary. Adequate employee supervision (E) Training Broadview Mortgage requires initial and ongoing training for all management and staff concerning this Program, other related policies and underlying laws and regulations. Training may be conducted either directly by the company or through a qualified third party, chosen at the company s discretion. (F) Audit Broadview Mortgage requires an independent and comprehensive audit of the AML Program be conducted, as needed, and not less than once every 365 calendar days. 3-- ROLES AND RESPONSIBILITES (A) All Broadview Mortgage Employees Compliance with the company AML Program is the responsibility of each employee, regardless of title or position. All employees are obligated to: Understand the company AML Program Comply with the company AML Program Advise management whenever suspicious or fraudulent activity is suspected and promptly escalate such concerns as required Complete introductory and annual AML training Foster a culture of integrity and compliance Suspicious activity must be reported to the Broadview Mortgage AML Compliance Officer. If the suspicious activity involves the AML Compliance Officer, the activity must be reported to a member of senior management. Instructions for notifying Broadview's AML Compliance Officer are contained in the form, Preliminary Report of Suspicious Activity, which is attached to this policy and available in the Forms Library. All reports are confidential. Broadview Mortgage does not retaliate against any employee for reporting suspicious activity, fraud, money-laundering, suspected or actual criminal activity or non-compliance with this Program.

8 (B) Management Oversight (i) The Board of Directors The Board of Directors approves the company AML Program and exercises general oversight over the company AML Program. The Board of Directors also appoints the AML Program Compliance Officer. The Board approved Karen Hardin, Compliance Officer as the AML Program Compliance Officer. The Board of Directors of Broadview Mortgage approved the company AML Program as described in this AML Program and authorized its implementation. (ii) Executive Management Executive Management formalizes key policy decisions regarding the Broadview Mortgage AML Program, including but not limited to: Ensuring Broadview Mortgage performs an AML risk assessment Adopting and communicating AML operational risk policies and procedures Promoting a culture that minimizes AML operational risk Authorizing required systems and control points Making necessary changes to the company AML Program as needed Monitoring the status of Broadview Mortgage s AML risk. (C) AML Compliance Officer The Broadview Mortgage AML Compliance Officer is responsible for the daily coordination and monitoring of compliance with the AML Program and for ensuring the filing of Suspicious Activity Reports (SARs) with proper agencies when deemed appropriate. The AML Compliance Officer is also responsible for reporting any suspicious situations and other ongoing compliance matters to Executive Management. The AML Compliance Officer examines Anti-Money Laundering strategies, goals and objectives on an ongoing basis and maintains an effective Anti-Money Laundering Program. The AML Compliance Officer is further responsible for all aspects of the design, implementation, reporting and compliance with respect to this Program to include, but not be limited to: Determining the structures and resource levels of the AML Program throughout the company Ensuring resources are deployed effectively to mitigate AML Program risks

9 Driving communication to Executive Management and other stakeholders with respect to issues concerning the AML Program Representing the AML Program to Executive Management Maintaining relationships with AML Program external auditors, regulatory and other authoritative bodies Controlling, managing and administering the AML Program budget and resource planning Accounting for AML Program protocols, technology, risk analysis, information systems, and operations Developing best practices for the respective business divisions Communicating with business partners in a timely and effective manner Protecting Broadview Mortgage from legal, regulatory and reputational risk with business involving sanctioned individuals, entities, and/or countries Tracking and following up upon the conditions that have been imposed as part of the Consumer Identification Program (CIP) Developing and maintaining procedures and systems to ensure that unusual and suspicious transactions are reported as required and to local authorities as appropriate Developing and implementing adequate controls to ensure that all applicable legal and regulatory AML requirements are being adhered to throughout Broadview Mortgage Appointing the BSA (Bank Secrecy Act) E-Filing Supervisory User Ensuring all recordkeeping requirements are satisfied. Finally, the AML Compliance Officer has a working knowledge of the BSA and is qualified by experience, knowledge, and training. (D) Bank Secrecy Act (BSA) Supervisory User The BSA Supervisory User is the point of contact for the BSA E-Filing of SARs and serves as a liaison between BSA E-Filing and Broadview Mortgage. The Supervisory User has primary responsibility for company use of E-Filing. The Supervisory User is also responsible for: Facilitating the process of creating general user accounts for members of the organization Day to day oversight of BSA compliance efforts from a filing standpoint Access to system functionality not available to regular users, such as ability to enroll new users, manage user access, assign privileges, update filing organization information and track the status of filings submitted by all users from across the organization. In addition, the BSA Supervisory User: Should have insight into all BSA filing activities across the entire filing organization Should be knowledgeable about the individuals responsible for preparing and submitting BSA filings and the processes by which filings are submitted Must be designated by the Broadview Mortgage AML Compliance Officer Must be confirmed as such by the Chief Compliance Officer (or equivalent) The AML Compliance Officer designated David Steven, Vice President of Information Technology as the BSA Supervisory User and this was confirmed by the Board of Directors. Will be confirmed by FinCEN s vetting process during the enrollment process

