Unclaimed property compliance is a universal obligation for businesses operating in the United States, but it is not a uniform one. The specific exposure profile, the complexity of the regulatory requirements, and the audit risk landscape vary significantly by industry, and financial institutions sit near the top of that risk spectrum.
Banks, credit unions, and brokerage firms hold more types of potentially reportable property than almost any other category of holder. The accounts they manage, from checking and savings to certificates of deposit, retirement accounts, brokerage holdings, and official checks, each carry their own dormancy rules, due diligence requirements, and state-specific reporting obligations. The volume of customer relationships compounds the challenge: a regional bank or credit union may have hundreds of thousands of individual accounts, each of which needs to be assessed against dormancy standards on an ongoing basis.
This complexity is not simply an administrative inconvenience. Unclaimed property non-compliance at financial institutions has produced some of the largest audit assessments in the history of the field. States prioritize financial institution audits because they understand the volume of reportable property that accumulates in dormant accounts, and the penalties and interest that accrue on unreported property can reach well into the millions for institutions that have allowed gaps in their compliance programs to persist.
This guide provides a practical reference for compliance officers, operations teams, and senior leadership at financial institutions navigating unclaimed property obligations: what the law requires, where the complexity concentrates, what an audit looks like in practice, and how to build a compliance program that is sustainable rather than reactive.
Why Financial Institutions Face Unique Unclaimed Property Exposure
Every business that holds financial assets on behalf of others is a holder under unclaimed property law, and therefore subject to reporting obligations when those assets go unclaimed. But financial institutions face a combination of factors that make their unclaimed property exposure distinctly more complex and higher-risk than that of most other holder categories.
Volume and Diversity of Property Types
Most businesses generate unclaimed property from a relatively narrow set of sources: uncashed payroll checks, outstanding vendor payments, unredeemed gift cards, credit balances. Financial institutions generate unclaimed property across a much wider spectrum. Checking accounts, savings accounts, certificates of deposit, money market accounts, individual retirement accounts, brokerage accounts, safe deposit box contents, cashier’s checks, money orders, official checks, traveler’s checks, and dividend payments are all potential sources of reportable property, each governed by its own dormancy period and due diligence requirements.
Managing this diversity requires a compliance infrastructure that most businesses simply do not need. Financial institutions cannot manage unclaimed property as a simple annual task; they need ongoing processes embedded across multiple departments and account systems.
Customer Relationship Complexity
Financial institutions maintain customer relationships over long periods, and those relationships change in ways that affect unclaimed property status. Customers move, change contact information, pass away, or simply reduce their engagement with an account without closing it. The institution’s obligation is to track these changes, identify accounts that meet dormancy criteria, attempt to locate and contact owners, and ultimately report and remit property that cannot be reunited with its owner.
This obligation applies regardless of the account balance. A dormant savings account with a $12 balance creates the same reporting obligation as one with $120,000. The administrative burden of managing small-balance accounts is a consistent pain point for financial institutions managing high account volumes.
The Regulatory Relationship
Financial institutions operate under federal and state banking regulation in addition to unclaimed property law, and the interaction between these regulatory frameworks creates additional complexity. State unclaimed property administrators understand that banks and credit unions have detailed, auditable records of account activity, which makes them high-value audit targets. The same recordkeeping infrastructure that makes financial institutions better at regulatory compliance in general also makes them easier to audit for unclaimed property purposes.
States know that financial institutions have the records. Audits of banks and credit unions are conducted with that knowledge, and the assessment methodology reflects the expectation that gaps in compliance are discoverable rather than estimable.
The Multi-State Dimension
Financial institutions serving customers across multiple states report unclaimed property to multiple state administrators under different rules. The institution’s home state is not the only relevant jurisdiction; the owner’s last known address determines which state receives the remittance for most property types. A bank with customers in 30 states has 30 sets of reporting deadlines, dormancy periods, and due diligence requirements to track.
