US Bank Secrecy Act & AML Framework

US federal anti-money laundering regime requiring financial institutions to detect and report illicit finance.

Enacted in 1970, the Bank Secrecy Act remains the cornerstone of US anti-money laundering regulation, establishing the framework through which financial institutions assist federal agencies in detecting and preventing money laundering, terrorist financing, and other financial crimes. Administered by the Financial Crimes Enforcement Network (FinCEN) within the US Treasury Department, the BSA has been significantly strengthened over the decades by amendments including the USA PATRIOT Act (2001) and the Anti-Money Laundering Act of 2020, which modernised the framework for the digital age.

The BSA applies to a wide range of financial institutions, including banks, credit unions, broker-dealers, money services businesses (MSBs), casinos, insurance companies, mutual funds, and dealers in precious metals and gems. FinCEN's regulations also extend to certain non-financial businesses, and the Corporate Transparency Act (CTA), enacted in 2021 and with beneficial ownership reporting requirements taking effect from 2024, brought millions of small businesses into the reporting framework by requiring them to disclose their beneficial owners to FinCEN.

Core compliance obligations under the BSA require financial institutions to establish and maintain effective AML programs that include internal policies and procedures, a designated compliance officer, ongoing employee training, and independent testing. Institutions must file Currency Transaction Reports (CTRs) for cash transactions exceeding 10,000 dollars, Suspicious Activity Reports (SARs) when they detect transactions indicative of potential illegal activity, and various other reports related to foreign bank accounts and international transportation of currency. Customer due diligence (CDD) requirements, finalised in 2016 and enhanced under the CTA, mandate that financial institutions identify and verify the identity of their customers and their beneficial owners, understand the nature of customer relationships, and conduct ongoing monitoring for suspicious activity.

Enforcement of BSA/AML obligations is vigorous and consequential. FinCEN, along with federal banking regulators and law enforcement agencies, can impose civil monetary penalties ranging from thousands to hundreds of millions of dollars for compliance failures. Criminal penalties, including imprisonment, apply to wilful violations. Several major US and international banks have paid multi-billion-dollar penalties in recent years for systemic AML failings, making BSA/AML compliance a board-level priority for financial institutions.

The US BSA/AML framework operates in parallel with the EU Anti-Money Laundering Directive (AMLD), and companies operating across both jurisdictions must manage compliance with both regimes, which share similar principles but differ in specific requirements, reporting thresholds, and enforcement mechanisms. For financial institutions and other covered entities, BSA compliance requires substantial ongoing investment in compliance infrastructure, transaction monitoring technology, and personnel training to meet evolving regulatory expectations.

Select your company type for tailored compliance guidance.