10 Once named, the BSA Supervisory User must complete and submit an application and obtain authorization from FinCEN. (E) Legal Counsel/Counsultations Outside counsel and consultants provide consultation, support, and review of the Broadview Mortgage AML program, and ensures the company is protected via contractual agreements with third party vendors and service providers. (F) Compliance Department The company Compliance Department establishes AML compliance standards and develops protocols as needed to execute the AML Program. In addition, the Compliance Department identifies and investigates suspicious activity and prepares Suspicious Activity Reports (SARs) as necessary. The Compliance Department also ensures all employees successfully complete the training required by the AML Compliance Officer. This is done in conjunction with the Human Resource Manager. All employees must complete initial training and annual training thereafter. As part of the new hire process, new staff members must complete the initial training within 90 days from date of hire. In addition, the Compliance Department is responsible for the day-to-day activities impacted by the company AML Program. This includes establishing controls to detect and identify suspicious accounts, transactions, borrowers, etc. and taking further action as appropriate. (G) Other Loan Related Departments All Operations, Administration, Customer Service, Retail Branches, Wholesale Division, and Streamline Division personnel are responsible for understanding and applying the requirements of the company AML Program. These requirements include compliance with Customer Identification Program (CIP) by obtaining and recording customer identification documents as well as not closing loans where the CIP information is not provided. All suspicious activity must be immediately reported to the company AML Compliance Officer along with any and all supporting documentation so that the suspicious activity may be reported to the appropriate regulators and/or law enforcement authorities, if necessary. The attached, Preliminary Report of Suspicious Activity is used to report suspicious activity to the AML Compliance Officer.

11 (H) Internal Audit Broadview Mortgage ensures that independent compliance testing of the AML Program is executed at least annually or more frequently if necessary. The testing includes but is not limited to compliance with this Program, BSA, Anti-Money Laundering regulations and Suspicious Activity Reporting requirements. The required compliance testing may be conducted by company personnel or by an outside party. At a minimum, the annual audit includes a review to determine that: All identified suspicious activity was reviewed and appropriately handled System level reports were properly reviewed and no suspicious activity failed to be reported There exists no defect within the implementation of this Program such that reporting may not be appropriately acted upon or the process may be otherwise expected to fail That all required training of employees was conducted within the time frames specified by the company AML Program 4 -- AML PROGRAM PARAMETERS (A) Customer Identification Program Broadview Mortgage requires the accurate, verified and appropriate identification of its borrowers in accordance with the requirements of the Bank Secrecy Act. Identifying the borrower is the most important aspect of originating a mortgage loan. Current identification, verified with factual information and the current address and phone are important when dealing with financial obligations. The company Customer Identification Program (CIP) applies certain identity verification procedures to determine the true identity of the applicant prior to closing a mortgage loan. Broadview Mortgage requires all applicants to provide, at a minimum, the following applicable information to form a reasonable belief that the true identity of the borrower is obtained: Name Residence address Mailing address if different Social Security Number if a U.S. citizen U.S. taxpayer identification number Passport number and country of issuance Alien identification card number if not a U.S. citizen or the number and country of issuance of any other government issued document evidencing nationality or residence and bearing a photograph or other similar safeguard. Broadview Mortgage employs risk-based measures to verify the borrower s identity and notifies all applicants that identification verification will be requested as required by law.