Dormancy Periods by Account Type, The Financial Institution Reference Guide
Dormancy periods for financial institution account types vary by state, but the following guide reflects the most common standards across US jurisdictions. Institutions must confirm the specific periods applicable in each state where they report.
| Property Type | Typical Dormancy Period | Key Compliance Notes |
|---|---|---|
| Checking / Savings Accounts | 3-5 years | Varies by state; last activity triggers the clock |
| Certificates of Deposit | 3-5 years after maturity | Auto-renewal can complicate dormancy start date |
| IRAs | 3 years after required distribution | Federal RMD rules interact with state dormancy |
| Brokerage / Investment Accounts | 3-5 years | Security liquidation rules vary by state |
| Safe Deposit Boxes | 3-5 years after lease expiration | Drilling and inventory requirements differ by state |
| Cashier’s Checks / Money Orders | 3-7 years | Issuer is the holder; owner state often unknown |
1. Checking and Savings Accounts
The dormancy period for checking and savings accounts is three years in most states, with some states extending to five years. The dormancy clock typically begins with the last owner-initiated activity on the account: a deposit, withdrawal, transfer, or written communication from the customer acknowledging the account. Electronic statements that the customer has not opted into may or may not qualify as activity, depending on the state. Interest credits and fee debits posted by the institution do not constitute owner activity.
The distinction between customer-initiated activity and institution-initiated activity is one of the most consequential interpretive questions in bank unclaimed property compliance. States have taken different positions on what qualifies, and audit assessors will examine this question closely when reviewing a financial institution’s dormancy methodology.
2. Certificates of Deposit
CDs present a specific complexity: the dormancy period typically begins at maturity, not at original issuance. For a five-year CD that renews automatically at maturity for additional terms, the dormancy clock may not start until the CD is finally not renewed and no owner activity occurs in the subsequent dormancy period. Institutions that handle large volumes of auto-renewing CDs need a clear process for tracking maturity dates and monitoring post-maturity activity to correctly identify when dormancy begins.
Some states specify that the dormancy period for CDs begins when the CD matures or when the owner first has the right to demand payment, whichever is later. The interaction between auto-renewal terms and dormancy triggers requires careful analysis at the account level.
3. Individual Retirement Accounts (IRAs)
IRAs present the most complex dormancy analysis of any standard financial institution account type. The interaction between federal required minimum distribution (RMD) rules and state dormancy law creates a framework that requires careful interpretation. Generally, the dormancy clock for an IRA begins at the later of the owner’s required beginning date for distributions (typically age 73 under current federal rules) or the point at which the institution loses contact with the owner.
State regulators have taken increasingly aggressive positions on IRA dormancy in recent years, and institutions that have treated IRAs as effectively exempt from unclaimed property reporting due to the complexity of the RMD interaction have found themselves with significant audit exposure. The correct position is not that IRAs are exempt, but that their dormancy analysis requires additional steps that many institutions have not built into their compliance processes.
Beneficiary designation files for deceased account owners also require attention. An IRA where the owner has passed and no distribution to a named beneficiary has occurred may be reportable depending on state law and the institution’s ability to locate the beneficiary.
4. Brokerage and Investment Accounts
Brokerage account dormancy is governed by three to five year periods depending on the state, with the dormancy clock beginning on the date of last owner-initiated activity. The specific challenge for brokerage accounts is the handling of securities: most states require the institution to liquidate dormant securities prior to remittance, converting them to cash for escheatment to the state. The timing and methodology of liquidation, and the handling of securities for which a liquid market may not exist, requires careful attention.
Dividend and interest payments that go uncashed are separately reportable as unclaimed property on their own dormancy timeline, independent of the underlying account’s dormancy status. Institutions managing dividend reinvestment programs need to separately track uncashed dividend payments that do not get reinvested.
5. Safe Deposit Boxes
Safe deposit boxes are reportable as unclaimed property when the rental agreement lapses and the institution cannot contact the renter after due diligence efforts. The process for escheating safe deposit box contents is more complex than for financial accounts because the property is physical rather than monetary: the institution must drill the box, inventory the contents, and either remit the contents directly to the state or sell them and remit the proceeds.
State law governs the drilling and inventory process, and requirements differ substantially in how they must be documented, who may be present, and what notices must be given before and after drilling. Institutions that do not follow the required process precisely create legal exposure even if they ultimately remit the correct property.
6. Cashier’s Checks, Money Orders, and Official Checks
Official instruments, including cashier’s checks, money orders, certified checks, and traveler’s checks, have dormancy periods ranging from three to seven years depending on the state. A critical compliance complexity with these instruments is the owner state determination: because these instruments are often purchased by one person on behalf of another, the institution may not have the payee’s address on file. State law provides specific rules for how to determine the reporting state when the owner’s address is unknown, typically defaulting to the issuer’s state of incorporation or the state where the instrument was issued.
