Workflow Templates for Financial Services: Daily Operations Checklist

Transaction Monitoring

Review overnight transaction exception report

Pull the overnight exceptions report from Verafin / NICE Actimize / Featurespace. Focus on velocity alerts, structuring patterns near the $10K CTR threshold, and ACH returns. Clear false positives with a documented rationale; escalate true hits to the BSA officer.

Confirm overnight fraud detection batch ran

Verify the fraud monitoring batch (debit card, wire, ACH) completed without errors in the core (Jack Henry, Fiserv, Symitar). A failed or partial batch means the prior day's activity has not been screened — escalate to IT before opening branches.

Re-run failed fraud batch and notify BSA officer

Coordinate with IT to re-run the batch and document the gap window. Notify the BSA officer in writing — exam findings cite uncovered review windows, even when re-run later that day.

Review CTR-eligible transactions over $10,000

Confirm each currency transaction over $10,000 has a CTR queued for FinCEN filing within 15 days. Aggregate same-day same-customer cash activity per the BSA aggregation rule — split deposits across branches are the most common miss.

Run OFAC SDN screen on new wires and ACH

Use Refinitiv World-Check or LexisNexis Bridger to screen all originators and beneficiaries on outbound and inbound wires. Document the clear/match decision and reviewer initials. Hits go to the BSA officer immediately — do not release the wire.

Account Reconciliation

Reconcile Fed and correspondent bank balances

Pull the Fed master account and correspondent statements (FHLB, upstream bank). Tie to the GL cash position. Wire cutoff misses are the usual culprit when the difference is a clean dollar amount.

Investigate and resolve reconciliation breaks

Trace each break to source: stale ACH return, late-posted wire, NSF reversal, or teller cash drawer variance. Items unresolved beyond 24 hours go on the aged reconciling items log for the controller.

Approve GL adjusting entries from prior day

Operations officer reviews each adjusting entry against supporting documentation. Dual control is required — the preparer cannot self-approve. Reject any entry without a clear narrative tying back to the source transaction.

Reconcile suspense and DDA settlement accounts

Suspense accounts should clear daily. Items aged over 5 business days are an audit finding waiting to happen — examiners pull suspense aging on every safety-and-soundness exam.

Archive daily reconciliation packet

Member Service and Support

Triage overnight member inquiries in the queue

Sort by SLA: card disputes (Reg E timing — 10 business days for provisional credit), wire instruction questions, and lost card calls go first. Move general inquiries to the standard queue.

Verbal callback on any wire instruction change

Any emailed request to change wire instructions — even from a known member — requires a verbal callback to the phone number on file (not the number in the email). BEC fraud loss is the single largest operational risk; the policy is non-negotiable.

Log Reg E disputes and start provisional credit clock

Each EFT dispute under Reg E starts a 10-business-day investigation clock (20 for new accounts). If unresolved, provisional credit is required. Late provisional credit is a CFPB exam finding.

Review consumer complaint log for CFPB-reportable items

Flag any complaint touching fair lending, UDAAP, debt collection, or fee disclosure for compliance review. CFPB complaint portal items have a 15-day response deadline.

BSA, AML, and Compliance

Review SAR queue for new suspicious activity

BSA officer reviews items flagged by Verafin / Actimize. Confirm whether to open a case, continue monitoring, or close as no-action. Document the decision rationale — examiners read these.

Draft SAR narrative and start 30-day filing clock

SAR is due to FinCEN within 30 calendar days of initial detection of suspicion. Use the standard narrative template — who, what, when, where, why, how. Weak narratives generate MRAs at the next exam even when the filing was timely.

Process 314(a) FinCEN information requests

314(a) lists must be searched within 14 days of receipt. Search across deposits, loans, and safe deposit. Document negative results — examiners verify the search occurred even when there were no matches.

Confirm new accounts cleared CIP and CDD

For entity accounts opened yesterday, verify beneficial owner identity for any 25%+ owner per the CDD rule. Missing beneficial owner certifications are the most common BSA exam citation in the past three exam cycles.

Core Systems and Security

Verify overnight core batch and backup completed

Confirm the core (Jack Henry SilverLake / Fiserv DNA / Symitar / Corelation) end-of-day batch closed cleanly and encrypted backups replicated to the offsite / cloud target. A failed backup means yesterday is not recoverable.

Review SIEM alerts for anomalous logins

Pull privileged-user logins, after-hours admin sessions, and impossible-travel alerts. Common gotcha: an MSP technician logging in from an unexpected geo without prior change ticket — confirm legitimacy before clearing.

Confirm critical patches applied per FFIEC schedule

Check the patch dashboard against the FFIEC IT exam expectation: critical patches within 30 days, others per the documented standard. Aged criticals on member-facing systems are an immediate finding.

Test branch-to-core connectivity before opening

Each branch validates teller workstation connectivity to the core, ATM/ITM status, and check capture device. Issues identified before lobby open are an inconvenience; issues found at 9:01 are a member-facing outage.

Sign off on the daily operations packet