Worked Practice Questions — Think Like an Examiner *(OUTLINE + BULLET BODY)*

A quick but important note before we start. Every question in this lecture is **100% original** — written by me, from scratch, to teach exam-style reasoning. These are **not** real exam questions, they are **not** leaked or reproduced from any question bank, and this course is an **independent study aid, not affiliated with or endorsed by ACAMS**. Each item is built only from **public regulatory sources** — the BSA, FinCEN, FATF, OFAC — and I'll name the source as we go. The point isn't to memorize these six items; it's to hear how an examiner reasons, so you can run that loop yourself. Let's think like an examiner.

- "These are **original**, illustrative questions written to **exam style** to teach reasoning. They are **not** real CAMS® exam questions and are **not** reproduced from any exam. This course is **independent** and **not endorsed by ACAMS**. Sources are **public** — I'll cite each one."

**Stem:** Over a single afternoon, an individual visits four different branches of the same bank and deposits $4,000 in cash at each, totaling $16,000 across the four deposits. No single transaction exceeds $10,000. Which money-laundering typology does this **most likely** illustrate? **Options:** - A. Trade-based money laundering - B. Structuring (smurfing) - C. Use of a funnel account - D. Layering through a shell company

**Correct answer: B — Structuring (smurfing).** - **Why B is right:** Splitting cash into amounts deliberately kept **under the $10,000 CTR threshold**, across branches in one day, to avoid a Currency Transaction Report is the textbook definition of **structuring** under **31 USC 5324**. Note that the bank's same-day **aggregation** (31 CFR 1010.313) should still total $16,000 and trigger a CTR — and the evasion attempt is itself a SAR-worthy crime. - **Why A is wrong:** TBML moves value through **mis-invoiced trade** in goods/services — there's no trade transaction here, just cash deposits. - **Why C is wrong:** A **funnel account** involves deposits in **one geographic area** withdrawn in **another**, often across many parties — this scenario is one person making sub-threshold deposits, the hallmark of structuring, not a funnel. - **Why D is wrong:** No shell company or layering vehicle appears; the facts describe **placement-stage** cash deposits, not layering through a corporate entity. - **Examiner takeaway:** the discriminator is "**deliberately under $10,000, multiple branches, same day**" → structuring.

**Stem:** Under the USA PATRIOT Act, which provision **prohibits** U.S. financial institutions from establishing, maintaining, or managing correspondent accounts for **foreign shell banks** that have no physical presence anywhere? **Options:** - A. Section 311 - B. Section 312 - C. Section 313 - D. Section 314(b)

**Correct answer: C — Section 313.** - **Why C is right:** **USA PATRIOT Act §313** specifically **bars correspondent accounts for foreign shell banks** (banks with no physical presence and not affiliated with a regulated bank). "No shell banks" = §313. - **Why A is wrong:** **§311** authorizes the Treasury/FinCEN to impose **special measures** against jurisdictions, institutions, or transactions of **primary money-laundering concern** — a different tool. - **Why B is wrong:** **§312** requires **enhanced due diligence** for **foreign correspondent** and **private-banking** accounts — it governs *how* you handle such accounts, it doesn't *prohibit* shell-bank accounts. - **Why D is wrong:** **§314(b)** is the **voluntary FI-to-FI information-sharing** provision with a safe harbor — unrelated to shell banks. - **Examiner takeaway:** cue word "**shell bank**" maps to **§313**; don't confuse it with §312's EDD duty.

**Stem:** A transaction-monitoring alert flags a long-standing customer for a pattern of rapid pass-through wires inconsistent with their stated business. An analyst reviews it and believes the activity is suspicious. What is the **BEST FIRST** action? **Options:** - A. Immediately close the customer's account to limit risk - B. Call the customer to ask them to explain the wire activity - C. Conduct and document an investigation, then escalate per policy for a SAR filing decision - D. File a SAR within 30 days and take no further internal steps

**Correct answer: C — Investigate and document, then escalate for the SAR decision.** - **Why C is right:** The proper sequence is **alert → investigate/enrich → document → escalate → decide whether to file**. You build and document the case **before** filing or de-risking. This reflects FFIEC/FinCEN expectations for alert disposition and the SAR decision process. - **Why A is wrong:** **Closing the account first** is premature de-risking — it can **tip off** the subject and destroy the investigation; the exit decision (if any) comes **after** investigation and SAR filing. - **Why B is wrong:** Calling the customer to "explain" risks **tipping off** the subject about scrutiny — prohibited in spirit by the **tipping-off** rule (31 CFR 1020.320(e)). You don't fish for explanations that alert the target. - **Why D is wrong:** Filing may well follow, but "**take no further internal steps**" is wrong — you must **document**, retain records (5 years), and continue monitoring; also you don't skip the **investigation/escalation** that justifies the filing. - **Examiner takeaway:** "FIRST" tests sequence — **investigate and document before you file or close**, and never tip off.