The volume of outstanding official checks at financial institutions with substantial teller operations can be significant, and the under-reporting of these instruments has been a consistent audit finding across the financial institution sector.
Due Diligence Requirements for Financial Institutions
Before property can be remitted to the state, virtually every US jurisdiction requires holders to attempt to contact the owner and provide an opportunity to reclaim the property. This pre-escheatment due diligence requirement is not optional, and the failure to perform it correctly, or at all, is one of the most common compliance gaps identified in financial institution audits.
The Standard Requirement
Most states require holders to send written notice to the owner’s last known address at a specified time before the reporting deadline, typically 60 to 180 days prior. The notice must meet state-specific content requirements, including a description of the property, the amount or value, and instructions for how the owner can reclaim it. Some states also require the holder to publish notice in a newspaper of general circulation as a secondary due diligence step, though this requirement has become less common as electronic alternatives have developed.
For financial institutions, due diligence at scale requires automated processes. Manually generating and tracking due diligence letters for hundreds of thousands of potentially dormant accounts is not operationally feasible, and the failure to send required notices on time is a compliance failure regardless of the administrative burden involved.
The Email and Electronic Notice Question
The evolution of customer communication preferences has created a due diligence question that financial institutions are actively navigating: do electronic notices, whether email or in-account messaging, satisfy state due diligence requirements designed with paper mail in mind? The answer varies by state, and in many jurisdictions it is not definitively resolved. Some states have updated their statutes or guidance to explicitly permit electronic notice; others require first-class mail as the standard, with electronic notice as an optional supplement.
Institutions that have transitioned heavily to paperless communications and are relying on email-only due diligence should confirm that each state where they report accepts electronic notice as satisfying the statutory requirement, or they risk a compliance finding even if the underlying outreach was genuine.
Returned Mail and Skip Tracing
Due diligence notices returned as undeliverable do not excuse the holder from the obligation to attempt owner location. Most states require or expect that institutions will attempt to locate owners through additional means when the address on file is invalid. This skip tracing obligation, which may include searches of public records, credit bureau data, or other owner location resources, is a compliance requirement that institutions frequently do not have formalized processes for.
Dunbar Group’s owner location and dormant account reactivation service addresses this directly, providing systematic skip tracing to identify updated contact information for dormant account holders before the property reaches the reporting threshold. Successful owner location before escheatment is the best possible compliance outcome: the property goes back to its rightful owner, the institution avoids remittance, and the customer relationship is preserved.
Multi-State Reporting Complexity for Financial Institutions
Financial institution unclaimed property compliance is almost never a single-state matter. Even community banks and credit unions with a concentrated geographic footprint may have customers who have moved to other states, creating reporting obligations to those states under the owner-address-first rule that governs most property types.
The Priority Rules
The United States Supreme Court’s decision in Delaware v. New York (1993) established the two-priority rules that govern which state receives unclaimed property remittances when multiple states could claim jurisdiction. Under the first priority rule, property is remitted to the state of the owner’s last known address. If the owner’s address is unknown or falls outside any US state, the second priority rule applies, and the property goes to the holder’s state of incorporation.
For financial institutions, these rules have practical implications that affect how dormant account records are maintained. The institution must have accurate address records for dormant accounts, and it must have a clear methodology for applying the second priority rule when address information is missing or invalid. Institutions that default to remitting all dormant property to their home state without addressing the first priority rule systematically are mis-reporting and creating audit exposure.
State-by-State Differences That Matter Most
Among the many ways in which state unclaimed property laws differ, the following are the most consequential for financial institutions managing multi-state compliance programs:
- Dormancy periods: Three to five years is the common range for deposit accounts, but institutions must confirm the exact period for each state where they report rather than applying a single standard.
- Due diligence notice timing and content: States specify when notices must be sent relative to the reporting deadline, and the required content varies. A notice that satisfies California’s requirements may not satisfy New York’s.
- Reporting deadlines: Annual reporting deadlines are not uniform. Most states require reports by October or November, but the specific dates differ and some states require mid-year reports for certain property types.
- IRA dormancy treatment: State positions on when IRA dormancy begins, and whether distributions to the state can be made before the federal RMD date, vary and are actively evolving.
- Security liquidation requirements: States differ in whether they require pre-escheatment liquidation of securities, and in the timing and methodology of any required liquidation.
