Business ProfileforRoyal Business Bank

FDIC vs Royal Business Bank
Within 90 days of the effective date of this Order, the Bank shall review, enhance
and implement its written compliance program designed to, among other things, ensure and
maintain compliance by the Bank with AML/CFT laws, rules, and regulations. The program shall ensure that clear and comprehensive AML/CFT compliance reports are provided to the
Bank's Board on a monthly basis. Such program and its implementation shall be in a manner
acceptable to the Regional Director of the FDIC's San Francisco Regional Office ("Regional
Director") and the CDFPI Commissioner ("Commissioner") as determined at subsequent
examinations and/or visitations of the Bank. At a minimum, the program shall:
(a) Review and improve a system of internal controls, as discussed in
Paragraph 4 herein, to ensure compliance with AML/CFT laws, rules, and regulations, including
policies and procedures to detect and monitor all transactions that may be conducted for
illegitimate purposes and that there is full compliance with all applicable laws and regulations.
(b) Ensure that the Bank’s AML/CFT program is managed by a qualified
officer who has the required authority, responsibility, training, resources, and management
reporting structure to ensure compliance with the Bank’s AML/CFT program requirements and
AML/CFT laws, rules, and regulations. Such a program shall include without limitation:
(i) Identification of timely, accurate and complete reporting to law
enforcement and supervisory authorities of unusual or suspicious activity or known or suspected
criminal activity perpetrated against or involving the Bank; and
(ii) Monitoring the Bank's compliance and ensuring that full and
complete corrective action is taken with respect to identified violations and deficiencies.
(c) Provide and document training by competent staff and/or independent
contractors of all Bank's Board members and all appropriate personnel, including, without
limitation, senior management, tellers, customer service representatives, lending officers, private
and personal banking officers and all other customer contact personnel, in all aspects of
regulatory and internal policies and procedures related to AML/CFT laws, rules, and regulations. (i) Ensure that training is tailored to address the specific compliance
responsibilities of the group or individual for which the training is being provided.
(ii) Training shall be updated on a regular basis to ensure that all
personnel are provided with the most current and up to date information, such as the particular
money laundering, terrorist financing and illicit finance risks of the Bank based on its products,
services, business lines, customer types, geographic reach and any other risks identified. Ensure that all customers of the Bank are appropriately risk-rated to capture the money
laundering or terrorist financing risk they pose. The Bank’s CDD shall operate in
conjunction with the Bank’s Customer Identification Program (“CIP”) to enable the Bank to
understand the nature and purpose of customer relationships and develop sufficient customer
risk profiles.
(b) Update procedures to instruct analysts to reference expected activity from
customer risk profiles when reviewing transaction monitoring alerts. The Bank must have
appropriate policies, procedures and processes for monitoring and updating customer
information including policies to address when and what customer information will be collected
to ensure the Bank’s customer risk ratings are current and serve as an accurate reflection of risk.
(c) Maintain a sustainable process to ensure all HRA customer relationships
receive a periodic review.
(d) Maintain processes and procedures to investigate and, as appropriate,
report suspicious or unusual activity detected in the course of the Bank’s ongoing monitoring and
updating of customer information.
(e) Conduct a rules tuning/calibration of transaction monitoring and risk
scoring parameters and ensure the system is operating as expected.
(iii) This training shall be conducted at least annually and shall be
updated, as appropriate, to include changes to the relevant AML/CFT laws and regulations and
changes to the Bank’s Risk Assessment.
3. Within 90 days of the effective date of this Order, the Bank shall revise, adopt,
and implement its AML Policy to include provisions which implement the requirements of this
Order. The Bank’s Board and management shall fully implement the provisions of the revised
AML Policy. The revised AML Policy, and its implementation, shall be in a form and manner
acceptable to the Regional Director and the Commissioner as determined at subsequent
examinations and/or visitations of the Bank.
ACCEPTABLE CUSTOMER DUE DILIGENCE PROGRAM
4. Within 90 days of the effective date of this Order, the Bank shall review, enhance
and implement appropriate risk-based policies and procedures for a written Customer Due
Diligence (“CDD”) program that complies with the requirements set forth in 31 C.F.R.
§ 1020.210(b)(v) and as detailed in the ROE. Such program and its implementation shall be in a
manner acceptable to the Regional Director and the Commissioner as determined at subsequent
examinations and/or visitations of the Bank. At a minimum, the Bank shall:
(a) Update customer risk profiles to reflect current expected activity
information for High Risk Account (“HRA”) reviews. The customer risk rating system must