Examination of Money Transmitters
The examination focuses on compliance with applicable state and federal laws and regulations and areas deemed likely to affect the safety and soundness of the licensee.
The Department of Financial Services assigns licensed money transmitters a FILMS rating based on an assessment of financial condition, internal controls and auditing, legal and regulatory compliance, management, and systems and technology. The ratings range from “1” (Strong) to “5” (Unsatisfactory).
Licensees with a FILMS rating of "4" (Marginal) or “5” (Unsatisfactory) or severe violations/deficiencies may be subject to regulatory actions such as monetary fines, and license suspension and revocation.
Details on the evaluation of the FILMS components are as follows:
Financial Condition: This evaluation considers balance sheet composition including the level of permissible investments or assets to cover outstanding payment instruments; the level and quality of capital to absorb losses or to support growth; the quantity and quality of earnings including trends and stability; prospects and plans for growth, as well as past experience in managing growth; and access to other sources of capital including support provided by an affiliate or parent company.
Internal Controls and Auditing: Internal controls and auditing are evaluated based upon the effectiveness of accounting, financial, operation, and systems controls, inclusive of agent oversight. The assessment considers the extent of adherence to established policies and procedures; the independence, frequency, scope, and adequacy of the internal and external audit functions (including risk assessment) relative to the size and risk profile of the licensee; the severity of internal control and audit exceptions; the extent to which internal control and audit exceptions are tracked and resolved in a timely manner; the adequacy of management information reports; and whether the system of controls is reviewed to keep pace with changes in the licensee’s business plan.
Legal and Regulatory Compliance: This evaluation is based upon the level of adherence to applicable state and federal laws and regulations including any supervisory follow-up actions; the effectiveness of the written compliance program including policies and procedures; the ability to submit regulatory reports in a timely and accurate manner; and management’s ability to identify and correct compliance issues in a timely manner.
Management: The rating is based upon, but not limited to the following: the overall performance of the licensee; the capability of the governing board and management in their respective roles to identify, measure and monitor the risks of a licensee’s activities; management depth and succession; and responsiveness to recommendations from auditors and supervisory authorities.
Systems and Technology: The evaluation is based upon assessments of the following four critical components: IT Audit – evaluates the quality of the entire IT auditing process (including risk assessment), internal and external in terms of management and the external auditor’s ability to effectively identify, monitor and test internal controls over information systems; Management – evaluates the extent to which management effectively monitors and controls the risks inherent in information systems, including, but not limited to, resources employed and disaster recovery/business continuity planning and testing; Development and Acquisitions – addresses the adequacy of the licensee’s systems development methodology and related risk management practices for the acquisition and development of IT; Support and Delivery – measures the licensee’s ability to provide reliable and secure quality information systems services effectively and efficiently in-house and through service providers.