**Stem:** A U.S. bank identifies suspicious activity and **can identify** a suspect involved. Under FinCEN's SAR rules, by when must the SAR generally be filed? **Options:** - A. Within 15 calendar days of initial detection - B. Within 30 calendar days of initial detection of facts that may constitute a basis for filing - C. Within 60 calendar days, in all cases - D. Within 90 calendar days of the transaction date

**Correct answer: B — within 30 calendar days of initial detection.** - **Why B is right:** Under the BSA SAR rules (e.g., **31 CFR 1020.320**), a SAR must be filed **within 30 calendar days** of **initial detection** of facts that may constitute a basis for filing. If **no suspect can be identified**, the institution may take an **additional 30 days** (up to **60 total**) to identify a suspect — but the question states a suspect **can** be identified, so the deadline is **30 days**. - **Why A is wrong:** **15 days** is the **CTR** filing deadline (31 CFR 1010.311), not the SAR deadline — a classic number-swap trap. - **Why C is wrong:** **60 days applies only** when **no suspect** is identified; "**in all cases**" makes this option wrong here, since a suspect is identified. - **Why D is wrong:** **90 days** is not a SAR deadline, and the clock runs from **detection**, not the transaction date. - **Examiner takeaway:** **30 days** with a suspect; **up to 60** only when **no suspect** identified; **15 days** is the CTR, not the SAR.

**Stem:** Under **FATF Recommendation 16** as applied to virtual assets (the "crypto Travel Rule"), which information must an **ordering VASP** obtain and transmit to the **beneficiary VASP** when sending a qualifying virtual-asset transfer? **Options:** - A. Only the transaction hash and the amount transferred - B. Required **originator and beneficiary** information (e.g., names and wallet/account identifiers) - C. The originator's private keys, so the beneficiary VASP can verify control - D. Nothing — virtual-asset transfers are exempt from the Travel Rule

**Correct answer: B — required originator and beneficiary information.** - **Why B is right:** **FATF Recommendation 16**, extended to VA transfers in 2019, requires the ordering VASP to **obtain, hold, and transmit required originator and beneficiary information** (such as names and wallet/account identifiers) to the beneficiary VASP — mirroring the wire-transfer Travel Rule. - **Why A is wrong:** A **transaction hash and amount** are publicly visible on-chain anyway; the rule's purpose is to transmit **identity** information, not just the on-chain data. - **Why C is wrong:** **Private keys are never shared** — disclosing them would hand over control of the funds. This is a deliberately wrong "trap" option. - **Why D is wrong:** VA transfers are **not exempt**; FATF specifically applied Recommendation 16 to virtual assets (above the ~USD/EUR **1,000** de minimis). - **Examiner takeaway:** the Travel Rule moves **originator/beneficiary identity** between **VASPs** — not keys, and it is **not** waived for crypto.

**Stem:** A compliance team has just filed a SAR on a customer. Which **TWO** of the following are **required or appropriate** under U.S. BSA rules? **(Select 2.)** **Options:** - A. Notify the customer that a SAR was filed so they can correct the activity - B. Maintain the SAR and its supporting documentation for **five years** and keep them confidential - C. Continue to monitor the customer's account for further suspicious activity - D. Automatically close the account immediately upon filing - E. Send a copy of the filed SAR to the customer's other banks under 314(a)

**Correct answers: B and C.** - **Why B is right:** The BSA requires **5-year retention** of the SAR and supporting documentation (31 CFR 1020.320 / 1010.430), and SARs are **strictly confidential** — they must be kept and **not disclosed**. - **Why C is right:** Filing a SAR does **not** end the relationship's risk — institutions are expected to **continue monitoring**, and **continuing-activity SARs** may be required for ongoing suspicious behavior. - **Why A is wrong:** Notifying the customer is **tipping off** — **prohibited** under **31 CFR 1020.320(e)**. - **Why D is wrong:** **Automatic immediate closure** isn't required and can be a **tipping-off / premature de-risking** problem; exit is a **risk-based business decision**, often made *after* filing and sometimes deferred (e.g., a law-enforcement keep-open request). - **Why E is wrong:** You **cannot send a SAR to other banks**; **314(a)** is a **government-initiated search** request, and **314(b)** sharing has limits and **never** means circulating the filed SAR itself. - **Examiner takeaway:** on multi-select, test each option independently — **B and C** are independently true; A, D, and E each violate a confidentiality or sequencing rule.

Six questions, one repeating loop. Did you hear it each time? Read the qualifier — BEST, FIRST, the number to select — predict the shape of the answer, eliminate the options that are clearly wrong, and the wrong ones kept giving themselves away: anything that **tips off** the customer, **closes the account before investigating**, **swaps the CTR's fifteen days for the SAR's thirty**, or hands over **private keys**. Those are recurring traps, and now you can spot them. Remember, these were original teaching items built from public sources — the real exam will phrase things its own way, but the *reasoning* transfers directly. Next, we put a bow on preparation with the exam-day playbook: pacing, flagging, breaks, managing anxiety, and a high-yield final-review checklist for the 24 hours before you sit.