FDIC Law, Regulations, Related Acts
2000 - Rules and Regulations
PART 326MINIMUM SECURITY DEVICES AND PROCEDURES AND
BANK SECRECY ACT1
Subpart AMinimum Security Procedures
Subpart BProcedures for Monitoring Bank Secrecy Act
AUTHORITY: 12 U.S.C. 1813, 1815, 1817, 1818, 1819 (Tenth), 1881--1883; 31 U.S.C. 5311--5314 and 5316--5332.2.
SOURCE: The provisions of this Part 326 appear at 34 Fed. Reg. 618, January 16, 1969, and 56 Fed. Reg. 13581, April 3, 1991, except as otherwise noted.
Subpart AMinimum Security Procedures
§ 326.0 Authority, purpose, and scope.
(a) This part is issued by the Federal Deposit Insurance Corporation ("FDIC") pursuant to section 3 of the Bank Protection Act of 1968 (12 U.S.C. 1882). It applies to insured state banks that are not members of the Federal Reserve System. It requires each bank to adopt appropriate security procedures to discourage robberies, burglaries, and larcenies and to assist in identifying and apprehending persons who commit such acts.
(b) It is the responsibility of the bank's board of directors to comply with this part and ensure that a written security program for the bank's main office and branches is developed and implemented.
(Approved by the Office of Management and Budget under control number 3064--0095)
[Codified to 12 C.F.R. § 326.0]
§ 326.1 Definitions.
For the purposes of this part--
(a) The term insured nonmember bank means any bank, including a foreign bank having a branch the deposits of which are insured in accordance with the provisions of the Federal Deposit Insurance Act, which is not a member of the Federal Reserve System. The term does not include any institution chartered or licensed by the Comptroller of the Currency, any District bank, or any savings association.
(b) The term banking office includes any branch of an insured nonmember bank, and, in the case of an insured state nonmember bank, it includes the main office of that bank.
(c) The term branch for a bank chartered under the laws of any state of the United States includes any branch bank, branch office, branch agency, additional office, or any branch place of business located in any state or territory of the United States, District of Columbia, Puerto Rico, Guam, American Samoa, the Trust Territory of the Pacific Islands, the Northern Mariana Islands or the Virgin Islands at which deposits are received or checks paid or money lent. In the case of a foreign bank, as defined in § 347.202 of this chapter, the term branch has the same meaning given in § 347.202 of this chapter.
[Codified to 12 C.F.R. § 326.1]
[Section 326.1 amended at 36 Fed. Reg. 3112, February 18, 1971; 53 Fed. Reg. 17917, May 19, 1988; 56 Fed. Reg. 13581, April 3, 1991, effective May 3, 1991; 63 Fed. Reg. 17075, April 8, 1998, effective July 1, 1998]
§ 326.2 Designation of security officer.
Upon the issuance of federal deposit insurance, the board of directors of each insured nonmember bank2 shall designate a security officer who shall have the authority, subject to the approval of the board of directors, to develop, within a reasonable time, but no later than 180 days, and to administer a written security program for each banking office.
[Codified to 12 C.F.R. § 326.2]
§ 326.3 Security program.
(a) Contents of security program. The security program shall:
(1) Establish procedures for opening and closing for business and for the safekeeping of all currency, negotiable securities, and similar valuables at all times;
(2) Establish procedures that will assist in identifying persons committing crimes against the bank and that will preserve evidence that may aid in their identification and prosecution; such procedures may include, but are not limited to:
(i) Retaining a record of any robbery, burglary, or larceny committed against the bank;
(ii) Maintaining a camera that records activity in the banking office; and
(iii) Using identification devices, such as prerecorded serial-numbered bills, or chemical and electronic devices;
(3) Provide for initial and periodic training of officers and employees in their responsibilities under the security program and in proper employee conduct during and after a robbery, burglary or larceny; and
(4) Provide for selecting, testing, operating and maintaining appropriate security devices, as specified in paragraph (b) of this section.
(b) Security devices. Each insured nonmember bank shall have, at a minimum, the following security devices:
(1) A means of protecting cash or other liquid assets, such as a vault, safe, or other secure space;
(2) A lighting system for illuminating, during the hours of darkness, the area around the vault, if the vault is visible from outside the banking office;
(3) An alarm system or other appropriate device for promptly notifying the nearest responsible law enforcement officers of an attempted or perpetrated robbery or burglary;
(4) Tamper-resistant locks on exterior doors and exterior windows that may be opened; and
(5) Such other devices as the security officer determines to be appropriate, taking into consideration:
(i) The incidence of crimes against financial institutions in the area;
(ii) The amount of currency or other valuables exposed to robbery, burglary, and larceny;
(iii) The distance of the banking office from the nearest responsible law enforcement officers;
(iv) The cost of the security devices;
(v) Other security measures in effect at the banking office; and
[Codified to 12 C.F.R. § 326.3]
§ 326.4 Reports.
The security officer for each insured nonmember bank shall report at least annually to the bank's board of directors on the implementation, administration, and effectiveness of the security program.
[Codified to 12 C.F.R. § 326.4]
[Section 326.4 amended at 53 Fed. Reg. 17917, May 19, 1988; 56 Fed. Reg. 13582, April 3, 1991, effective May 3, 1991]
Subpart BProcedures for Monitoring Bank Security Act Compliance
§ 326.8 Bank Secrecy Act compliance.
(a) Purpose. This subpart is issued to assure that all insured nonmember banks as defined in 12 CFR 326.1 establish and maintain procedures reasonably designed to assure and monitor their compliance with the requirements of subchapter II of chapter 53 of title 31, United States Code, and the implementing regulations promulgated thereunder by the Department of Treasury at 31 CFR Chapter X.
(b) Compliance procedures--(1) Program requirement. Each bank shall develop and provide for the continued administration of a program reasonably designed to assure and monitor compliance with recordkeeping and reporting requirements set forth in subchapter II of chapter 53 of title 31, United States Code, and the implementing regulations issued by the Department of Treasury at 31 CFR Chapter X. The compliance program shall be written, approved by the bank's board of directors, and noted in the minutes.
(2) Customer identification program. Each bank is subject to the requirements of 31 U.S.C. 5318(l) and the implementing regulation jointly promulgated by the FDIC and the Department of the Treasury at 31 CFR 1020.220.
(c) Contents of compliance program.The compliance program shall, at a minimum:
(1) Provide for a system of internal controls to assure ongoing compliance;
(2) Provide for independent testing for compliance to be conducted by bank personnel or by an outside party;
(3) Designate an individual or individuals responsible for coordinating and monitoring day-to-day compliance; and
(4) Provide training for appropriate personnel.
( Approved by the Office of Management and Budget under control number 3064-0087)
[Codified to 12 C.F.R. § 326.8]
[Section 326.8 added at 52 Fed. Reg. 2860, January 27, 1987; 53 Fed. Reg. 17917, May 19, 1988; amended at 63 Fed. Reg. 17075, April 8, 1998, effective July 1, 1998; 68 Fed. Reg. 25112, May 9, 2003, effective June 9, 2003, compliance date October 1, 2003; 76 Fed. Reg. 14793, March 18, 2011; 77 Fed. Reg. 30371, May 23, 2012]
1 In its original form, subchapter II of chapter 53 of title 31, United States Code was part of Pub. L. 91--508 which requires recordkeeping for and reporting of currency transactions by banks and others and is commonly known as the Bank Secrecy Act. Go back to Text