Key AML laws and regulations in the US

Learn about the history of AML laws in the US, the key components of the laws, and how you can create a compliant AML program.

An icon of a license document representing US aml laws.
Read time:
Share this post
Table of contents
⚡ Key takeaways
  • The Bank Secrecy Act (BSA) of 1970 and the laws and regulations that amend and implement it are the basis for AML laws in the US.
  • At a high-level, AML laws require financial institutions to know who they’re doing business with and monitor transactions for suspicious activity. 
  • Financial institutions need to work with regulators and have processes, training, identity verification and ongoing monitoring to help stop money laundering and remain compliant.

This article was reviewed by Emily Sachs, CAMS

Money laundering is itself a crime. But it’s also a byproduct and funding source of other crimes, including fraud, cybercrime, drug trafficking, and human trafficking. 

Through the creation and enforcement of anti-money laundering (AML) laws and regulations, financial and government institutions are better equipped to detect and deter criminal activity. And law enforcement can more easily seize money connected to criminal activity and charge people connected to the crime: The notorious gangster Al Capone, who invested his criminal proceeds into laundromats and thus inspired the term “money laundering,” was ultimately brought down on tax evasion charges. 

If you want a recap on what money laundering is and how it works, we cover that elsewhere. Or, watch this short clip from Breaking Bad. Here, we’re going to take a deeper dive into America’s main AML laws and how they work. 

How do anti-money laundering laws work in the US?

Passed in 1970, the Bank Secrecy Act (BSA) was one of the first money laundering laws in the US. Since then, various laws, regulations, rules, and guidance have updated the BSA or clarified its implementation. Collectively, these are sometimes referred to as BSA law, AML law, or BSA/AML law.  

At a high level, AML laws require financial institutions to create, document, and abide by an AML program to help detect and prevent money laundering. Some requirements for the programs are clearly laid out. But organizations also have discretion with how they create or implement other aspects of AML programs — with the relevant regulatory authorities’ approval. 

The US is also part of global AML efforts and the Financial Action Task Force (FATF), which sets international standards for AML and helps combat money laundering and terrorist financing.

What are key components of AML laws in the US?

The key components of AML programs in the US are understanding who you’re doing business with and the risks they pose, and monitoring transactions for suspicious activity. If you can trace the source of funds back to an original transaction — and identify who authorized that transaction — then you can better foil attempts to launder money. 

In practice, organizations use know your employee (KYE) processes for verifying employees’ identities and conducting background checks. Continuous monitoring of employees’ activity for suspicious behavior or potential contact with criminals is also important, as is limiting access to systems based on responsibilities.   

Turning outward, AML programs take a risk-based approach to identifying and monitoring customers and reporting certain transactions to government agencies. These are broadly broken down into two areas.

Know your customer 

Know your customer (KYC) can refer to a range of activities that financial institutions use to verify the identity of customers. It may also be referred to as know your business, or KYB, when the customer is an organization rather than an individual. 

Identities generally have to be verified at onboarding, when a customer first opens an account. But financial institutions also continually monitor customer activity and rescreen customers to evaluate risk with consideration to changes in a customer profile, ownership, and regulations. 

KYC can be broken down into several components, each of which may further involve several steps: 

Transaction monitoring and reporting requirements 

The BSA also requires financial institutions to monitor transactions, maintain records, and report activities that could correspond with money laundering. Some of the main BSA reports include: 

  • Suspicious activity report (SAR): Filed when a financial institution detects concerning activity or transactions, such as suspected insider trading, an unusual volume of transactions, or certain international wire transfers.  
  • Foreign bank account report (FBAR): Technically, customers have to file this report annually if they have over $10,000 in foreign bank accounts. However, financial professionals may file the report on a client’s behalf. 
  • Currency transaction reports (CTR): Filed to report when a customer deposits or withdraws over $10,000 in cash in a single day in one or multiple transactions. 
  • International Transportation of Currency or Monetary Instruments Report (CMIR): Filed to report when over $10,000 worth of monetary instruments, such as cash, gets physically transported, shipped, or mailed. 
Free white paper
See how experts evaluate AML solutions

What organizations are affected by AML rules in the US?

AML laws and rules apply to financial institutions, but the definition of what that includes has expanded over the years. 