12 The company does not take steps to determine whether the documents provided by the applicant have been validly issued. However, Broadview Mortgage will not accept any document that shows some obvious evidence of fraud and will report such evidence as required by law and this Program. All applicant data is reviewed against government provided lists such those published by the Office of Foreign Assets Control (OFAC) and Specially Designated Nationals (SDN). Finally, the closing agent is required to confirm the borrower s identification by examining an acceptable form of identification as required by the USA Patriot Act. Broadview Mortgage refuses to conduct business with an individual that cannot prove his or her identity as represented in an application for a mortgage loan. Moreover, the AML Compliance Officer will be notified in these cases and a determination will be made as to whether or not sufficient suspicious activity warrants reporting to the appropriate legal authority. The company has established reasonable procedures for maintaining records of the information used to verify a borrower s name, address and other identifying information as required by law and regulation for five years following the date of the transaction. (B) Office of Foreign Asset Control Broadview Mortgage maintains reasonable procedures for determining whether the applicant appears on any list of the known or suspected terrorists or terrorist s organizations provided by any government agency. The names of all applicants subject to this Program are checked against the current Office of Foreign Asset Control (OFAC) lists and against any other lists of known or suspected terrorists or terrorist organizations. These lists include: Treasury s OFAC Specifically Designated Nationals and Blocked Persons List (SDN) Embargoed countries and regions list Any other similar, renamed or replacement list as may, from time to time, be provided. Because the OFAC website is updated frequently, the company consults the list on a regular basis. If the credit report or any other search reveals a possible match, verification is obtained from the US

13 Department of Treasury that the match is or is not the applicant. If the match is confirmed as valid, the following must occur: Notification to the AML Compliance Officer Rejection of the application Filing of a rejected transaction form with OFAC Report the occurrence via the OFAC Hotline (C) Currency Transaction Report Broadview Mortgage is not required to file Currency Transaction Reports (CTR) with FinCEN. However, IRS Form 8300 must be filed for cash transactions exceeding $10,000. (D) Shell Banks Broadview Mortgage does not engage in any business relationship where there is reasonable cause to suspect that a shell bank is a party to the transaction. (E) Foreign Banks Broadview Mortgage may engage in business relationships with foreign banks provided the banks are properly licensed and do not appear on any exclusionary lists. (F) Red Flag Program Broadview Mortgage monitors a sufficient amount of transactional activity to identify patterns of unusual size, volume, and type of transaction. The AML Compliance Officer is responsible for this monitoring and will report suspicious activities to Executive Management and the appropriate authorities. Red flags suggest possible money laundering or terrorist financing. More specifically, red flags are alerts, discrepancies, warnings, variances, or an unusual activity or pattern that is noticed by an employee. Red flags are signs of a possible problem, but they do not constitute, without review, a suspicious activity or a violation of law or regulation. The point being is that a single red flag in and of itself may not indicate fraud, money laundering, or terrorist activity; however, the greater the number of red flags the higher the likelihood of misrepresentation and/or criminal activity.

