BSA/AML Compliance Hub

Understand the foundations of the Bank Secrecy Act and anti-money laundering compliance for financial institutions.

Table of Contents

What is BSA AML?

Under the Bank Secrecy Act (BSA) and related anti-money laundering (AML) requirements, financial institutions have a responsibility to monitor, identify, and report on suspicious activities that may indicate financial fraud, money laundering, or the financing of terrorism.

BSA/AML Laws and Regulations

According to the Federal Deposit Insurance Corporation (FDIC), BSA/AML encompasses "a series of laws and regulations enacted in the United States to combat money laundering and the financing of terrorism. The BSA provides a foundation to promote financial transparency and deter and detect those who seek to misuse the U.S. financial system to launder criminal proceeds, finance terrorist acts, or move funds for other illicit purposes. The BSA requires each bank to establish a BSA/AML compliance program. By statute, individuals, banks, and other financial institutions are subject to the BSA recordkeeping requirements."‚ÄČ1

BSA/AML regulations require institutions to combat financial crime through:

  • Establishing effective BSA compliance programs
  • Establishing effective customer due diligence systems and monitoring programs
  • Screening against Office of Foreign Assets Control (OFAC) and other government lists
  • Establishing an effective suspicious activity monitoring and reporting process
  • Developing risk-based anti-money laundering programs‚ÄČ2
  1. FDIC, Banker Resource Center, Bank Secrecy Act / Anti-Money Laundering (BSA/AML)
  2. OCC, Bank Secrecy Act (BSA)

What are the five pillars of BSA/AML compliance?

Complying with anti-money laundering requirements under the Bank Secrecy Act requires effective governance, risk, and compliance processes. Federal banking regulators require U.S. financial institutions to have a risk-based BSA/AML compliance program, and examiners "evaluate the adequacy of a bank‚Äôs BSA/AML compliance program relative to its risk profile" and "review risk management practices to evaluate and assess whether a bank has developed and implemented effective processes to identify, measure, monitor, and control risks."‚ÄČ1

BSA/AML Compliance Program Components

Banks and credit unions can strengthen their compliance posture by taking steps to build on the five core elements of an effective program:‚ÄČ2

  1. A system of internal controls to ensure ongoing compliance
  2. Independent testing of BSA/AML compliance
  3. The designation of an individual responsible for day-to-day compliance
  4. Training for appropriate personnel
  5. Risk-based procedures for conducting ongoing customer due diligence
  1. Federal Reserve, Joint Statement on Risk-Focused Bank Secrecy Act/Anti-Money Laundering Supervision
  2. NCUA, "FinCEN Adds Fifth BSA Compliance ‚ÄėPillar‚Äô"

Learn more about supporting AML compliance:

What are the top BSA/AML compliance issues to watch?

Maintaining BSA/AML compliance ‚ÄĒ including suspicious activity reporting (SAR), currency transaction reporting (CTR), and customer identification program (CIP) processes ‚ÄĒ requires careful management and monitoring to meet regulatory obligations and avoid enforcement actions.

Compliance Deficiencies Cited in BSA/AML Examinations

In its supervisory insight on the Bank Secrecy Act,‚ÄČ1 the FDIC identifies common deficiencies in financial institutions‚Äô BSA compliance programs. Violations cited by the agency in examinations fall into four primary categories:

  • Suspicious activity reporting
  • Currency transaction reporting
  • Required information sharing
  • Inadequate internal controls

The National Credit Union Association (NCUA) cites the most frequently seen compliance violations at credit unions‚ÄČ2 as:

  • Not completing timely 314(a) searches
  • Inadequate BSA training
  • No written, board-approved BSA compliance program
  • Noncompliant SAR and CTR filings
  1. FDIC, The Bank Secrecy Act: A Supervisory Update
  2. CUNA, "Beware these BSA land mines"

Learn more about BSA compliance from Quantivate partner RiskScout:

Which regulators enforce the Bank Secrecy Act?

The Bank Secrecy Act (BSA), also known as the Currency and Foreign Transactions Reporting Act of 1970, and its implementing regulations establish anti-money laundering obligations for financial institutions.

According to the American Bankers Association, "the law has been amended a number of times, adding requirements to report suspicious activities and track possible terrorist activities. The goal is to detect and deter instances of possible illicit finance, to track criminal activity, and to secure the safety of the financial system."

BSA Rules & Regulations

Multiple regulatory agencies have issued rules and regulations that implement the Bank Secrecy Act, including:

Office of the Comptroller of the Currency (OCC)

Financial Crimes Enforcement Network (FinCEN)

Federal Reserve Board (FRB)

Federal Deposit Insurance Corporation (FDIC)

National Credit Union Administration (NCUA)

Learn more about BSA regulation from Quantivate partner RiskScout:

Take the next step toward better GRC management.

Learn more about our governance, risk, and compliance solutions for banks and credit unions.