Today, the BSA defines over 25 types of organizations and individuals as financial institutions, including FDIC-insured banks, credit unions, insurance companies, credit card companies, and casinos. Many fintech companies fall under this definition, as do online gaming facilitators and cryptocurrency platforms

Financial institutions also include money service businesses (MSBs) — people and organizations that offer money transfers or conduct more than $1,000 in money services with a customer in a single day. These could be currency exchanges, check cashers, prepaid card providers, and money transmitters. 

The BSA even considers the United States Postal Service a financial institution. And the law allows the Secretary of the Treasury to define (via regulation) other types of businesses or agencies as financial institutions if they conduct similar or related activity, or if they have cash transactions that could be highly useful in criminal, tax, or regulatory matters. 

Which US financial regulators enforce AML laws?

The Financial Crimes Enforcement Network (FinCEN), a bureau of the Department of the Treasury, administers and enforces the BSA. FinCEN is also the financial intelligence unit (FIU) for the US, making it responsible for receiving and analyzing information related to money laundering and terrorist financing.

But FinCEN delegates authority to various federal regulators to help enforce compliance with AML laws. These include the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve (Federal Reserve), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), and the Securities and Exchange Commission (SEC). 

States also have AML laws and their own financial regulators.  

The history of major federal AML laws

Today’s AML laws, regulations, and rules build on over 50 years of precedent. Here’s an overview of the most important federal AML laws.

Bank Secrecy Act of 1970

The Currency and Foreign Transactions Reporting Act of 1970, more commonly called the Bank Secrecy Act (BSA), helped formalize a federal framework for AML. Many of the laws and regulations that followed either amend or build on this framework. 

  • Authorizes the Department of the Treasury to create requirements for financial institutions that could help detect or stop money laundering. 
  • The guiding regulations of the BSA also require banks to identify customers, maintain records of financial transactions, and file CTRs for cash transactions exceeding $10,000 — a threshold unchanged since 1972.

Money Laundering Control Act of 1986

Sixteen years after the BSA came the federal Money Laundering Control Act of 1986.

  • Makes money laundering a federal offense. 
  • In certain circumstances, allows law enforcement to seize funds that are connected to money laundering. 
  • Prohibits the structuring of transactions — using multiple transactions to attempt to evade CTRs.
  • Imposes new compliance monitoring requirements on financial institutions. 

Anti-Drug Abuse Act of 1988

The Anti-Drug Abuse Act of 1988 wasn’t entirely focused on AML, but it had some provisions aimed at identifying drug dealers who launder money through luxury vehicles and real estate. 

  • Expands the BSA’s definition of a financial institution to include businesses that often have cash transactions, including auto dealers and certain real estate professionals. 
  • Requires financial institutions to verify the identity of individuals who purchase money instruments, such as money orders, over $3,000. 

Annunzio-Wylie Anti-Money Laundering Act of 1992

Added new reporting requirements to the BSA and enhanced the potential penalties for financial institutions that violate the BSA.

  • Establishes a legal requirement under the BSA for financial institutions to report certain suspicious activities, which leads to SARs replacing criminal referral forms in 1996.
  • Allows regulators to revoke federal bank charters and remove bank officers for BSA violations. 
  • Authorizes the Treasury to create minimum standards for AML programs.
  • Adds verification and recordkeeping requirements for wire transfers.
  • Creates the Bank Secrecy Act Advisory Group (BSAAG).

Money Laundering Suppression Act of 1994

Expanded the requirements for money service businesses (MSBs) and established new AML training and reporting requirements.

  • Streamlines the reporting of suspicious activity. 
  • Requires MSBs to register with FinCEN and maintain lists of the businesses that can act as the MSBs’ agents. 
  • Requires federal banking agencies to review and enhance AML training and examination, and to refer AML cases to law enforcement. 

USA PATRIOT Act of 2001

AML laws from 1970 to 2000 primarily focused on money laundering related to organized crime and the war on drugs. That changed after 9/11, when the PATRIOT Act criminalized terrorist financing and further amended the BSA. 

  • Requires financial institutions to create AML programs that meet expanded minimum requirements — four of the (now five) pillars of AML compliance. 
  • Establishes minimum standards for identity verification when customers open new accounts at financial institutions. 
  • Creates customer due diligence requirements, with enhanced due diligence for many foreign accounts. 
  • Forbids financial institutions from working with foreign shell banks. 
  • Expands information sharing between financial institutions, law enforcement, and regulators. 

Anti-Money Laundering Act of 2020 (AML Act)

The most recent AML law, the Anti-Money Laundering Act of 2020 (AMLA), modernizes the AML framework with new amendments to the BSA and the inclusion of the Corporate Transparency Act (CTA). 

