Banks have spent decades checking boxes to prove they are fighting money laundering. Federal regulators now want to change the grading system.
Two new proposals from Washington would reshape how banks, credit unions and other financial institutions run their anti-money laundering programs. They would also change when regulators can punish those institutions for falling short.
The Financial Crimes Enforcement Network, known as FinCEN, put out one proposal. The Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation and the National Credit Union Administration released a coordinated one the same day. The goal is to keep the rules consistent across agencies so banks are not pulled in different directions.
Law firm Cooley walked through the proposals in a recent analysis and flagged what financial institutions need to pay attention to. The firm says the core idea is a shift away from technical compliance and toward real-world results. Banks would have to do two things. They would need to build a proper anti-money laundering program. Then they would need to actually run it, in the words of the proposals, “in all material respects.”
The proposals also push banks to focus their resources where the risk is highest. That means taking a harder look at customers, products and regions more likely to attract criminal money. It marks a step away from the one-size-fits-all approach that has defined bank compliance for years. Banks would also be required to weave FinCEN’s national anti-money laundering priorities into their own risk assessments, with some room to decide how those priorities apply to their business.
A few other changes stand out. The officer in charge of a bank’s anti-money laundering program would have to be based in the United States and reachable by regulators. Board approval would still be an option for compliance programs, but senior management could sign off instead. That is a new bit of flexibility for institutions that have chafed at board-only rules.
Read more: UK Regulators Hold Urgent Talks Over AI Cybersecurity Risks
The biggest shift may be on enforcement. According to Cooley, once a bank has properly set up its program, it generally would not face a major enforcement action based only on how it carries that program out. The exception is when problems rise to the level of a “significant or systemic” failure. Minor slip-ups would not automatically count as failures. That is a notable change in tone from regulators who have handed out steep fines for what banks have long argued were paperwork problems.
There is also a new check on the agencies themselves. Before a bank regulator can bring a significant anti-money laundering enforcement action, it would have to give FinCEN at least 30 days of written notice and share the underlying materials. As Cooley puts it, the requirement “would represent a meaningful structural expansion of FinCEN’s role in day-to-day bank supervision.” In plain terms, FinCEN gets a seat at the table before any big penalty lands.
Cooley recommends banks follow a practical to-do list. Compare current policies against the proposals and spot the gaps. Check whether the existing risk assessment actually incorporates FinCEN’s national priorities. Confirm that the anti-money laundering officer is based in the United States or make a plan to get one. And get ready for a new enforcement environment where the standard is substance, not form.
The firm also expects the Federal Reserve to release its own version of these rules, which would round out the coordinated effort across federal bank regulators. Comments on the current proposals are due June 9. Banks that want a say in how this new framework takes shape have a narrow window to speak up. Those that sit it out will be left to adapt to whatever the final rules look like.
