Federal Deposit
Insurance Corporation

{{1-31-97 p.C-3753}}
   [¶11,032] In the Matter of Philo Exchange Bank, Philo, Illinois, Docket No. FDIC-94-100b (8-30-94E).

   Bank to cease and desist from such unsafe or unsound practices as operating in violation of applicable laws or regulations; operating with officers and staff who lack adequate knowledge of the Bank Secrecy Act; operating without proper internal routine and controls; failing to provide adequate supervision over the Bank's affairs. (Editor's Note: This order was terminated by order of the FDIC dated 11-4-96. See ¶16,129.)

[.1] Violations of Law—Eliminate/Correct
[.2] Bank Secrecy Act—Compliance—Qualified Officer
[.3] Bank Secrecy Act—Compliance—Written Program Required
[.4] Bank Secrecy Act—Quarterly Internal Audit
[.5] Board of Directors—Committee to Review Compliance with Cease and Desist Order
[.6] Shareholders—Disclosure—Cease and Desist Order

In the Matter of

PHILO EXCHANGE BANK
PHILO, ILLINOIS
(Insured State Nonmember Bank)
ORDER TO CEASE AND DESIST
FDIC-94-100b
   Philo Exchange Bank, Philo, Illinois ("Bank"), having been advised of its right to a NOTICE OF CHARGES AND OF HEARING detailing the violations of law or regulation alleged to have been committed by the Bank, and of its right to a hearing on the charges under section 8(b) of the Federal Deposit Insurance Act ("Act"), 12 U.S.C. § 1818(b), and having waived those rights, entered into a STIPULATION AND CONSENT TO THE ISSUANCE OF AN ORDER TO CEASE AND DESIST ("CONSENT AGREEMENT") with counsel for the Federal Deposit Insurance Corporation ("FDIC"), dated July 27, 1994, whereby, solely for the purpose of this pro- {{1-31-97 p.C-3754}}ceeding and without admitting or denying the charges of violation of law and/or regulations, the Bank consented to the issuance of an ORDER TO CEASE AND DESIST ("ORDER") by the FDIC.
   The FDIC considered the matter and determined that it had reason to believe that the Bank had violated laws and regulations. The FDIC, therefore, accepted the CONSENT AGREEMENT and issued the following:

   IT IS HEREBY ORDERED, that the Bank, its institution-affiliated parties, as that term is defined in section 3(u) of the Act, 12 U.S.C. § 1813(u), and its successors and assigns, cease and desist from the violations of law and/or regulation set forth below:
   A. Violating those Bank Secrecy Act and Financial Recordkeeping regulations described on page 2 of the FDIC Report of Visitation of the Bank as of October 22, 1993 ("Report of Visitation");
   B. Operating with directors, officers and employees who lack adequate knowledge of or training in the Bank Secrecy Laws¹;
   C. Operating with deficient policies and internal routines and controls addressing compliance with the Bank Secrecy Laws; and
   D. Operating with a board of directors which has failed to provide adequate supervision over and direction to management of the Bank regarding implementation of and compliance with the Bank Secrecy Laws.
   IT IS FURTHER ORDERED, that the Bank, its institution-affiliated parties, and its successors and assigns, take affirmative action as follows:

   [.1] 1. Within 90 days from the effective date of this ORDER, the Bank shall eliminate and/or correct all violations of law or regulation described on page 2 of the Report of Visitation. In addition, the Bank shall implement procedures to ensure future compliance with the Bank Secrecy Laws.

[.2] 2. (a) Within 60 days from the effective date of this ORDER, the Bank shall have and thereafter retain a qualified Bank Secrecy Act officer ("Officer"). The Officer must be a senior bank official to be responsible for overall Bank Secrecy Act compliance. This Officer might be the compliance officer, chief auditor or another officer of similar status. The Officer shall be given stated written authority by the Bank's board of directors to implement and supervise the Bank's Bank Secrecy Act program, including but not limited to, providing training for the Bank's employees in the Bank Secrecy Laws, establishing internal controls and procedures reasonably designed to prevent violations of the Bank Secrecy Laws, and performing or supervising periodic internal audits to ascertain compliance with the Bank Secrecy Laws and/or the Bank's Bank Secrecy program. The Officer shall report directly to the Bank's board of directors. The Bank shall provide the Officer with training in the Bank Secrecy Laws and said training shall be reported to, and recorded in the minutes of a meeting of, the board of directors each calendar quarter.
   (b) The Bank shall promptly notify the Regional Director of the Chicago Regional Office of the FDIC ("Regional Director") of the identity of the Officer. If the Officer is to be added as a director of the Bank or employed as a senior executive officer, the Bank shall comply with the requirements of section 32 of the Act, 12 U.S.C. § 18311, and section 303.14 of the FDIC Rules and Regulations, 12 C.F.R. § 303.14, prior to the addition of the Officer to such position.
   (c) The assessment of whether the Bank has a qualified Officer shall be based upon the Officer's record of achieving compliance with the requirements of this ORDER and with the Bank Secrecy Laws.

