Free ACFCS CFCS Exam Questions

Question 1

During a risk assessment of its customer onboarding process, a financial institution identifies a lack of adequate procedures for verifying the beneficial ownership of corporate clients. What is the most appropriate action for the institution to take to address this deficiency?

A : Immediately suspend all new customer onboarding activities until the procedures are updated.

B : Implement enhanced monitoring for transactions involving corporate clients with unidentified beneficial owners.

C : Revise the customer onboarding procedures to incorporate requirements for verifying beneficial ownership.

D : Disregard the issue as long as corporate clients pass other due diligence checks.

Answer: C

Question 2

An internal auditor is conducting a quality assurance review of sales results and records for a large U.S. based aerospace and defense contracting firm The auditor has been tasked with reviewing the recordsofsales departments in several countries because the company has raised concerns over accounting discrepancies and possible issues with inflated sales figures. In the records of one sales department the auditor documents an unusually high number of returnsofairplane parts. These returns come from purchasers who executed sales contracts only to invoke right of return shortly afterwards. Upon reviewing thesesales contracts,the auditor cannot find specific provisions regarding right of return for purchasers. Given this information which is the MOST likely conclusion the internal auditor will make?

A : The sales department may be violating sanctions through the undocumented saleofdual-use goods to countriessubjectto U S sanctions

B : The sales department manager may be involved in an embezzlement scheme tied to the returned airplane parts

C : The sales department may be involved in a tax evasion scheme involving falsified returns to disguise undisclosed assets

D : The sales department may beinvolved in a fraudulent revenue recognition scheme related to hidden payment andrefundterms

Answer: D

Question 3

Your construction company wishes to hire Mr. X to provide consultancy services within his country. He has his own consulting firm and is also a board member of a state-owned bank Mr. X is known for having highlevel business connections and for charging exorbitant rales for his services Mr. X does not like to complete paperwork and prefers to work based on a verbal agreement. Which three facts are red flags requiring enhanced due diligence? Choose 3 answers

A : Mr. X may be considered to be a politically exposed person (PEP)

B : The price Mr. X charges is suspect if fees are not itemized and documented

C : As a board member of a stale-owned bank Mr. X may be considered a public official under the U.S. Foreign Corrupt Practices Act

D : The price Mr. X charges is suspect since he is in the business of helping companies obtain and retain business

Answer: A,B,C

Question 4

During a review of its compliance program, XYZ Bank discovers that it has processed transactions involving individuals and entities on the Office of Foreign Assets Control (OFAC) Specially Designated Nationals (SDN) list. What is the most appropriate action for XYZ Bank to take?

A : Immediately report the findings to OFAC and await further instructions.

B : Suspend all transactions until the individuals and entities are removed from the SDN list.

C : Implement enhanced due diligence procedures for transactions involving high-risk countries.

D : Conduct a retrospective review of transactions to assess the extent of potential violations.

Answer: A

Question 5

Recently your database of customer records was compromised and hundreds of thousands of customer's personal data was stolen Based on the feedback from your customers you have surmised that the following occurred. • Using the stolen customer information a personalized email was sent to all of the customers Irom the criminals with a significant amount of personal information in them to appear legitimate directing them to a fake website mimicking yours • That fake website captured logins and passwords from customers for later use • The criminals then used the logins and passwords to wire funds from those accounts to offshore accounts that they controlled Which type of attack is this?

A : Spear phishing

B : Key logging

C : Man-in-the-middle

D : Login capture

Answer: A