  • Creates a federal requirement (via the CTA) to identify beneficial owners of certain businesses and other legal entities. 
  • Expands the BSA’s definitions of financial institutions to include businesses that offer services related to “value that substitutes for currency,” which could include cryptocurrency services, and people engaged in the trade of antiquities. 
  • Prohibits concealing or misrepresenting certain information from financial institutions and expands the penalties for BSA violations.
  • Gives the Departments of Justice and Treasury new subpoena powers for foreign bank records. 
  • Adds to existing whistleblower protections and rewards. 

Tips for better AML compliance

AML compliance is mandatory for financial institutions, and noncompliance can lead to civil and criminal offenses, fines, and jail time. However, maintaining compliance can be difficult when the laws and regulations frequently change, and when you’re dealing with a large (and growing) volume of new customers and transactions. 

The BSA identifies five key pillars that financial institutions can use to create compliant AML programs:

  1. Designate a compliance officer
  2. Develop an internal policy
  3. Train employees
  4. Test and audit your program
  5. Implement risk-based procedures for conducting ongoing customer due diligence

We discuss how to implement the five pillars elsewhere and have an AML compliance checklist with four steps you can take to better align with regulators’ expectations. But getting the proper processes and training in place is only part of the solution. Financial institutions also rely on AML software and tools to assist with customer identification, reverification, watchlist screening, transaction monitoring, and record retention. 

At Persona, our Verification and KYC/AML tools offer no-code solutions for creating a customizable system that meets global AML requirements. We also keep your customers’ interests in mind, and our Dynamic Flow approach allows you to create automated processes that decrease or increase friction based on risk.

You can get started for free or contact us to learn more.

Frequently asked questions

When did AML regulations start in the US?

Federal AML regulations began with the passage of the Bank Secrecy Act (BSA) and the regulations that implemented the law in the early 1970s. Since then, many laws, regulations, and rules have amended and built on the BSA. 

Why are AML laws important?

AML laws help government agencies and law enforcement identify individuals and groups that are trying to launder money by creating monitoring and reporting requirements for financial institutions. In turn, this allows law enforcement to build cases against bad actors and freeze or seize the money that may otherwise fund and reward drug trafficking, human trafficking, terrorism, and other criminal activity.  

What happens when businesses fail to comply with AML laws?

Financial institutions that don’t comply with AML laws may face civil and criminal offenses, and fines, and their executives and employees are also at risk of these plus jail time. AML programs can also help financial institutions detect and prevent fraud; inadequate programs can expose organizations to additional risk and losses. 

What are the future trends of AML?

The rise of artificial intelligence (AI) is going to affect AML as well. Organizations can use AI to automate processes and create more efficient transaction monitoring systems. But the cat-and-mouse game will continue as criminals find ways to use AI to enhance their money laundering schemes. We can also expect to see AML regulations expand to cover more organizations and services, including an increased focus on cryptocurrency platforms. Individual jurisdictions across the globe will also continue to expand regulations. 

Continue reading

Continue reading

How digital health apps can overcome four barriers to converting users
How digital health apps can overcome four barriers to converting users

How digital health apps can overcome four barriers to converting users

New patients might abandon onboarding if they’re confused, frustrated, or overwhelmed. Here are four ways digital health apps can improve conversion.

How to create scalable and compliant international KYB processes
How to create scalable and compliant international KYB processes

How to create scalable and compliant international KYB processes

Industry experts discuss international KYB and debunk common myths while sharing how to build a scalable global KYB process.

Trust and safety survey insights: Fighting identity fraud in the age of GenAI
Trust and safety survey insights: Fighting identity fraud in the age of GenAI

Trust and safety survey insights: Fighting identity fraud in the age of GenAI

Persona’s trust and safety survey reveals that although many fraud fighters feel effective, few have the tools to proactively mitigate identity fraud at the scale generative AI has introduced.

The Anti-Money Laundering Act of 2020 (AMLA) explained

The Anti-Money Laundering Act of 2020 (AMLA) explained

Discover the key provisions and impact of the AML Act of 2020, aimed at combating money laundering and protecting financial systems.

How to implement the five pillars of AML compliance

How to implement the five pillars of AML compliance

Learn what a compliant AML program looks like and how to establish one at your company.

AML tools: What to look for in AML software

AML tools: What to look for in AML software

Learn about the different features you may want to look for as you build your AML toolkit.

Ready to get started?

Get in touch or start exploring Persona today.