Determine through discussion with compliance and audit personnel their knowledge with regard to laws and regulations addressing insider activities. Review:

• Scope of the compliance or audit review program.

• Compliance or audit review findings.

Determine whether management ensures personnel are aware of regulatory requirements regarding insider activities.

• Has the bank notified each of its executive officers and directors of the reporting requirements of 12 CFR 31.2(a) and 215.22(e)?

• Has the bank established an ongoing program to educate and raise the awareness of all bank employees regarding its insider policies?

• Has the bank established a confidential process by which personnel may bring potential conflicts of interest or improper situations to the attention of management and the board?

• Has management provided training to personnel regarding regulatory and bank-established policy requirements, including training for regulatory and policy changes/updates, at least annually?

• Do the bank’s written insider policies require affected personnel to acknowledge reading the policy, including updates, and abiding by their terms?