1. The Four Aml Compliance Obligations Every Covered Institution Must Satisfy
AML compliance spans four distinct regulatory requirements. The matrix below identifies each one, the governing law, the covered institutions, and the enforcement body.
| Regulatory Requirement | Governing Law | Who Must Comply | Key Obligation | Enforcement |
|---|---|---|---|---|
| AML Program | BSA / AMLA 2020 | Banks, broker-dealers, MSBs, and covered non-bank filers | Written policies, CIP, transaction monitoring, SAR filing | FinCEN; banking regulators |
| Beneficial Ownership Reporting | Corporate Transparency Act | Most U.S. .ompanies with under 20 employees or $5M revenue | File BOI report with FinCEN by applicable deadline | FinCEN civil and criminal penalties |
| Crypto AML Compliance | BSA; FinCEN virtual currency guidance | Virtual asset service providers and crypto exchanges | KYC, transaction monitoring, and SAR filing for crypto transactions | FinCEN; DOJ |
| OFAC Sanctions Screening | IEEPA; TWEA; sector-specific EOs | All U.S. .ersons and entities | Screen customers and transactions against SDN and other OFAC lists | OFAC civil and criminal enforcement |
AML compliance and money laundering counsel can evaluate whether the financial institution's AML program satisfies BSA and AMLA requirements, assess the institution's exposure under current FinCEN examination priorities, and advise on the most effective AML program structure and remediation strategy.
2. Bsa Program Requirements and the Corporate Transparency Act Boi Mandate
BSA Program Requirements and the Corporate Transparency Act BOI Mandate
What Are the Five Core Elements of a Bsa-Compliant Aml Program?
A BSA-compliant AML program must include five elements: internal controls designed to detect money laundering, an independent annual testing function, a designated compliance officer, ongoing employee training, and a customer identification program that verifies identity at account opening. FinCEN's examination procedures evaluate whether each element is resourced to the institution's specific risk profile and whether SAR filing decisions are documented and defensible.
Financial institutions and financial regulatory counsel can advise on the BSA AML program elements required for the institution's business type, assess whether written policies, transaction monitoring, and SAR filing practices satisfy current FinCEN standards, and develop the AML compliance enhancement strategy.
Who Must File a Beneficial Ownership Report under the Corporate Transparency Act?
Under the Corporate Transparency Act, most U.S. .ompanies with fewer than twenty full-time employees and less than five million dollars in annual gross revenue must file a beneficial ownership information report with FinCEN identifying every individual who owns at least twenty-five percent of the company or exercises substantial control. Companies formed before January 1, 2024 had until January 1, 2025 to file, and those formed after January 1, 2025 have thirty days from formation, with updated reports required within thirty days of any change to beneficial ownership.
Illicit finance defense and financial crime counsel can advise on the CTA beneficial ownership reporting obligations applicable to the company, assess whether the company qualifies for any of the twenty-three statutory exemptions, and develop the FinCEN BOI reporting and compliance strategy.
3. Crypto Aml Obligations and Ofac Sanctions Screening Requirements
Crypto exchanges and virtual asset service providers face the same BSA AML obligations as traditional financial institutions under FinCEN's virtual currency guidance. OFAC sanctions screening applies as a separate, real-time obligation for every customer and transaction.
What Aml Obligations Apply to Cryptocurrency Exchanges and Virtual Asset Platforms?
FinCEN's virtual currency guidance classifies crypto exchanges and hosted wallet providers as money services businesses subject to the full BSA program requirement, including KYC procedures and SAR filing for suspicious transactions of two thousand dollars or more. The FATF Travel Rule requires VASPs to transmit originator and beneficiary information for transfers above the applicable threshold, and FinCEN's proposed rulemaking would extend these obligations to unhosted wallet transactions exceeding ten thousand dollars.
Cryptocurrency regulation and digital asset compliance counsel can advise on the AML and KYC obligations applicable to the company's virtual asset activities, assess whether transaction monitoring covers on-chain and off-chain activities FinCEN expects, and develop the crypto AML compliance program.
How Does Ofac Sanctions Screening Work and What Happens When a Match Occurs?
OFAC sanctions compliance requires all U.S. .ersons to screen every customer and transaction against the Specially Designated Nationals list and applicable country-based sanctions programs before the transaction is processed. When a match occurs, the institution must block the funds in a segregated account and report to OFAC within ten business days, with civil penalties of up to approximately one million dollars per violation for failure to block a prohibited transaction.
Economic sanctions and international sanctions and trade tariffs counsel can advise on OFAC sanctions screening obligations applicable to the institution's customer base and transaction flows, assess whether the sanctions program satisfies OFAC examination standards, and develop the screening and enforcement defense strategy.
4. Sar Filing Obligations, Fincen Enforcement, and Criminal Money Laundering Defense
The SAR filing obligation generates more FinCEN enforcement actions than any other BSA requirement. Understanding the filing threshold, the thirty-day deadline, and the government's willfulness standard is essential to both compliance and criminal defense.
When Is a Financial Institution Required to File a Suspicious Activity Report?
A financial institution must file a SAR when it knows, suspects, or has reason to suspect that a transaction of five thousand dollars or more for banks, or two thousand dollars or more for broker-dealers and money services businesses, involves criminal proceeds, is designed to evade reporting, or has no lawful purpose. The institution has thirty calendar days from initial detection to file, must retain the SAR for five years, and is prohibited by 31 U.S.C. Section 5318(g)(2) from disclosing to the subject that a SAR has been filed.
Corporate fraud and white collar crime counsel can advise on the SAR filing obligations triggered by the suspicious transaction, assess whether the SAR narrative and documentation satisfy FinCEN standards, and develop the SAR filing, safe harbor protection, and enforcement defense strategy.
What Does the Government Need to Prove to Convict Someone of Federal Money Laundering?
Federal money laundering under 18 U.S.C. Section 1956 requires the government to prove the defendant conducted a financial transaction with proceeds of a specified unlawful activity and acted with intent to promote the activity, conceal the source of proceeds, or evade reporting requirements. The three-stage model of placement, layering, and integration describes how criminal proceeds enter the financial system, are obscured through complex transactions, and re-enter the economy as apparently legitimate assets, and prosecutors use this model to establish the knowledge and intent elements required for conviction.
Bank fraud and federal criminal defense counsel can advise on the specific elements of a BSA or money laundering criminal charge, assess whether the government can prove the defendant acted willfully, and develop the criminal defense and civil forfeiture response strategy.
26 Mar, 2026
