With the Assure software, the FI has ongoing responsibilities to review information and verify details to ensure the FI stays in compliance with their Cannabis program.  The information below highlights recommended regular tasks, but this is by no means an exhaustive list of responsibilities for the FI.  Please refer to your FI policy for additional requirements.

TABLE OF CONTENTS

• On a Daily basis:
  • 1. Account Variances
  • 2. Cases
  • 3. Client Onboarding
• On a Weekly Basis:
  • Client List Page Reviews
• Prior to Month End 
• On a Monthly basis
  • Cases
  • Financial Health Cases
  • Based on FI policy guidelines
    • 1. Compliance Reviews: 
    • 2. Reporting

On a Daily basis:

1. Account Variances

On a daily basis, the FI will receive an email of the results of the file ingestion (from files of the prior day).  These emails need to be reviewed as soon as possible for any variances that need to be resolved. This ensures that Assure is matching core for data validation and to confirm that SAR transactions are reporting accurately.  The daily emails will only include that day's ingestion results.  

• If the variance is not resolved within two days, an Account Ledger Variance case will generate.  
• Other Account Variance cases include Transactions Missing cases (to indicate that the Acct Trxn file was not ingested for the day) or the Primary Entity Missing (when an account's primary owner is not in the Client Dem file). These are also critical for review and resolution.
• The "Account Variance" report within Assure displays all current variances that need to be resolved.

 This article reviews how to resolve variances.

2. Cases

Navigate to the Case List Page in Assure.  Cases are generated based on information from daily files, third party data sources, data required, etc. 

Default cases that are critical to review in a timely fashion include:

• Communication Cases that are in Ready for Review Status - these are cases that are coming back from your MRB client. These may contain questions or information you are waiting for. 
• Entity
  • Onboarding New Clients
    • Client without HH - Client is not assigned to a Household for more than 48 hours from adding a MRB Endorsement
    • Update License Number - An Organization (Client Type O) does not have a State License Number saved in Shield Assure. 
  • Change in Registration Data - Change in data provided by state licensing authority since prior period for Status of License
  • Entity Name Mismatch - If the Entity (Client) name in Assure does not match 3rd party validation sources for the name associated with the state business license.
  • Negative News - If suspected negative news or adverse media is detected about an Entity or Individual 
• Licensing
  • Endorsement Expiration Notification (FI) - Indicates that a license is about to expire, and follow up with a customer for renewal status may be necessary
  • API Key Error Cases - Generate to indicate an invalid API key
  • Status Change - Change in license status from prior reporting period for either state business license or MRB endorsement
  • Unreported License - A license that is not currently associated with the entity in Assure has been found, based on legal name or DBA. The FI must determine if license should be added for monitoring (and if trace sales should be gathered) or is a false positive.
  • Violation - Report of known violations for MRB Endorsement
• SAR Cases (if enabled)
• Vendor Management Approval (if enabled)
• Accounting Upload Cases / Sales Reconciliation cases (may be monthly or quarterly) - review cases in Ready for Review status to verify data is present from upload or attestation.

FI Configurable cases may include:

• Account Activity cases - cases generated on thresholds set by the FI.  Configuration of cases is visible in Reporting: Case Configuration List.
• Due Diligence Cases - cases that may generate to the FI or Client for regular monitoring.  Available and configured Due Diligence cases may be seen in Reporting: Continuous Due Diligence Global Template.

Filter cases as desired by type or responsibility and toggle on the Split View for ease of review.

• Work cases with “Needs Review” status first. These are cases that the MRB client has responded to requests or sent you a question.
• Review the Case Description and case content.
  • If information pertains to customer and additional information is needed, contact customer by updating the case queue to "Client" and adding a Client Visible comment.
  • If the case/transaction is suspicious and may need to be included in the next SAR, click the "Edit" icon in the Report Activity container, check the “Include with Financial Review for Period” box, and add information for the SAR narrative including the incident date and details.
• If Account Activity cases are generated:
  • Determine if transactions would benefit from reclassification (i.e., large capital infusion or inter-company transfers)
  • Determine if any transactions should be assigned to a different accounting period (i.e., a large deposit made on the first of the month may apply to the prior month’s legal sales activity).
  • These can be done during case review or during review of the monthly financial health case

• Once cases are reviewed and triaged, add a comment to the case and disposition the case.

3. Client Onboarding

• Follow the Key takeaways from Unit 2 Guide to make sure all client detail is accurately recorded and tracked in Assure.  

• Schedule Client Onboarding call for Client Portal.  
  • Prior to scheduling make sure client understands their expectations with having an account with FI (accounting upload, trace sales integration, etc.) and that they will receive an email to access the Client Portal.
  • Verify their accounting package
  • Have client invite user that will be doing accounting upload and the trace sales admin user.
  • Day prior to meeting:
    • Create user in Assure. 
      • Primary contact or owner of the business should be created as the Admin User.  The Admin user(s) can create additional users.
      • Associate user with the proper cannabis entities. 
  • Day of meeting:
    • Verify cases were created for the Client (and assigned to the Client queue). 
      • If the API key case and/or the Accounting Upload – Initial case was not generated, create the case manually.
  • Meeting:
    • Begin meeting by reminding them that certain compliance tasks are required for cannabis banking at FI. 
    • Ask the Client to share their screen and log into the system. 
      • Once in the system, walk them through:
        • How to create Client Users
        • General case layout
        • Entering their API key from Metrc (reminder – have the Metrc admin or business owner on call).
        • Or - how to add Biotrack 

On a Weekly Basis:

Client List Page Reviews

1. Review Client Organization records to see all organizations that do not have a cannabis license (Tier I, Tier II, Tier III, Other).   Verify for accuracy.  