Managing this variation across 50 states and US territories, while maintaining accurate records that can withstand audit scrutiny, is the core challenge of financial institution unclaimed property compliance. Dunbar Group’s reporting service assigns each client a point of contact with at least ten years of unclaimed property experience, providing the institutional knowledge to navigate state-specific requirements accurately.
The Financial Institution Audit Landscape, What to Expect and How to Prepare
The volume and frequency of unclaimed property audits directed at financial institutions has increased substantially over the past decade. States have become more sophisticated in their targeting of audit candidates, more aggressive in their estimation methodologies, and more willing to assert large assessments based on extrapolated liability rather than documented gaps.
How Financial Institution Audits Are Initiated
Unclaimed property audits of financial institutions are typically initiated by third-party audit firms retained by states on a contingency-fee basis. These firms, which are paid as a percentage of the amounts they recover, have strong financial incentives to identify and assess unreported property. They conduct initial screening of public data, compare it against reported amounts, and bring candidate institutions to the states’ attention. Institutions that have not reported in years, that appear to have under-reported relative to their size, or that have triggered compliance correspondence they did not adequately respond to are likely audit candidates.
Dunbar’s consulting team includes four individuals with prior experience working for state unclaimed property offices, who understand the audit targeting methodology from the inside and can help clients assess their audit risk profile before a state letter arrives.
What the Audit Examination Covers
A financial institution unclaimed property audit is comprehensive. Auditors typically request records going back seven to ten years, including account activity data for all dormant or potentially dormant accounts, records of due diligence efforts, documentation of prior reports filed, and any internal policies and procedures governing the unclaimed property process. The examination will cover all property types held by the institution, not only the types that the institution has historically reported.
A common and costly audit finding is the identification of property types that the institution was not aware it held reportable amounts of. Official checks and cashier’s checks are the most frequently cited example: institutions that have not been tracking outstanding official instruments for escheatment purposes can face large assessments on the accumulated value of those instruments.
Estimation and Assessment Methodology
When records are incomplete or unavailable, auditors use estimation techniques to project unclaimed property liability. For financial institutions, estimation typically involves analyzing the ratio of reported unclaimed property to total account volumes, applying that ratio to periods for which records are unavailable, and assessing the resulting figure as unclaimed property owed.
Estimation assessments can significantly overstate actual liability, and challenging them requires both the legal expertise to engage with the audit process effectively and the technical expertise to present alternative calculations that are better supported by the available evidence. This is precisely the scenario in which having experienced counsel engaged at the outset of an audit, rather than after a preliminary assessment has been issued, makes a significant difference in the outcome.
Voluntary Disclosure Agreements as an Alternative
For financial institutions that have identified gaps in their historical compliance and are not yet under audit, Voluntary Disclosure Agreements (VDAs) offered by most states provide a structured alternative to audit. VDAs typically allow holders to come into compliance with limited lookback periods, waiver of interest and penalties, and a negotiated process for remediating historical gaps. Institutions that identify compliance issues and act proactively through a VDA are in a meaningfully better position than those who wait for an audit to surface the same issues.
Dunbar Group’s consulting and advisory services include VDA support: evaluating whether a VDA is the appropriate strategy for a specific institution, determining which states to approach, and managing the VDA process from submission through approval.
Building a Financial Institution Unclaimed Property Compliance Program
An effective financial institution unclaimed property compliance program is not a once-a-year reporting exercise. It is an ongoing operational function with defined ownership, documented processes, supporting technology, and a regular cadence of self-assessment. The institutions that avoid large audit assessments are generally those that have built compliance into their operations rather than bolting it on at reporting time.
1. Policy and Procedure Documentation
The foundation of a defensible compliance program is written policy and procedure documentation that specifies, for each property type the institution holds, how dormancy is determined, when due diligence notices are sent, how skip tracing is conducted for undeliverable notices, and when and how property is prepared for remittance. These documents should be reviewed and updated annually to reflect changes in state law and institutional operations.
During an audit, the absence of documented policies and procedures is itself a finding. It suggests to the auditor that the compliance program lacks governance and that the institution’s actual practices may be inconsistent or undocumented. Dunbar Group’s OPTIMIZE platform, a custom process review tool designed specifically for financial institution clients, evaluates existing policies and procedures against a Capability Maturity framework and identifies specific gaps to address.
2. Technology Infrastructure
Managing dormancy identification, due diligence tracking, and report preparation manually across high account volumes is not feasible and is not a defensible compliance approach. Financial institutions need technology solutions that can flag accounts approaching dormancy thresholds, generate and track due diligence notices, integrate with core banking systems to capture account activity data accurately, and produce state-formatted reports for each jurisdiction where the institution reports.