14 Red flag detection occurs during the workflow where a comparative review is made among documents furnished by the borrower, the information reported on the loan application, verification responses and information reported by credit repositories. Detection steps may include the use of SSN validation tools, fraud checks, and factual ID reports. Refer to the company Red Flag Identity Theft Plan for detailed procedures on the detection of red flags as they relate to identity theft. Additional types of actions/red flags that may warrant reporting suspicious activity include: 1. Occupancy fraud: occurs when borrowers, to obtain favorable loan terms, claim that subject properties will be their primary residences instead of vacation homes or investment properties. It also occurs when subjects apply for loans for properties that others, such as family members, will actually occupy. 2. Income fraud: includes both overstating income to qualify for larger mortgages and understating income to qualify for hardship concessions and modifications. 3. Appraisal fraud: includes both overstating home value to obtain more money from a sale or cash-out refinancing, and understating home value to purchase a property at lower cost. 4. Employment fraud: includes misrepresenting whether, where, and for how long borrowers have been employed; whether borrowers are unemployed or collecting unemployment benefits; and whether borrowers are independent contractors or business owners. 5. Liability fraud: occurs when borrowers fail to list significant financial liabilities, such as other mortgages, car loans, or student loans, on mortgage loan applications. Without complete liability information, lenders cannot accurately assess borrowers' ability to repay debts. 6. Debt elimination schemes: primarily identified in the servicing of mortgage loans; involves the use or purported use of bogus documents and payment methods to invalidate mortgage obligations or pay off mortgage balances. 7. Foreclosure rescue scams: also primarily identified in mortgage servicing; targets homeowners facing foreclosure with services or advice to purportedly stop or delay the foreclosure process. When employees detect red flags that raise suspicion in the context of a particular transaction, such activity must be reported to the AML Compliance Officer. If necessary, under the direction of the AML Compliance Officer, further investigation may be required including but not limited to gathering additional information internally or from third party sources and reporting the suspicious activity to the authorities as required in this Program.

15 (G) SAR Reporting Responsibilities Broadview Mortgage will file a report of any suspicious transaction relevant to a possible violation of law or regulation. Suspicious activity requires reporting if it is conducted or attempted in the course of business through the company. Broadview Mortgage must file a Suspicious Activity Report (SAR) with FinCEN if there is reason to suspect that capital is derived from, sought or obtained for illegal activity, or is intended to violate or evade Federal law or regulations, including but not limited to the BSA or the USA Patriot Act. The SAR must be filed electronically via the BSA E-Filing website within 30 calendar days of the date of initial detection of suspicious activity. If a suspect is not identified within the initial 30 day period, an additional 30 calendar days may be taken. In no case shall reporting be delayed more than 60 calendar days following initial detection. Broadview Mortgage must: Report any fraudulent attempts to obtain a mortgage or launder money by use of proceeds of other crimes to purchase residential real estate. Comply with other BSA reporting or record keeping requirements applicable to non-bank mortgage lenders. For example, IRS Form 8300 must be filed for cash transactions exceeding $10,000; however, FinCEN Currency Transaction Reports (CTRs) are not required of non-bank mortgage lenders. File a SAR within thirty or sixty days of becoming aware of a transaction that: a. Involves funds derived from illegal activity or are conducted to hide funds or assets derived from illegal activity b. Is designed to evade BSA requirements c. Has no business or apparent lawful purpose d. Involves the use of Broadview Mortgage to facilitate criminal activity Determine whether a SAR is required based on all the facts and circumstances relating to the transaction, applicant/borrower, financial institution, third party vendor or service provider in question Consider that different fact patterns will require different judgments Collect and maintain supporting documentation Ensure confidentiality and security IMPORTANT: A SAR AND INFORMATION THAT WOULD REVEAL THE EXISTENCE OF THAT SAR MUST BE KEPT CONFIDENTIAL AND NOT BE DISCLOSED EXCEPT AS AUTHORIZED. UNDER NO CIRCUMSTANCES MUST THE SUBJECT OF THE SUSPICIOUS ACTIVITY, WHETHER AN

16 APPLICANT, BORROWER, EMPLOYEE, THIRD PARTY VENDOR OR SERVICE PROVIDER, BE ALERTED THAT SUSPICIOUS ACTIVITY IS SUSPECTED OR THAT A SAR MAY BE FILED. Safe Harbor protects Broadview Mortgage from liability from making reports of suspicious transactions and for failure to disclose the fact of such reporting to any person identified in the report. Should a company employee receive an inquiry or a subpoena regarding suspicious activity or the existence of an SAR, politely decline to provide the information by explaining that company policy prohibits an affirmative or negative acknowledgment and immediately contact the Broadview Mortgage AML Compliance Officer. The AML Compliance Officer will work with the company s outside legal counsel to coordinate a response. More than one financial institution may have an obligation to report the same transaction, and other financial institutions may have separate obligations to report suspicious activity with respect to the same transaction. In these cases, no more than one report is required to be filed, provided that it contains all relevant facts, including the name of each financial institution involved, the report complies with all instructions applicable to joint filings, and each institution maintains a copy of the filed report. FinCEN has modernized its SAR filing system and has established a uniform electronic form for use by all financial institutions with SAR filing obligations. SAR records must be maintained for at least five years. Each individual SAR must include the following information: o o o The filing institution name Account number(s) involved in the suspicious activity Relevant suspect information Details of the suspicious activity to be completed in a uniform format on the SAR form Contact information A narrative explaining the suspicious activity that should: Provide detailed information Define jurisdiction--usually where the property is located for mortgage fraud Define the relationship between the suspects from a transactional basis

