If you move money on behalf of your clients, this document is for you! This includes those opening for benefit of (FBO) accounts or those opening accounts on behalf of their underlying users.
At Increase, we believe you are in the best position to run your own compliance program. You know your business best, so you can judge what type of customer and transaction looks suspicious. This puts you in the driver’s seat when it comes to onboarding customers and monitoring transactions.
For benefit of (FBO) account holders are Program Managers of the bank. You are required to maintain a full compliance program. This includes, but is not limited to, Bank Secrecy Act compliance and any applicable consumer protection regulation.
If you’re at the beginning of your journey, we’d strongly advise working with a consulting firm to help pull together a robust compliance program. We’re happy to recommend firms to work with. If you have questions, please reach out to us at firstname.lastname@example.org.
To better understand your business and compliance program, we’ll collect information on your business model and team, Bank Secrecy Act / Anti Money Laundering program, compliance and risk management, data & security, and consumer protection policies, if applicable. We may have some follow-up requests. We’ll ask for the following:
- Answers to our due diligence questionnaire about your business and management team.
- Funds flow showing how money is moving between accounts.
- Copy of your end user terms & conditions.
- Insurance requirements, as applicable.
Bank Secrecy Act / Anti Money Laundering (BSA / AML) program
- Customer Identification Program overview, showing how you verify the identity of your customers.
- Bank Secrecy Act / Anti Money Laundering Policies and Procedures, including third-party vendors you work with for identity verification and transaction monitoring.
Compliance & risk overview
- Risk Management Policy that demonstrates how you evaluate and manage vulnerabilities.
- Vendor Management Policy and a list of covered vendors with risk rating.
- Compliance Management Policy that outlines oversight, testing/monitoring, and employee training.
- Complaints Policy that details how you track and resolve complaints from your customers.
Data & security overview
- Information Security Policy that addresses your systems, technology infrastructure and reliance on any third parties.
- Disaster Recovery and Business Continuity Plans that outline procedures to safeguard data and resume operations.
- Data Security information, including:
- Results from penetration testing, or plans for penetration testing within your first year of launching a financial technology product.
- Payment Card Industry Data Security Standards attestation of compliance (as applicable).
- Results from most recent Independent Service Auditor’s Report – SOC1 Type II, or plans for undergoing this audit within your first year of launching a financial technology product.
Consumer protection policies (if applicable)
- If your business serves consumers, we’ll request Reg E and E-sign policies, as well as monthly complaints tracking.
Customer Information Files
You will collect and verify information about your customers. You must share that information with us. To do so, you will create an
Note that if you are opening bank titled for benefit of (FBO) accounts, those accounts should be owned by one Entity in the name and tax identification number of one of our bank partners. The Entity you create for your end customer will not own any accounts.
As part of your compliance program, you’ll monitor transactions for signs of money laundering, terrorist financing, and other illicit financial activity. As you are monitoring transactions and reviewing customer identification documents, you may come across unusual activity. When you do, you must review it, validate that it is not expected behavior, and submit the details to email@example.com.
We’ll acknowledge we’ve received your email but we won’t provide feedback or follow up unless we need help. This is a Bank Secrecy Act / Anti-Money Laundering requirement.
You will need to maintain a ledger to track and reconcile funds belonging to each end user. You can use Increase, your own in-house technology or a third party to maintain the ledger. If you’re not using Increase we’ll ask you submit the results at the end of each day through our Bookkeeping API.
If you anticipate originating ACH debits, we will work with you to establish and maintain a Reserve Account.
Standard periodic program review
- Annually, we will review your refreshed documents and any changes to your policies or procedures.
- Annually, we will review your website, terms & conditions and fees.
- Quarterly, we will discuss program updates and new risks with your Chief Compliance Officer.
- We will periodically audit your identity verification procedures as needed.
- We will periodically request audited financial statements, if applicable.
- If you receive any notice or criticism from a regulatory authority, you should alert Increase at firstname.lastname@example.org and send a copy of the communication within 3 business days of receiving the complaint.
Additional requirements for consumer businesses
Marketing material review
We will review any initial marketing materials that reference the bank and/or payment services. We will work with you on proper guidelines for language used in future marketing materials. Any significant changes to your marketing materials may require additional review.
You will be responsible for providing customer service related to your program. You should establish and maintain a toll free number, and disclose this number in your terms and conditions.
You will perform quality monitoring of your customer service functions. We may periodically conduct call monitoring to assess your customer service quality.
In accordance to your Complaints Management Policy, you will track complaints and handle resolutions. You will share a monthly report of your complaints tracking with Increase.