Note: Tier II, Tier III or Other licenses are not required, unless the entity will have SARs filed on Tiers, the FI desires to conduct Compliance reviews on the Tiers or FI would like cases for transactional activity on the Tiers.

• Access the Client List page and complete the following steps to filter:
  • Quick filter to “Organizations” in the drop down to the right.
  • Use the hamburger menu in the MRB column to view the filters.
  • Filter the non- MRBs by selecting "Blanks". This will display a list of all organizations without a cannabis license (Tier I, Tier II, Tier III). 
• To see the most recent organizations added, click on the “Client Since Date” header to sort in ascending/descending order.
  
  

2. Review the Client List page to make sure that all entities and individuals are included in a Household, either as a subject or as a related party.  Tier I Clients without a HH case will generate as a reminder to create/add.

• Access the Client List page and complete the following steps to filter:
  • Use the hamburger menu in the Household column to view the filters.
  • Filter the Household by selecting "Blanks". This will display a list the entities and persons not included in a Household.
  • Either create or add the entity as a subject to the Household, or add the entity/individual as a related party in the Tiered profile.

Prior to Month End 

Notify Shield of any entities, individuals or accounts that need to be deactivated in Assure.  However, before deactivation be sure SAR has been filed as needed to capture the removal of a signer, closure of account, close of relationship.  

Once  entities, individuals or accounts are deactivated, they will not be included in SAR. 

On a Monthly basis

At the end of each month, several activities occur to evaluate the compliance of the customer.

Cases

Monthly Account Activity cases may generate for review if FI has enabled.  

• Monthly Account Activity cases generate on the first day of the new month with a default 10 day due date.
• Review the content in the case
• Make any comments in the Activity Container.
• If any transactions need additional detail, choose transaction and make a task for the client to respond.
• Attach any documentation as needed.
• Once reviewed, close the case.

Financial Health Cases

Financial health cases are generated when the client activity falls outside of established parameters. 

• Review the data from the case, reach out to customer for clarification if needed and disposition the case.
  • Determine if transactions would benefit from reclassification (i.e., large capital infusion or inter-company transfers)
  • Determine if any transactions should be assigned to a different accounting period (i.e., a large deposit made on the first of the month may apply to the prior month’s legal sales activity).
  • Recalculate case if necessary.
• Reach out to customer for clarification if needed or make a transaction into a task for client to respond
  
• Add any comments for justification
• Close the case.
• If any information changes after closure, such as accounting adjustments or trace sale returns the case will reopen for review.

Based on FI policy guidelines

1. Compliance Reviews: 

A periodic compliance review may be generated within the Household or directly from the Compliance Review DD Item.  Users may create compliance reviews for different periods (entire month or multiple months of activity), on-demand, at any time.

• Review related parties.
• Review cases generated for the period
• Review aggregate activity for the relationship for the period. 
• Edit and confirm the system-generated compliance narrative

2. Reporting

There are a variety of reports within Assure that the FI can review on demand to assist with compliance. Reports recommended for review on a regular basis may include:

• Accounts Never Funded - provides a list of accounts that have been opened by the FI but not funded May identify a red flag within relationship.
• Account Variances - If a variance is not resolved within two days of ingestion a case will be generated for the FI; however, this report will display all current variances.
• API Key Status - Any keys that are invalid will have an API Key Error Case generated to the Client. But great report to show integration across all MRB Clients.
• Case Configuration List - Outlines the set up of Active cases for the FI and Client.  Report may be used to understand current configuration if adjustments need to be made. 
• Compliance Review List - provides a list of all created Compliance reviews by date and user.  Great for examiner requests to display you Know Your Customer.
• Global ACH Originators - Allows the FI to see all ACH Candidates to mark for approval or prohibition. Assists with ACH Originator Unknown case.  ACH ID within the Transaction file or the ACH ID manually entered on Vendors is required.
• Global Vendors - Allows the FI to see all vendors and current status determined by the FI.
• Licenses Expired and Expiring - Allows the FI to see the licenses status for all Tier I.  Cases will generate for Endorsement Expiration Notification xx days before expiration for the FI and MRB if configured.
• Portfolio Summary Household Details - Provides a summary of portfolio performance for clients for a selected monthly period. Great for Board reporting.
• Portfolio Summary Period Details - Provides a summary of total activity for all MRB Relationships for each monthly period. Great for Board reporting.
• SAR History - provides a list of all SAR in Assure for the FI. Great for examiner requests.
• Site Visit Due Details - Provides a list of all Due Diligence Site Visits assigned to clients.  Assists to help monitor any upcoming site visits required.  Site Visit DD item must be enabled, configured and assigned to clients.