Compliance Documentation Gap Report

Prepared for FFIEC BSA/AML Examination Manual | April 02, 2026 | Generated by FinCompliance

7/100
Compliance Documentation Score
6
Errors (must fix)
11
Warnings (should fix)
0
Suggestions

Detailed Findings

[ERROR] DocumentMetadata: Missing required metadata: 'Effective Date'. All compliance documents must include an effective date.
[ERROR] DocumentMetadata: Missing required metadata: 'Last Reviewed'. Examiners check that policies are reviewed regularly.
[ERROR] DocumentMetadata: Missing required metadata: 'Next Review Date'. Demonstrates commitment to ongoing review.
[ERROR] DocumentMetadata: Missing required metadata: 'Version'. Version control is required for audit trail.
[ERROR] DocumentStructure: Document missing top-level heading (# Title).
[WARNING] DocumentStructure: Document has no section headings. Compliance documents need clear section organization.
[ERROR] BSA_FivePillars: BSA/AML policy is missing required pillar: 'Training'. (FFIEC BSA/AML Manual, Core Overview)
[WARNING] BSA_SARRequirements: SAR section may be missing: 'SAR filing threshold'. (31 CFR 1020.320)
[WARNING] BSA_SARRequirements: SAR section may be missing: 'SAR filing deadline'. (31 CFR 1020.320)
[WARNING] BSA_SARRequirements: SAR section may be missing: 'SAR confidentiality'. (31 CFR 1020.320)
[WARNING] BSA_SARRequirements: SAR section may be missing: 'SAR retention'. (31 CFR 1020.320)
[WARNING] BSA_CIPRequirements: CIP section may be missing: 'Identity verification methods'. (31 CFR 1020.220)
[WARNING] BSA_CIPRequirements: CIP section may be missing: 'Required customer information'. (31 CFR 1020.220)
[WARNING] BSA_CIPRequirements: CIP section may be missing: 'Government list screening'. (31 CFR 1020.220)
[WARNING] BSA_CIPRequirements: CIP section may be missing: 'Customer notice'. (31 CFR 1020.220)
[WARNING] WeakCommitmentLanguage: Weak commitment language: 'should consider'. Consider 'shall' or 'must' for mandatory requirements.
[WARNING] ProhibitedTerms: Use 'when [specific trigger condition]' instead of 'if necessary' for regulatory precision.

What These Findings Mean

Each error represents a gap that NCUA or OCC examiners are likely to cite as a finding during your next examination. Errors include missing required policy elements, prohibited language suggesting incomplete compliance, and structural issues that prevent examiner review.

Warnings are issues that weaken your documentation but may not result in a formal finding. These include vague language, unspecified timeframes, and unassigned responsibilities that make policies harder to enforce and audit.

Recommended Next Steps

  1. Address all errors before your next examination cycle
  2. Review warnings with your compliance officer or committee
  3. Consider a full documentation suite review across all compliance policies

Want a full compliance documentation audit?

FinCompliance checks your entire policy suite against BSA/AML, SOX, PCI-DSS, GLBA, and NCUA requirements. Get a complete gap analysis with specific remediation steps.

Contact: bipinrimal314@gmail.com | github.com/BipinRimal314/comply

This report was generated by FinCompliance v0.1.0 — the first open-source compliance documentation linter for financial institutions. The analysis covers document structure, regulatory language, required elements, and policy completeness. It is not a substitute for legal or compliance advice.

Report generated: 2026-04-02 13:25:11 UTC