How to Implement OFAC Requirements in Your Mortgage Loan Origination Process

As a residential mortgage lender or originator (RMLO), you are in a unique position to assess and identify money laundering risks, fraud, and other forms of potential suspicious activity. To protect your institution from financial crimes, you need to comply with the Office of Foreign Assets Control (OFAC) requirements for mortgage loan origination. In this blog post, we'll show you how to implement OFAC requirements in your mortgage loan origination process.

1. Conduct a Risk Assessment

The first step in implementing OFAC requirements is to conduct a risk assessment of all types of transactions, products, and services. An effective risk assessment should be a composite of multiple factors, and depending upon the circumstances, certain factors may be weighed more heavily than others. Once you have identified your areas with higher OFAC risk, you should develop appropriate policies, procedures, and processes to address the associated risks. You may tailor these policies, procedures, and processes to a specific business line or product.

2. Review OFAC Requirements

RMLOs must review OFAC requirements and screen mortgage loan applicants with the OFAC Sanctions Lists of known or suspected terrorists, narcotics traffickers, and other criminal actors for potential matches. OFAC maintains a list of Specially Designated Nationals and Blocked Persons (SDN List), which includes individuals, entities, and countries subject to economic sanctions. RMLOs must be alert to transactions that involve parties identified on any Sanctions List and report positive matches to OFAC within ten days. You may also need to file a Suspicious Activity Report (SAR) depending on the circumstances of the transaction.

3. Develop Policies, Procedures, and Processes

Once you have conducted a risk assessment and reviewed OFAC requirements, you should develop appropriate policies, procedures, and processes to address the associated risks. These policies, procedures, and processes should include internal controls for identifying suspect accounts and transactions, as well as reporting blocked and rejected transactions to OFAC. Internal controls should include the following elements:

- Identifying and reviewing suspect transactions: The policies, procedures, and processes should address how the RMLO will identify and review transactions and accounts for possible OFAC violations, whether conducted manually, through software, or a combination of both.

- Reporting blocked and rejected transactions: The policies, procedures, and processes should address how the RMLO will report blocked and rejected transactions to OFAC, including the required information and the timeframe

continue

for reporting.

- Training and education: The policies, procedures, and processes should address how the RMLO will train and educate its employees on OFAC requirements and the risks associated with mortgage loan origination.

4. Maintain Confidentiality of Suspicious Activity Reports

FinCEN requires all financial institutions and regulatory and law enforcement agencies to preserve the confidentiality of SAR filings. The unauthorized disclosure of SARs could undermine ongoing and future investigations by tipping off suspects, deter financial institutions from filing SARs, and threaten the safety and security of institutions and individuals who file SARs. Additionally, the disclosure of SARs compromises the essential role SARs play in protecting our financial system and in preventing and detecting financial crimes and terrorist financing.

To learn more about OFAC requirements for mortgage loan origination, visit the U.S. Department of Treasury's OFAC website. You can also find more information on the Financial Crimes Enforcement Network (FinCEN) website, which provides guidance on SAR filings and other anti-money laundering (AML) requirements.