In recent weeks, Georgia has expanded its request to include a high degree of specificity, likely because respondents weren't clear enough in their responses. For customers who have purchased a "Compliance Pack" responding this is just a matter of following the instructions below. 

 

Common Deficiencies and Their Location

 

Sample Form Letter Sent

Step-by-Step Response Guide

This guide provides a detailed process to extract the 1-70 AML Plan from the 1-0 or 1-A Quality Control (QC) Plan and the 2-90, 2-91, and 2-92 IT Safeguarding Policies and Procedures from the 2-9 IT Security Plan. If you have purchased these as stand-alone policies, you can ignore locating the policies in your pages. Follow these steps to isolate and document the relevant sections for individual use accurately.

 

Part 1: Extracting the 1-70 AML Plan from the 1-0 or 1-A QC Plan

  1. Access the QC Plan Document:

    • Open the 1-0  or 1-A Quality Control (QC) Plan document.

    • Ensure that you are working with the most current version.

  2. Locate Section 1-70:

    • Scroll through the table of contents to find Section 1-70 (AML Plan).

    • Alternatively, use the document’s search feature (e.g., press Ctrl + F on a keyboard) and search for “1-70” or “AML Plan.”

  3. Review Section 1-70 Content:

    • Confirm the section covers the key elements of the AML Plan, such as (the entire section, not just the first few pages):

      • Customer Identification Program (CIP)

      • Monitoring transactions for suspicious activity

      • Filing Suspicious Activity Reports (SARs)

      • Employee AML training requirements

  4. Select and Copy the Content:

    • Highlight the entire Section 1-70 AML Plan text.

    • Right-click and select Copy, or press Ctrl + C.

  5. Paste into a New Document:

    • Open a new document in your word processor (e.g., Microsoft Word, Google Docs).

    • Paste the copied content by pressing Ctrl + V.

  6. Format and Save:

    • Ensure proper formatting of the extracted section for standalone use.

    • Save the document with a descriptive filename, such as e.g., “1-Anti-Money Laundering / Bank Secrecy Act Policies and Procedures”

    • Attach this file to your email response and store the file in your policy and procedures folders for future reference.

     

Part 2: Extracting Sections 2-90, 2-91, and 2-92 from the 2-9 IT Security Plan

  1. Access the IT Security Plan Document:

    • Open the 2-9 IT Security Plan document.

    • Confirm that the version you are working on is the latest.

  2. Locate Sections 2-90, 2-91, and 2-92:

    • Use the table of contents or the document search feature to find the following sections:

      • Section 2-90: IT Safeguards Overview

      • Section 2-91: Physical and Logical Access Controls

      • Section 2-92: Incident Response Procedures

  3. Review the Content of Each Section:

    • Verify that each section contains the necessary information:

      • 2-90: General overview of IT safeguarding policies.

      • 2-91: Detailed physical and logical access control measures.

      • 2-92: Steps and protocols for incident response, including breach notification procedures.

  4. Select and Copy Each Section:

    • Highlight the text for Section 2-90.

    • Copy the section by pressing Ctrl + C.

    • Paste the content into a new document labeled “2-90 IT Safeguards Overview”.

    • Repeat the process for Section 2-91 and Section 2-92, creating separate documents for each section.

  5. Format and Save Each Section:

    • Ensure that each extracted section is properly formatted for clarity and standalone use.

    • Save each document with appropriate filenames to match the regulator request such as, e.g.; “Information Technology / Information Security (FTC Safeguards Rule) Policies and Procedures.”

    • Attach this file to your email response and store the file in your policy and procedures folders for future reference.