BSA/AML Compliance Officer conducts a formal risk assessment at least once per year. BSA/AML Compliance Officer also conducts a risk assessment when a material change occurs in the business. Three types of events qualify as material changes: ownership changes at or above the 25% threshold, significant shifts in the customer population, and issuance of a Geographic Targeting Order affecting Rapido Facil Exchange Co.'s market area. An out-of-cycle assessment must be completed within 30 days of the triggering event. Prompt completion ensures controls are adjusted before new risks create exposure.
\nThe assessment follows five steps:
\nThe assessment evaluates five risk dimensions. Each dimension receives an inherent risk rating and a residual risk rating after controls.
\nProducts and services. Rapido Facil Exchange Co. provides check cashing exclusively. Check cashing carries elevated placement-stage risk because it is cash-intensive.
\nCustomers. The customer base is walk-in retail with no established account relationship. Customers with no fixed address, frequent large transactions approaching the CTR threshold, or third-party check presenters carry moderate risk. EDD triggers are calibrated to these indicators.
\nGeography. Rapido Facil Exchange Co. operates within a designated HIDTA and HIFCA zone. BSA/AML Compliance Officer evaluates the location against current Geographic Targeting Orders. Issuance or modification of a Geographic Targeting Order is an automatic reassessment trigger.
\nTransaction volume and channels. BSA/AML Compliance Officer reviews transaction volume trends quarterly. A sustained shift of 20% or more in volume, product mix, or customer segment initiates an out-of-cycle assessment. Quarterly review ensures thresholds remain calibrated to current activity.
\nRegulatory environment. BSA/AML Compliance Officer evaluates changes in the regulatory environment as part of each assessment cycle.
\nEach risk dimension is mapped to one or more mitigating controls. Controls include CIP procedures, OFAC screening, transaction monitoring thresholds, SAR and CTR filing obligations, EDD protocols, and staff training. BSA/AML Compliance Officer rates the strength of each control as strong, adequate, or needs improvement. Any dimension with a residual-high rating requires a documented remediation commitment with a target completion date. Documented commitments create an auditable record and drive timely corrective action.
\nBefore launching any new product, service, delivery channel, or geographic location, BSA/AML Compliance Officer conducts a pre-launch risk assessment using the same five-step methodology. A pre-launch assessment ensures new risk is identified before it becomes operational exposure.
\nBSA/AML Compliance Officer reviews all monitoring thresholds at each annual assessment. Thresholds include transaction volume alerts, structuring indicators, and EDD triggers. Adjustments reflect current transaction patterns, updated FinCEN typologies, and control testing results. BSA/AML Compliance Officer must document and approve all threshold changes before they take effect. Pre-approval documentation provides evidence that monitoring is calibrated to actual risk.
\nBSA/AML Compliance Officer tests the effectiveness of key controls at least once per year as part of the assessment cycle. Testing includes transaction sample review, alert disposition audits, and training completion verification. Results are incorporated into the control effectiveness ratings used in the next assessment cycle. Annual testing identifies control gaps before an examination does.
\nEach completed risk assessment is documented in a written report. The report covers methodology, data sources, risk ratings by dimension, control effectiveness ratings, residual risk conclusions, and recommended adjustments. BSA/AML Compliance Officer presents the report to the owner/principal for review and approval before incorporating findings into program updates. Owner approval ensures senior management accountability for program design. Completed assessments are retained for a minimum of five years. Five-year retention ensures records are available for any regulatory examination.
", "narration_text": "BSA/AML Compliance Officer conducts a formal risk assessment at least once per year. BSA/AML Compliance Officer also conducts a risk assessment when a material change occurs in the business. Three types of events qualify as material changes: ownership changes at or above the 25% threshold, significant shifts in the customer population, and issuance of a Geographic Targeting Order affecting Rapido Facil Exchange Co.'s market area. An out-of-cycle assessment must be completed within 30 days of the triggering event. Prompt completion ensures controls are adjusted before new risks create exposure.\r\n\r\nThe assessment follows five steps:\r\n\r\nDefine scope — identify all products, services, customer types, geographic locations, and delivery channels subject to assessment.\r\nAssess inherent risk — rate each risk dimension before controls, using transaction volume data, customer risk indicators, and jurisdictional exposure.\r\nEvaluate controls — determine whether existing policies, procedures, and automated controls adequately mitigate each identified risk.\r\nCalculate residual risk — determine the risk remaining after controls, and flag any dimension where residual risk exceeds acceptable levels.\r\nDocument and recommend — record findings, data sources, and proposed control adjustments, and present them to the owner/principal for approval.\r\n\r\nThe assessment evaluates five risk dimensions. Each dimension receives an inherent risk rating and a residual risk rating after controls.\r\n\r\nProducts and services. Rapido Facil Exchange Co. provides check cashing exclusively. Check cashing carries elevated placement-stage risk because it is cash-intensive.\r\n\r\nCustomers. The customer base is walk-in retail with no established account relationship. Customers with no fixed address, frequent large transactions approaching the CTR threshold, or third-party check presenters carry moderate risk. EDD triggers are calibrated to these indicators.\r\n\r\nGeography. Rapido Facil Exchange Co. operates within a designated HIDTA and HIFCA zone. BSA/AML Compliance Officer evaluates the location against current Geographic Targeting Orders. Issuance or modification of a Geographic Targeting Order is an automatic reassessment trigger.\r\n\r\nTransaction volume and channels. BSA/AML Compliance Officer reviews transaction volume trends quarterly. A sustained shift of 20% or more in volume, product mix, or customer segment initiates an out-of-cycle assessment. Quarterly review ensures thresholds remain calibrated to current activity.\r\n\r\nRegulatory environment. BSA/AML Compliance Officer evaluates changes in the regulatory environment as part of each assessment cycle.\r\n\r\nEach risk dimension is mapped to one or more mitigating controls. Controls include CIP procedures, OFAC screening, transaction monitoring thresholds, SAR and CTR filing obligations, EDD protocols, and staff training. BSA/AML Compliance Officer rates the strength of each control as strong, adequate, or needs improvement. Any dimension with a residual-high rating requires a documented remediation commitment with a target completion date. Documented commitments create an auditable record and drive timely corrective action.\r\n\r\nBefore launching any new product, service, delivery channel, or geographic location, BSA/AML Compliance Officer conducts a pre-launch risk assessment using the same five-step methodology. A pre-launch assessment ensures new risk is identified before it becomes operational exposure.\r\n\r\nBSA/AML Compliance Officer reviews all monitoring thresholds at each annual assessment. Thresholds include transaction volume alerts, structuring indicators, and EDD triggers. Adjustments reflect current transaction patterns, updated FinCEN typologies, and control testing results. BSA/AML Compliance Officer must document and approve all threshold changes before they take effect. Pre-approval documentation provides evidence that monitoring is calibrated to actual risk.\r\n\r\nBSA/AML Compliance Officer tests the effectiveness of key controls at least once per year as part of the assessment cycle. Testing includes transaction sample review, alert disposition audits, and training completion verification. Results are incorporated into the control effectiveness ratings used in the next assessment cycle. Annual testing identifies control gaps before an examination does.\r\n\r\nEach completed risk assessment is documented in a written report. The report covers methodology, data sources, risk ratings by dimension, control effectiveness ratings, residual risk conclusions, and recommended adjustments. BSA/AML Compliance Officer presents the report to the owner/principal for review and approval before incorporating findings into program updates. Owner approval ensures senior management accountability for program design. Completed assessments are retained for a minimum of five years. Five-year retention ensures records are available for any regulatory examination." }