ProBank Austin professionals will validate the programming of the automated transaction monitoring system used for suspicious activity monitoring and reporting purposes. Validation services include testing the accuracy and integrity of the transaction monitoring system to determine whether the application is functioning as intended. Accordingly, validation services would include the following procedures (as applicable):
- Identification of the types of customers, products, and services that are included within the automated account monitoring system and whether there are any exclusions.
- Identification of the system’s methodology for establishing and applying expected activity or profile filtering criteria and for generating monitoring reports, and a determination if selected filtering criteria are considered reasonable.
- Analysis of available filters/rules that are not used and whether additional filters/rules would enhance monitoring consistent with the Bank’s risk profile.
- Testing of selected filtering criteria to ensure reported output continues to be reliable.
- Transaction testing that will include sampling transactions and other data from the Bank’s source systems for confirming accurate inclusion in the automated system.
- Testing to ensure the system’s automated risk scoring is applied appropriately to enable identification of higher risk customers.
- Testing to ensure OFAC screenings include current SDN and Consolidated Non-SDN lists and encompass the entire database;
- Testing to ensure 314(a) (information sharing) search names are imported and applied to the entire database appropriately.
- Review of the vendor program assurances and status of applicable upgrades.
- Review of change/access/maintenance controls for the monitoring system.
A determination that any system modifications or filtering changes over the review period are considered appropriate.