top of page

Privacy Policy

AML/BSA Policy  

Mortgage Token is committed to combating money laundering and actively preventing money laundering and any activity that facilitates money laundering or the funding of terrorist or criminal activities by complying with all applicable requirements under the Bank Secrecy Act (BSA) and its implementing regulations. 


Money laundering is generally defined as engaging in acts designed to conceal or disguise the true origin of criminally derived proceeds so that the unlawful proceeds appear to have derived from legitimate origins or constitute legitimate assets. 


Terrorist financing may not involve the proceeds of criminal conduct, but rather an attempt to conceal the origin or intended use of the funds, which will later be used for criminal purposes.



  • Bank Secrecy Act (BSA) – A U.S. legislation aimed at preventing criminals from using financial institutions to hide or launder money. 

  • Anti-Money Laundering (AML) – The process of preventing the movement of funds to disguise identity source and destination of criminal proceeds. 

  • Financial Crimes Enforcement Network (“FinCEN”) – A Bureau of the United States Treasury Department charged with implementing and enforcing AML and SAR rules. 

  • Suspicious Activity Report (“SAR”) – A report to be filed electronically with FinCEN when a company detects suspicious activity. 

  • Customer Identification Program (CIP) –  Process of set of processes used by banks and fintechs to ensure that their customers/borrowers are who they claim to be.


Compliance Officer 

Mortgage Token Compliance Officer is responsible for the company's Anti-Money Laundering (AML) and Bank Secrecy Act (BSA) Policy and Procedures.  The duties of the Compliance Officer will include: 

  •  New hires will receive AML/BSA training at the start date. 

  • All team members will receive annual AML/BSA training. 

  • AML/BSA Audit is performed, at minimum, on an annual basis by an independent outside party. 

  • Evaluate all audit results and implement corrective action, if applicable. 

  • Completion of SAR, when required. 

  • Ensure all required records are kept. 

AML/BSA Audit and Independent Testing 

 Compliance Officer will ensure that the annual AML/BSA audit conducted by the 

independent party reviews, at minimum, the following: 

  • Full review of the company’s AML/BSA compliance program manual. 

  • Testing of the company’s AML/BSA Policy and Procedures. 

  • Customer Identification Procedure (CIP) review. 

  • Transactional testing and evaluation. 

  • OFAC checks. 

  • FinCEN related filings review. 

  • Evaluation of AML/BSA employee training. 

  • Evaluation of automated monitoring systems and management information system 

  •  Review of past audit reports to assess the efficacy of recommended 

  • implemented changes 

Monitoring Suspicious Activity 

The Compliance Officer will regularly monitor the required percentage of transactions, based on individual state and federal requirements, to identify any trends of unusual size, volume, type of transactions, geographic factors such as whether jurisdictions as “non-cooperative” are involved, or any “red flags” are identified. 


Compliance Officer to provide all audit results to Senior Management for review. When required, management will collectively develop a corrective action plan, and implement any required changes to policy, procedures and train team members of any changes.  


Circumstances for Filing a SAR 

Whether a SAR investigation is prompted by notification from front team member, as a result of another internal monitoring method, or through an external source, such as an audit, media, etc. our SAR decision-making process will start with the minimum filing requirements, which include: 

  • Insider abuse involving any amount. 

  • Violations aggregating $5,000 or more where a suspect can be identified. 

  • Violations aggregating $25,000 or more regardless of a potential suspect. 

  • Any transaction conducted or attempted by, at or through the financial institution and aggregating $5,000.00 or more that: 

                 o May involve potential money laundering or other illegal activity. 

                 o Is designed to evade the BSA or its implementing regulations. 

                 o Has no business or apparent lawful purpose or is not expected 

                    activity for the consumer, and after examining the available facts, 

                    including the background and possible purpose of the transaction, 

                    the institution knows no reasonable explanation for the transaction. 


Filing a Suspicious Activity Report 

Among the information we will use to determine whether to file a SAR are exception reports that include transaction size, location, type, number, and nature of the activity. When warranted, the Compliance Officer will ensure Suspicious Activity Reports (SARs) are filed electronically with the Financial Crimes Enforcement Network (FinCEN)or the company's designated self-regulatory agency. Mortgage Token will obtain a FinCEN filing ID at: 


We will electronically file a SAR for any activity where we know, suspect, or have reason to suspect. The report will be filed electronically through the FinCEN BSA EFilingSystem. 

We will not base our decision on whether to file a SAR solely on whether the transaction falls above a set threshold. We will file a SAR and notify law enforcement of all transactions that raise an identifiable suspicion of criminal, terrorist, or corrupt activities. In high-risk situations, we will notify the appropriate government agency immediately. 


If a SAR is filed, we will collect and maintain supporting documentation as required by the BSA regulations. We will file a SAR no later than 30 calendar days after the date of the initial detection of the facts that constitute a basis for filing a SAR. If no suspect is identified on the date of initial detection, we may delay filing the SAR for an additional 30 calendar days pending identification of a suspect, but in no case, will the reporting be delayed more than 60 calendar days after the date of initial detection. All supporting documentation used in making the decision to file a SAR Report will be retained for a minimum of five (5) years. 


Sharing of Information/Confidentiality 

Suspect Notification 

Notifying a suspect of a SAR is prohibited by Federal Law. Under no circumstances shall any officer, team member or appointed agent disclose or discuss an AML/BSA concern, investigation, notice or SAR filing with the person or persons subject of such, or any other person, including members of the officer’s, team members, or appointed agent’s family. All staff are made aware that a reported transaction is confidential and investigation results will not be disclosed or discussed with anyone now or at any time in the future. 


