BSA/OFAC Data Request List
Information for
Financial Institution IT Managers
We have heard from many of our members, who work in institutions under $500 million, that it is not easy to get the data required to perform the kind of risk assessment regulators are asking for.
It seems to us the best people to ask about what kind of data is available to small financial institutions, would be the institution’s IT manager, or in some cases it may be the Core Processor Relationship Manager.
This page generally outlines the data needed to get a risk assessment done that satisfies regulatory expectation.
It would be a huge favor if you would check out the data request list at right and then, (a) call George Self, the Coalition Board Member who is guiding this project) (828-230-5802) or email him and advise us, in your opinion, if the data is available in either a OCR-readable or CSV format? If only some of the data is available, how much? If the data exists in different files or tables, can it be exported to a file with a common field, such as Account Number?
We would also like your opinion regarding whether or not this data is likely to be available in an institution under $500 million. And, last of all, you could help us speak the language to other IT professionals as to the best way to ask for the information, in technical terms.
Thank you very much for your help. Please contact us if you have questions or comments.

Data Request List
Initially, the data will consist of twelve consecutive months; data can be in twelve separate CSV or XL format files. After the first run, the data should be output monthly, by the 10th of the month following the previous month-end.
Base Data Request
Data Run date
Customer Name/Physical Address (plan on verifying the addresses with USPS if necessary)
Customer ID Number
Date Account Opened
Branch Assignment
Deposit Account Number, Type, Balance
Loan Account Number, Type, Balance
Service Account Type (Deposit Box, ACH, RDC, etc.)
Date, Number and Dollar Volume of each transaction in each deposit account
Date, Number and Dollar Volume of each transaction in each loan account
Date, Number and Dollar Volume of each transaction in each service account (ATM, ACH, etc.)
List of Service Accounts showing which account number paired with
For example, if an account is approved to send Wires, then a data set which includes the following:
Customer Account Number
Customer ID Number
Date of Wire In or Out
Transaction Number or ID
Payable to Whom (Beneficiary)
Originator of Wire
Beneficiary Address (including City, State and Zip; if out of USA include the foreign address)
Originator Address ((including City, State and Zip; if out of USA include the foreign address)
Date of Origination
Date of Receipt (if known)
Originator’s Bank
Beneficiary’s Bank
Amount
If an account is approved for Redeposit Capture, or On Line Banking, include the following:
Customer Account Number
Customer ID Number
Transaction Number or ID
Payable to Whom (Beneficiary)
Beneficiary Address (including City, State and Zip; if out of USA include the foreign address)
Date of Origination
Beneficiary’s Bank
Amount
Appended Third-Party Data to each account
HIDTA/HIFCA
Geo-coding: Census Tract, Lat-Long
NAICS code for all business accounts
– – – – – – – – – – – – – – –
If the data exists in separate files or tables, please export in such a way as there is a key field (common field) in each file or table.
– – – – – – – – – – – – – – –
Link to the Federal Financial Inter-Agency Examination Counsel (FFIEC) BSA Examination
BSA/OFAC Risk Assessment Page
This Federal Financial Institutions Examination Council (FFIEC) Bank Secrecy Act (BSA) /Anti-Money Laundering (AML) Examination Manual provides guidance to examiners for carrying out BSA/AML and Office of Foreign Assets Control (OFAC) examinations. An effective BSA/AML compliance program requires sound risk management; therefore, the manual also provides guidance on identifying and controlling risks associated with money laundering and terrorist financing. The manual contains an overview of BSA/AML compliance program requirements, BSA/AML risks and risk management expectations, industry sound practices, and examination procedures. The development of this manual was a collaborative effort of the federal and state banking agencies 1 and the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Department of the Treasury, to ensure consistency in the application of the BSA/AML requirements. In addition, OFAC assisted in the development of the sections of the manual that relate to OFAC reviews. Refer to Appendices A (“BSA Laws and Regulations”), B (“BSA/AML Directives”), and C (“BSA/AML References”) for guidance.Federal Financial Inter-Agency Examination Counsel