17 o o o Clarify why the actions of various suspects are suspicious If losses are not yet established (as is frequent in mortgage fraud), identify the servicing status of the loan and approximate losses anticipated Identify any supporting documentation--all supporting documentation must be retained for five years from the date of filing. (H) Emergency Notification to Law Enforcement In those situations that require immediate attention, Broadview Mortgage will notify the appropriate law enforcement agency post haste. Examples of emergency situations include but are not limited to: Reason exists that capital will be used, immediately or in short order, to engage in or facilitate an act of terrorism A party to the transaction attempts to bribe, coerce, extort, or otherwise illegally influence business conducted with the company Obvious fraud that requires immediate action to minimize exposure or prevent defalcation. (I) Sharing Information with Other Financial Institutions The company shares information about those suspected of terrorist financing and money laundering with other financial institutions for the purposes of identifying and reporting activities that may involve terrorist acts or money laundering and to determine whether to engage in a transaction. Before sharing such information, Broadview Mortgage shall: File an initial notice with FinCEN before any sharing occurs and annual notices afterwards Use the notice form found at FinCEN s website use a paper notification mailed to FinCEN P.O. Box 39 Mail Stop 100 Vienna, VA Take reasonable steps to verify that the other financial institution has submitted the requisite notice to FinCEN, either by obtaining confirmation from the financial institution or by consulting a list of such financial institutions that FinCEN will make available. This requirement applies even with respect to financial institutions with which Broadview Mortgage may be affiliated. Accordingly, the company will obtain the requisite notices from affiliates, if any, and follow all required procedures. Employ strict procedures both to ensure that only relevant information is shared and to protect the security and confidentiality of this information, including segregating it from all books and records. (J) FinCEN Requests Broadview Mortgage responds to any FinCEN request about accounts or transactions by immediately searching records to retrieve all available information regarding each individual, entity, or organization named in FinCEN s request. Unless otherwise stated in FinCEN s request, Broadview Mortgage is required to search current accounts and transactions, accounts maintained by a named suspect during the preceding 12 months, and transactions conducted by or on behalf of or with a named suspect during the preceding six months. If a

18 match is found, it will be reported to FinCEN by completing FinCEN s subject information form in a timely manner. If a record search fails to uncover a matching account or transaction, then Broadview Mortgage may not reply as permitted under Section 314(a) of the USA Patriot Act. The company does not disclose the fact that FinCEN has requested or obtained information except to the extent necessary to comply with the information request. Broadview Mortgage maintains procedures to protect the security and confidentiality of requests from FinCEN, as required by Section 501 of the Gramm-Leach-Bliley Act and directs any questions regarding the request to the requesting Federal law enforcement agency as designated in the 314(a) request. Unless otherwise stated in the information request, the company does not treat the information request as continuing in nature, and does not consider the request inclusive for purposes of the customer identification and verification requirements. The company does not use information provided to FinCEN for any purpose other than: Reporting to FinCEN as required under Section 314 of the USA Patriot Act Determining whether to establish or maintain an account, or to engage in a transaction Ensuring compliance with any requirements of Section 314 of the USA Patriot Act. (K) Prohibited Practices The BSA, in general, prohibits the structuring of any transaction for the purpose of evading or avoiding established reporting requirements. Accordingly, it is a violation of this Program and related laws and regulations for any person, agent, or entity to cause or attempt to cause Broadview Mortgage to: Fail to file a required report File a report which includes any material miss-statement or omission Structure or assist in structuring, or attempt to structure, any transaction with one or more financial institutions so as to avoid the intention of this Program, the underlying regulations or any reporting requirements. NOTE: one or more financial institutions includes but is not limited to brokers, correspondent lenders, and investors. (L) Penalties The following information should not be construed as comprehensive, limiting, or legal advice. It is offered to provide all readers of this Program a sense of seriousness with which Broadview Mortgage and its regulators view these policies and the degree to which violations may be penalized.