Other Requests 

Mortgage Token directors, officers, and team members, if subpoenaed or otherwise requested to disclose a SAR or any information that would reveal the existence of a SAR will decline to produce the SAR or any information relating to the subject SAR. If such a request is made, Mortgage Token. will notify FinCEN of any such request. Mortgage Token will segregate SAR filings and copies. of supporting documentation from other company books and records to avoid disclosing SAR filings. Our AML Compliance Officer will handle all subpoenas or other requests for SARs.  


SAR Filing 

As part of our AML/BSA program, Mortgage Token. will create and maintain SARs, and other relevant documentation for a minimum of five (5) years. 


Customer Identification Program (CIP)

The term is used to refer to the bank/fintech regulations and anti-money laundering regulations which govern these activities. This is also commonly known as Know Your Customer (KYC). Know your customer processes are also employed by companies for the purpose of ensuring their proposed customers, agents, consultants, or distributors are anti-bribery compliant.


Mortgage Token will collect certain minimum customer identification information from each customer; utilize risk-based measures to verify the identity of each customer; record customer identification information and the verification methods and results; provide notice to customers that we will seek identification information and compare customer identification information with government-provided lists of suspected terrorists (OFAC).


Required Customer Information 

It is the policy of Mortgage Token to verify the identity of every customer at the time of application and prior to opening the account. Mortgage Token shall adopt procedures for verifying the identity of its customers that are sufficient to enable Mortgage Token to form a reasonable belief that we know the true identity of the customer. The procedures shall be based on the risk presented by the various products and services that Mortgage Token offers, the nature of the customer whose identity is being verified and the business relationship with Mortgage Token that the customer is seeking. The following information will be collected from the consumer prior to opening the account. Mortgage Token may collect additional information as it deems necessary to aid in account administration (e.g., phone number, mailing address, etc.): 

1. Name 

2. Date of Birth 

3. Residence and Business Street Address (individuals only). For individuals not 

having a physical address, an Army Post Office (APO) box, or Fleet Post Office 

(FPO) boxes may be used. However, these instances will be rare. 

4. Taxpayer Identification Number. For US individuals, this shall include a Social 

Security Number (SSN) or Individual Taxpayer Identification Number (ITIN). For 

Non-US individuals, this shall include one or more of a taxpayer identification 

number, passport number and issuing country, alien identification card number, 

or number and issuing country of any government issued identification, which 

evidence of residence or nationality and bears a photo or similar safeguard. 

Existing customers will not be exempt from these rules.


Information Verification 

Verification of the information provided by the customer will be conducted prior to opening the account. Additional CIP/KYC process will be completed via Plaid.


Instances may arise where Mortgage Token is not satisfied after reviewing an acceptable document that we know the true identity of the customer. At the discretion of the AML/BSA Compliance Officer and the company Senior Management, Mortgage Token may choose not to open the account or employ non documentary methods for further verification as to the customer’s identity. 


If discrepancies are noted between the information provided by the customer and the verification methods (documentary or non-documentary), Mortgage Token will resolve all substantial discrepancies prior to opening the account. If at any time Mortgage Token suspects fraud, identity theft or terrorism, money laundering or any other suspicious activity, Mortgage Token will notify the proper government authorities or if deemed necessary, a Suspicious Activity Report (SAR) will be filed. Mortgage Token may at any point in collection or verification processes refuse to open the account. 


Customers Who Refuse to Provide Information 

If a potential or existing customer either refuses to provide the information described above when requested, or appears to have intentionally provided misleading information, Mortgage Token will not establish an account relationship until the required information about the individual is obtained or additional due diligence satisfied. In either case, our AML/BSA Compliance Officer will be notified so that we can determine whether the situation is reportable to FinCEN.  


Office of Foreign Assets Control (OFAC) Lists 

The Office of Foreign Assets Control (OFAC) of the Department of the Treasury administers and oversees a series of laws that impose economic sanctions against hostile targets to further U.S. foreign policy and national security objectives. At the time an account is opened, Mortgage Token will check to ensure that no customer appears on the Treasury's OFAC “Specifically Designated Nationals and Blocked Persons” List, SDN List, and is not from, or engaging in transactions with people or entities from embargoed countries and regions listed on the OFAC website. Because the OFAC website is updated frequently, we will consult the list on a regular basis and subscribe to receive updates when they occur. We may, if necessary, access these lists through various software programs or service providers to ensure speed and accuracy. We will also review existing accounts against these lists when they are updated, and we will document our review.  In the event that we determine a customer, or someone with or for whom the customer is transacting, is on the SDN List or is engaging in transactions with a person or entity located in an embargoed country or region, we will perform additional due diligence to determine an actual or false positive match to the name on the OFAC list. If the name is determined to be a true match, appropriate actions will be taken to block (or reject) the transaction and file the appropriate report with OFAC. We may also call the OFAC Hotline at 1-800-540-6322. 



CIP/KYC Documentation Retention

Identifying information collected from the customer (name, address, taxpayer identification number, date of birth) will be maintained for five (5) years after the account is closed. Verification information will be maintained for five (5) years after the record is created. This will be achieved by maintaining copies of all documents used in the verification process, which will at a minimum contain the identification number, the state of the country of issuance, the date of issue (if available) and the expiration date of the document. In addition, documentation of any non-documentary methods used to verify identity and a description of how any discrepancies were resolved will be maintained. This information will be maintained electronically and bear the customer’s name. All documentation will be reviewed for accuracy and completeness. 


Any records related to customers listed on OFAC will be retained for a minimum of five (5) years. 

bottom of page