What the Fed Crackdown on Drug Trafficking Means For Your Bank

The second Trump administration has signaled a clear priority in going after drug trafficking and cartel activity along the southern border of the United States. Early actions included the designation of several cartels as foreign terrorist organizations and military strikes targeting Venezuela that culminated in the capture of the country’s president, Nicolás Maduro. While the administration has largely taken a deregulatory stance toward the banking industry, that is unlikely to extend to Bank Secrecy Act and anti-money laundering compliance, experts say. Given recent changes in the regulatory landscape, boards and management teams may want to revisit their compliance programs.

“This is an opportunity to sit down and reassess your BSA/AML program overall,” says Robert Maddox, a partner with Bradley Arant Boult Cummings. “Every bank will have an established program. The question for senior management and the board is, ‘Is it good enough, and can we prove that it is?’”

In April 2026, the Financial Crimes Enforcement Network issued a notice of proposed rulemaking intended to both modernize the AML compliance framework and “lead to more effective outcomes for financial institutions, as well as law enforcement and national security agencies.” In essence, the administration is asking banks to move away from technical compliance — what it calls a “check-the-box” approach — and toward demonstrating the effectiveness of their compliance programs.

That starts with the use of suspicious activity reports, or SARs, which financial institutions are required to file when they suspect a BSA violation. Regulators don’t want to see large volumes of SARs in this environment; they want to receive SARs that lead to intelligence that law enforcement can actually use, says Crystal Trout, financial crimes compliance practice leader with Baker Tilly. To get a sense for the effectiveness of their bank’s program, the board could look at the rate of false positives the bank’s SARs have produced and whether that rate is improving, for instance.

Historically, compliance departments have filed SARs on suspicion that a customer is structuring transactions to evade BSA recordkeeping requirements, a practice that banks should reconsider in light of new FinCEN guidance. In October 2025, the agency communicated that structuring alone isn’t a reason to file a SAR; banks should file a SAR only when they know or suspect a client is intentionally trying to evade currency transaction reporting requirements. And bankers ought to spell out more explicitly why they believe a SAR could be tied to a profile for a given activity, such as drug trafficking, says Karen Leiter, a principal with CliftonLarsonAllen. “Don’t just defensively file,” she says. “Make sure you understand the activity and can tie it back to a typology.”

However, banks should continue to document their line of thinking when deciding not to file a SAR in a particular case. If an examiner disagrees with that decision, bank management should be able to show how it arrived at a given conclusion. “You can probably expect [examiners] to try to test whether that decision is indeed effective,” says Spencer Schulten, a principal with Forvis Mazars.

To get an understanding of potential weaknesses in the bank’s compliance program, boards can ask whether the organization has a backlog of alerts or investigations that have yet to be cleared, Schulten says. Boards should know how their bank’s quality assurance and quality control functions are catching small technical errors within compliance, adds Leiter. Examiners may not be looking to catch banks on those small technical issues, but they will want to know that the board understands how those are handled internally, she says.

Artificial intelligence tools could help banks improve transaction monitoring, Trout says. “A lot of institutions still have a lot of manual processes in place, and they rely too heavily on that. And that’s where their risk is. That’s where it’s good to implement technology to help reduce those manual processes,” she explains. “My theory has always been that manual processes mean human error.”

Boards should also understand how regulatory changes under the current administration have affected their bank’s risk profile. Certain types of industries have generally been considered high risk, but federal authorities have also directed financial institutions to apply heightened scrutiny to certain geographies or industries. For example, FinCEN started issuing geographic targeting orders for money service businesses operating along the Southwest border in early 2025; those orders require institutions to collect and report data on transactions above a certain value. This year, the agency issued similar orders concerning international funds transfers over $3,000 in certain Minnesota counties. President Donald Trump also issued an executive order on May 19 that directed the Treasury Secretary to propose changes to the BSA within 90 days to “strengthen risk-based customer due diligence requirements for covered financial institutions.” Those changes would include the collection of information about the customer’s identity, immigration status and work authorization.

Banks must also be aware of the increased potential for civil litigation over debanking based on political or religious ideologies or lawful business activities, a separate matter the Trump administration has prioritized. If a bank should ultimately decide to close a client’s account for risk-related reasons — such as a heavy reliance on cash, which can be typical of cannabis businesses — then it must thoroughly document that decision and connect it to the bank’s risk tolerance and BSA/AML compliance process.

“What you do and how you memorialize the decisions you make are absolutely critical,” Maddox says. “We can use core values, risk tolerance, risk structure, and we can make those decisions, but as long as we document those decisions, we can be wrong and that’s fine. We can defend it.”