Five Trends in AML Compliance in 2021

This year has been a significant and active one in the world of anti-money laundering (AML) compliance. Digital payments are taking the world by storm, regulators are cracking down on new types of fraud and the U.S. government has pledged to be more proactive in enforcing AML laws.

Regulators have not been idle, issuing fines to banks around the globe totalling $10.6 billion in 2020. But it hasn’t been enough to deter fraud rates. What can banks expect for AML regulations for the remainder of 2021, and how can they prepare? Here are the main trends in AML compliance of 2021, and their impact on financial institutions.

1. Much-Needed Updates From Anti-Money Laundering Act of 2020
The Anti-Money Laundering Act of 2020 (AMLA) is arguably the most transformative AML law in a generation. AMLA amends the Bank Secrecy Act (BSA) for the first time since 2001 and modernize it for today’s money-laundering and fraud climate. For several years, regulators have focused on modernizing AML compliance programs at banks, encouraging innovation and improving the coordination and transfer of information between financial institutions. AMLA could have a significant impact toward these goals when coupled with regulators’ ongoing efforts.

Financial institutions are now required to have AML officers who can quickly incorporate reports into their transaction monitoring programs. It brings even more pressure for banks to modernize their operations through better technology. AMLA also allows the U.S. to subpoena records related to any account at foreign banks that maintain correspondent accounts in the United States, enabling the regulators and the government to fight money launderers who seek to take advantage of the lack of communication between countries to commit international crimes.

2. Tightening UBO Laws
Under the AMLA, the Financial Crimes Enforcement Network (FinCEN) requires certain companies to file information on the beneficial owner of the reporting company, along with the identity of the person who has applied to form or register the company. This is part of the overarching trend of gathering more information on your customers.

Customer due diligence is now a more complex and lengthy process to gather the right types of information. This goes hand in hand with the Corporate Transparency Act (CTA), which requires financial institutions to verify customer information against FinCEN’s Ultimate Business Owner (UBO) registries. Verifying UBO information can be costly and time-consuming, especially since most countries have not published public ownership registers.

3. Better Software, Better Tech
Regulators around the world are pushing banks to use better software and incorporate emerging technologies. As financial fraudsters get more intelligent with their approaches, the only way for banks to fight back is with technology that matches those capabilities and can adapt to new threats. Compliance teams are increasing in size and expense. The benefit of better software is that many of these processes can become automated, which helps keep costs down.

4. Crypto Regulation
The novelty of virtual currencies allows fraudsters use them to their advantage while escaping regulators’ purview. According to Chainanalysis’ 2021 Crypto Crime Report, 270 cryptocurrency addresses received $1.3 billion in illicit digital coins in 2020.

How is the U.S. approaching the regulation of cryptocurrencies? Several agencies have been involved with the regulation of virtual assets, including the U.S. Securities and Exchange Commission, Commodity Futures Trading Commission and FinCEN. From an AML perspective, the biggest change has been to require cryptocurrency exchanges to complete a Know-Your-Customer (KYC) process for every customer.

5. SAFE Banking Act
The SAFE Banking Act aims to normalize cannabis banking and reduce the risk of liability for banks that offer services or loans to MRBs (marijuana-related businesses). To date, the SAFE Act has not been passed into law, and payment processing remains a confusing space for banks and MRBs alike. Under the administration of President Joseph Biden, however, there is hope that the industry will see a marijuana policy that reduces confusion at the federal level.

What are the overarching trends this year? AML laws are encouraging financial institutions to be more transparent, implement better technology and build more comprehensive customer profiles. Banks that want to be proactive will need to ensure their policies are up-to-date with the new regulations, their infrastructure can integrate more data sources and their KYC processes are automated, while also offering a great customer experience.

How AML Compliance Could Soon Change


AML-9-21-18.pngDespite major changes in compliance obligations starting with the Dodd-Frank Act through the more recent Economic Growth, Regulatory Relief, and Consumer Protection Act, requirements related to anti-money laundering (AML) compliance have remained largely unchanged.

The last major revision of AML compliance requirements was in 2001 with the U.S.A. PATRIOT Act amendments to the Bank Secrecy Act. This era may be coming to an end with the reintroduction earlier this summer of H.R. 6068, Counter Terrorism and Illicit Finance Act (CTIFA), and the convergence of market developments.

Although the reintroduced CTIFA bill removes a prior provision that would have required beneficial ownership information for new corporations to be collected and provided to FinCEN, the revised CTIFA would make a number of other significant changes to AML compliance requirements:

  • Increase the filing thresholds for currency transaction reports from $10,000 to $30,000 and for suspicious activity reports (SARs) from $5,000 to $10,000;
  • Require the Secretary of the Treasury to undertake a formal review of the information reporting requirements in the BSA to ensure the information is “of a high degree of usefulness” to law enforcement, and to propose changes to reduce regulatory burden;
  • Reduce impediments to the sharing of SAR information within a financial group, including with foreign branches, subsidiaries, and affiliates;
  • Create a process for FinCEN to issue no-action letters concerning the application of the BSA or any other AML law to specific conduct, including a statement whether FinCEN has any intention of taking an enforcement action with respect to such conduct;
  • Encourage the use of technological innovations such as artificial intelligence in AML compliance;
  • Establish an 18-month safe harbor from enforcement of FinCEN’s beneficial ownership and customer due diligence rule, which became effective in May 2018; and
  • Commission studies on the effectiveness of current beneficial ownership reporting regimes and cost-benefit analyses of AML requirements.

Although the CTIFA’s prospects for passage are uncertain, several of its provisions track market developments that are already bringing about change. First, innovative technologies such as artificial intelligence and blockchain increasingly are being leveraged for AML compliance solutions.

Artificial intelligence has the potential to transform terabytes of customer information into actionable AML insights including, for example, customizable pre-drafted suspicious activity report templates or customer risk profiles. These risk profiles update in real time in support of the new customer due diligence “pillar” of AML compliance. Blockchain and other distributed ledger technologies may be deployed to create standardized digital identities for customers to expedite and safeguard KYC and authentication processes.

Second, banks already are taking a hard look at their CTR and SAR processes to determine the ratio of meaningful information to noise that has been included in these reports. This augmented reporting will result in a direct benefit to the network of federal government agencies tasked with analyzing reports to find information with a high degree of usefulness in law enforcement investigations.

Third, banks are increasingly providing services to new types of high-risk businesses, such as marijuana-related businesses (“MRBs”) and cryptocurrency companies. FinCEN has for each of these industries been a pioneer in issuing guidance relatively early in the industry’s lifecycle to explain how AML compliance obligations apply, but this guidance requires updating. As just one example, FinCEN’s three-tiered system for filing SARs applies when a bank provides banking services directly to an MRB, but there are less clear SAR filing guidelines when a bank provides services to a customer that provides services to MRBs or owns shares of an MRB.

Banks continue to use FinCEN’s administrative ruling request process or the supervisory process to obtain guidance for high-risk customers, albeit in an ad hoc, non-public way. This request process is less effective than the no-action letter process contemplated in the CTIFA.

The CTIFA, if enacted, would significantly change AML compliances. At the same time, innovation and new business opportunities, among other market developments, are already contributing to AML compliance enhancements. Regardless of whether the legislation passes, the industry appears to be entering an era of change.