The financial compliance landscape is shifting again. FinCEN just dropped a proposed rule that could reshape how your firm handles AML compliance.
This isn't just another regulatory tweak. The proposed changes introduce sweeping requirements that will touch every corner of your AML program.
Receive future blog posts by email.
What's Actually Changing
The biggest change centers on risk assessments. Every financial institution must now conduct formal risk assessments to identify and evaluate AML risks. This becomes the sixth pillar of your AML program.
Your board of directors must approve your AML compliance program. Previously, this only applied to certain entities. Now it's universal across all covered institutions.
Here's the controversial part: AML compliance functions must be performed by people in the U.S. This "onshoring" requirement could disrupt firms relying on offshore compliance teams or vendors.
The Risk Assessment Reality
Your risk assessment can't be a check-the-box exercise. It must integrate national AML priorities into your specific business model.
You'll need to update these assessments regularly. Any material changes to your money laundering risks trigger mandatory updates.
The rule requires documented governance frameworks for all risk-based decisions. Your processes need clear documentation and oversight.
What This Means for Your Firm
Even if you already conduct risk assessments, you'll likely need changes. The new requirements are more specific and demanding than current practices.
Budget for additional resources. The onshoring requirement alone could require significant restructuring of compliance operations.
Start planning now. Implementation timelines will be tight once the final rule drops.
Getting Ahead of the Changes
Smart firms are already reviewing their current AML programs against these proposed requirements. The earlier you start, the smoother your transition will be.
Consider how these changes affect your vendor relationships and staffing models. Both may need significant adjustments.
For expert guidance on navigating these AML changes and ensuring your compliance program meets evolving requirements, GiGCXOs can help you stay ahead of the regulatory curve.
Frequently Asked Questions
When will these new AML requirements take effect?
FinCEN hasn't announced the final implementation timeline yet. However, firms should start preparing now since compliance programs typically need 12-18 months to fully implement major changes.
Do these rules apply to all financial institutions?
Yes, the proposed rules apply to all institutions subject to BSA compliance requirements. This includes banks, broker-dealers, investment advisers, and many FinTech companies.
What happens to our offshore compliance team under the onshoring requirement?
You'll need to restructure so that key AML functions are performed by U.S.-based personnel who are accessible to regulators. Some support functions may remain offshore, but core compliance responsibilities must move onshore.
Subscribe to Regulated Intelligence Brief
Get new compliance intelligence delivered to your inbox.
The content in this blog is for informational purposes only and does not constitute legal advice, regulatory guidance, or an offer to sell or solicit securities. GiGCXOs is not a law firm. Compliance program requirements vary based on business model, customer base, and regulatory classification.