Previous Page page 56 of 74 Next Page


Chapter 2
postal operations


3. Bank Secrecy Act Compliance

In order to combat money laundering and terrorism, Congress enacted a series of laws from 1970 through 2001 that required financial service businesses and banks to detect, deter, track, and report certain cash transactions to the United States Department of the Treasury. This legislation and amendments thereto, which have become known as the Bank Secrecy Act (BSA), further mandated that these institutions monitor and ensure their employees' compliance with the BSA law. The Postal Service, which sells money orders and provides international funds transfers, is specifically named in the BSA and must meet all of the requirements of the law as a money service business. The Postal Service launched its automated reporting system in 1997 and enhanced the system to include electronic reporting in 2001. In 2003 compliance efforts were further enhanced by implementing a back-office analysis system. This system supplements the Postal Service's point-of-sale efforts and is able to detect potentially suspicious activity that is not discernible at the point-of-sale due to the sophistication of some criminal activities. In 2004 the Postal Service provided further training of all sales and services associates to ensure compliance with the Act's reporting requirements.

The BSA Compliance Office reduces risk for the organization by ensuring that the Postal Service complies with all requirements of the BSA and is tasked with ensuring the security of data gathered through the compliance system. The Postal Service understands that gathering information from members of the public is a sensitive issue and that information must be safeguarded. To ensure that the proper balance is maintained between compliance and the public's right to privacy, the BSA compliance officer works closely with the chief privacy officer.

4. Internal Controls

The Internal Control Group (ICG) established in 2003 acts to assure compliance with Postal Service policies and processes to confirm integrity in reporting results critical to transition to and success of a more performance-based culture.

The ICG operates as an internal consultant for enterprise risk management assisting management in proactively improving processes. Internal Control analysts partner with management enterprise-wide to identify through analysis, risk assessment, and review, those internal controls that are unreliable, ineffective, or inefficient. ICG and management determine the root causes for identified deficiencies and make recommendations for improvement, providing a reasonable assurance that desired business objectives are attained.

The ICG is founded in the Transformation Plan and in the financial systems reforms proposed by the Committee of Sponsoring Organizations of the Treadway Commission and later embodied in the Sarbanes-Oxley Act (SOX) of 2002. The Government Accountability Office (GAO) has advocated a strengthening of Postal Service internal controls. In conjunction with the Controller's function, ICG is the program management office for voluntary compliance with those portions of Section 404 of SOX that relate to documentation and testing of controls over financial reporting.

All evaluations conducted by the ICG are to be data-based and results reported quarterly. Nearly 500 ICG field members are trained in the requirements of SOX and in methods for evaluating Risk and Control. In 2004, the Headquarters, ICG staffing was completed and consists of the manager, Internal Control Support (ICS) and a small staff of analysts.

In April 2004, Finance restructured its Financial Reporting and Control functions to better align with Transformation strategies and the transition to a more performance-based culture and, to better comply with new statutory and regulatory requirements for greater financial transparency. This new alignment pairs the ICG with Corporate Audit and Response Management (CARM). The manager, ICG, a direct report to the Chief Financial Officer, provides leadership to the CARM and ICS managers.

CARM was formed in 2002 to act as the liaison in the coordination of corporate-wide responses to all audits and inquiries of operations, policies and procedures by the Inspector General of the Postal Service and by the GAO. The CARM manager has a small staff of analysts that is supplemented by coordinators Headquarters and the field. CARM's association with the ICG will provide the group with even greater awareness of risk management and heighten its ability to provide quality response to its public auditors.