The integration between unclaimed property compliance systems and core banking platforms is frequently the most technically demanding element of building a compliance infrastructure, and it is one of the most common sources of compliance gaps when it is not handled correctly. Accounts that exist in the core system but are not captured by the unclaimed property system create invisible exposure.
3. Cross-Functional Ownership
Unclaimed property touches multiple departments in a financial institution: deposit operations, investment services, trust and estate, retail banking, check operations, and information technology all have roles in identifying, processing, and reporting unclaimed property. Compliance programs that sit entirely within a single department, without clear accountability from the functions that generate the property, tend to have systematic gaps in the property types or account categories they cover.
Effective programs designate a compliance owner with cross-functional authority, establish clear data flows between departments, and include unclaimed property obligations in the training and performance expectations of staff in property-generating roles.
4. Regular Self-Assessment
Annual reporting is not the same as annual compliance assessment. Institutions that report every year but do not periodically examine the quality and completeness of their reporting may be building up compliance gaps that they will not discover until an audit surfaces them. A regular self-assessment process, ideally conducted annually against the documented policies and procedures, identifies drift between what the policy says and what is actually happening in operations.
For institutions that have not conducted a self-assessment recently, or that have undergone significant operational changes (mergers, system migrations, product launches), a formal compliance gap analysis is the appropriate starting point. Dunbar’s consulting and advisory services are specifically designed to support this kind of assessment, evaluating current state against best practices and developing a prioritized remediation plan.
5. Proactive Owner Location
The best unclaimed property outcome for a financial institution is reuniting the owner with their property before it reaches the reporting threshold. Proactive owner location, through systematic skip tracing of accounts with invalid contact information before they become reportable, reduces escheatment, preserves customer relationships, and demonstrates to regulators that the institution is taking its due diligence obligations seriously.
Dunbar Group describes this as an art rather than a mechanical process, one that requires genuine outreach rather than electronic searches and impersonal communications. The owner location and dormant account reactivation service focuses on re-engaging customers with dormant accounts in a way that produces actual results, not just documentation that an attempt was made.
Corporate Asset Recovery for Financial Institutions, Reclaiming What Was Remitted
Financial institutions report unclaimed property to states, but they are also the holders of unclaimed property generated by other businesses. Banks and credit unions receive proceeds from other companies that have esheated to states, have unclaimed dividends from equity holdings, hold credits from vendor relationships, and may have other financial assets sitting in state custody that belong to the institution itself.
Many financial institutions are not actively managing the recovery of assets that have been remitted to states by other holders and that belong to them as the rightful owner. The amounts involved can be meaningful, particularly for larger institutions with extensive vendor and counterparty relationships.
Dunbar Group’s corporate asset recovery service addresses this directly. As the firm’s service page notes, companies reporting unclaimed property can also be the owners of unclaimed accounts held by other companies. Dunbar conducts systematic searches of state unclaimed property databases, identifies assets belonging to the client institution, and manages the recovery process from claim preparation through payment. This service frequently operates on a contingency basis, meaning the institution pays only from amounts actually recovered.
For financial institution compliance officers focused on outbound reporting obligations, the inbound asset recovery opportunity is frequently overlooked. It represents a direct financial benefit that offsets some of the cost of compliance investment, and it is worth assessing as part of any comprehensive unclaimed property program review.
Conclusion
Unclaimed property compliance for financial institutions is not a compliance function that can be managed adequately with minimal investment and periodic attention. The volume and diversity of property types, the multi-state reporting complexity, the intensity of the audit environment, and the magnitude of the potential assessments all argue for treating this as a genuine institutional priority with appropriate resources, technology, and expertise behind it.
The good news is that the institutions that invest in building sound compliance programs are in a fundamentally different risk position than those that manage the function reactively. A well-documented, technology-supported, regularly assessed compliance program does not eliminate audit risk entirely, but it dramatically reduces the likelihood of a large assessment and creates a much stronger platform for defending against one if it occurs.
Financial services unclaimed property reporting is not static. State laws evolve, audit methodologies change, and the IRA and electronic notice questions that are currently in flux will eventually be resolved, likely in ways that create new compliance obligations. Institutions that have built the capacity to respond to these changes, rather than discovering them during an audit, are better positioned for the long term.