19 Both civil and criminal penalties exist for the violation of the BSA, Anti-Money Laundering and/or Suspicious Activity Reporting. Penalties for the violation of the company AML Program and/or related laws may vary depending on the nature of the offense. Broadview Mortgage and the United States government act independently and the actions of one in no way limit the actions of the other. The AML Program and related policies are of paramount importance to the company. All employees should be ever vigilant so that transactions in which they engage in or on behalf of Broadview Mortgage and/or its customers, third party vendors, service providers, and investors are done so in accordance with the AML Program and related policies. Violations of the AML Program and related policies can have significant ramifications including, but not limited to warning, censure, demotion or termination. A financial institution including partners, directors, officers, and employees that willfully violate BSA, the USA Patriot Act, OFAC, or any and all related Anti-Money Laundering laws and regulations may be subject to both civil and criminal penalties, including fines and imprisonment. (M) Training Broadview Mortgage will execute AML training for its employees under the direction of the AML Compliance Officer. All loan officers/originators, account executives, processors, underwriters, document drawers, funders, post-closing personnel, secondary marketing associates and other employees in a position to detect money laundering or suspicious activity will be trained in conformance with this Program. New employees will be trained as soon as practicable after hiring but no later than ninety (90) days following the first day of employment. On-going periodic training will be conducted annually. The training will cover the material in this Program and emphasize the following: The laws and regulations underlying this Program, including but not limited to BSA, USA Patriot Act, and OFAC The implementation of this Program and practical application in the context of the employee s specific function and responsibility Best practices that should be employed to minimize the risk that Broadview Mortgage could be used to launder money, facilitate mortgage loan fraud, and other financial crimes

20 Methodology for detecting Red Flags and other signs of money laundering or fraud Protocols for reporting suspicious activity to the AML Compliance Officer Disciplinary consequences and civil/criminal penalties for failing to comply with the Bank Secrecy Act, USA Patriot Act, and/or related laws and regulations. The AML Compliance Officer is responsible for the implementation of and compliance with BSA, AML, SARs, and the AML Program as described in this Program. The Compliance Officer is required to ensure maintenance of industry standards and best practices. In addition to the above detailed on-going training, the Compliance Officer is required to: Attend two seminars of appropriate subject matter each a minimum of one day in duration Maintain any related professional designations Subscribe to industry, peer, government, law enforcement news feeds, services, or other sources of information related to the discharge of the Compliance Officer s duties. Supplemental specialized training will be provided for specific employees in compliance, audit, internal security, and other departments as needed. In addition, all company employees will be alerted to periodic developments concerning best practices, law/regulation changes, and AML Program changes as they occur. Training records will be maintained verifying that each employee has attended and completed initial and periodic training for a period of five years. (N) Third Party Service Providers Broadview Mortgage ensures that all third party service providers and vendors have implemented protocols as required by the BSA, USA Patriot Act, OFAC, and other applicable laws and regulations. Broadview Mortgage may conduct periodic due diligence that includes contract review, financial analysis, and/or audit should there be substantial reason to believe that the service provider or vendor is not complying with regulatory requirements. (O) Independent Audit Annual audits of the AML program will be conducted under the direction of a qualified independent third party or by qualified internal audit specialist with a working knowledge of BSA requirements. The auditor will report the findings to Broadview Mortgage Executive Management and outside counsel. Executive Management and outside counsel will respond to the audit results taking corrective action as needed. If an internal audit is executed, the auditor will not report to the AML Compliance Officer.

21 The audit will be comprehensive and cover the following: Independent testing to monitor and maintain an adequate AML Program Testing to determine compliance of Broadview Mortgage s agents, brokers, correspondents. A review of any automated monitoring systems A review of manual monitoring protocols Additional audits may be conducted if warranted by the results of the annual audit.