   (a) At a minimum, a system of internal controls shall be designed to:

   (i) Identify reportable transactions in a timely manner in order to obtain all the information necessary to properly complete the required reporting forms;
   (ii) Ensure that all required reports

are accurately completed and properly filed;
   (iii) Ensure that customer exemptions are properly granted and recorded, including the maintenance of documentation sufficient in detail so as to substantiate exemptions granted;
   (iv) Provide for adequate supervision of employees who accept currency transactions, complete reports, grant exemptions or engage in any other activity covered by the Department of the Treasury's Regulation for Financial Recordkeeping and Reporting of Currency and Foreign Transactions ("Financial Recordkeeping Regulation"), 31 C.F.R. Part 103; and
   (v) Establish dual controls and provide for separation of duties.

   (b) The Bank shall adopt and implement a system of testing, internal or external, for compliance with the BSA and the Financial Recordkeeping Regulation, 31 C.F.R. Part 103, which includes, at a minimum:

   (i) A test of the Bank's internal procedures for monitoring compliance with the BSA, including interviews of employees who handle cash transactions and their supervisors;
   (ii) A sampling of large currency transactions followed by a review of currency transaction report filings;
   (iii) A test of the validity and reasonableness of the customer exemptions granted by the Bank;
   (iv) A test of the Bank's recordkeeping system for compliance with the BSA; and
   (v) Documentation of the scope of the testing procedures performed and the findings of the testing. Any apparent violations, exceptions or other problems noted during the testing procedures should be promptly reported to the board of directors.

   [.5] 5. Within 30 days from the effective date of this ORDER, the Bank shall establish a compliance committee comprised of at least three directors. The committee shall monitor compliance with this ORDER and within 60 days from the effective date of this ORDER, and on a monthly basis thereafter, shall submit to the board of directors for consideration at its monthly meeting a written report detailing the Bank's compliance with this ORDER. The monthly compliance report shall be incorporated into the minutes of the corresponding board of directors' meeting. Establishment of this committee does not in any way diminish the responsibility of the entire board of directors for ensuring compliance with the provisions of this ORDER.
   6. On the last day of the second month following the date of issuance of this ORDER, and every third month thereafter, the Bank shall furnish written progress reports, signed by each member of the Bank's board of directors, to the Regional Director detailing the form and manner of any actions taken to secure compliance with the ORDER. Such reports may be discontinued when the corrections required by this ORDER have been accomplished and the Regional Director has, in writing, released the Bank from making further reports.

   [.6] 7. Following the effective date of this ORDER, the Bank shall send to its shareholders or otherwise furnish a description of this ORDER: (1) in conjunction with the Bank's next shareholder communication; and (2) in conjunction with its notice or proxy statement preceding the Bank's next shareholder meeting. The description shall fully describe the ORDER in all material respects. The description and any accompanying communication, notice, or statement shall be sent to the FDIC Registration and Disclosure Section, Room F-640, 1776 F Street, N.W., Washington, D.C. 20429, for review at least twenty (20) days prior to dissemination to shareholders. Any changes requested to be made by the FDIC shall be made prior to dissemination of the description, communication, notice, or statement.
   The effective date of this ORDER shall be 10 days after its issuance by the FDIC.
   The provisions of this ORDER shall be binding upon the Bank, its institution- {{11-30-94 p.C-3756}} affiliated parties, and any successors and assigns thereof.
   The provisions of this ORDER shall remain effective and enforceable except to the extent that, and until such time as, any provisions of this ORDER shall have been modified, terminated, suspended, or set aside by the FDIC.
   Dated: August 30, 1994.
   Pursuant to delegated authority.