Customized compliance
Under customized compliance, you maintain your own compliance program. This includes Bank Secrecy Act / Anti-Money Laundering (BSA/AML) obligations such as identity verification, customer due diligence, sanctions screening, and transaction monitoring, as well as the supporting policies, procedures, and controls. You also are responsible for fraud monitoring, customer support, information security, third-party risk management, and appropriate marketing of bank services. Depending on the user base you’re serving, additional regulations may apply.
Your bank partner will request documentation about your program upfront, supervise your ongoing activity, and conduct periodic reviews. For how this compares to managed compliance, see Compliance programs.
If you’re at the beginning of your journey and customized compliance is the right model for your Program, we strongly advise working with a consulting firm to help pull together a robust compliance program. We’re happy to recommend firms. If you have questions, reach out to support@increase.com.
Program onboarding
At onboarding, your bank partner will look for information across the areas below. They may have some follow-up requests and provide feedback to help you develop policies and procedures that align with their expectations and risk tolerance.
| Category | Example of what the bank is looking for |
|---|---|
| Regulatory compliance | Anti-money laundering procedures, compliance management policies, your terms of service |
| Business experience and qualifications | Your business’s size, staffing, and products |
| Financial health | Financial statements, audit reports, and forecasts |
| Risk management and controls | Vendor management, current vendors, how your business assesses counterparty risks |
| Information security | Data protection systems, network diagrams, software development lifecycle |
| Operational resilience | Business continuity, penetration tests, insurance policies |
Customer information and identity verification
You’re responsible for verifying the identity of your customers through your own Customer Identification Program. See the Platform implementation guide for how to submit customer information and attach verification evidence.
The bank will evaluate each Entity’s submitted data against your identity verification policy and rules that were approved during onboarding.
Transaction monitoring
As part of your compliance program, you’ll monitor transactions for signs of money laundering, terrorist financing, and other illicit financial activity. When you come across unusual activity, review it, validate that it isn’t expected behavior, and submit the details to the Increase dashboard. Your bank partner will confirm receipt and may follow up if they need additional information. Consistent with regulatory requirements, they may not be able to share the outcome of a review.
In addition to escalated findings, you’re expected to submit evidence of all your alerts. The bank will use this data to ensure that you’re following the transaction monitoring policy and rules that were approved during onboarding.
Periodic compliance review
On a periodic basis, your bank partner will:
- Review your refreshed documents and any changes to your policies or procedures.
- Review your website, terms & conditions, and fees.
- Discuss compliance program updates and new risks with your compliance lead.
- Audit your identity verification procedures as needed.
- Request audited financial statements, if applicable.