The U.S. Financial Crimes Enforcement Network (FinCEN), together with several federal banking regulators including the OCC, FDIC, and NCUA, has issued a proposed rule aimed at fundamentally reforming Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) programs across the U.S. financial sector.
The proposal seeks to modernize the U.S. AML/CFT supervisory framework by promoting more effective, risk-based, and reasonably designed compliance programs. Under the proposed rule, financial institutions would be required not only to establish AML/CFT programs, but also to maintain and effectively implement them in practice.
The proposed framework reinforces the four traditional AML pillars, including internal controls, independent testing, designation of a U.S.-based compliance officer, and ongoing employee training. In addition, institutions would be expected to conduct documented risk assessments, allocate resources according to identified risks, and strengthen customer due diligence controls where applicable.
One of the most notable aspects of the proposal is its focus on flexibility and proportionality. Regulators emphasized that institutions should dedicate greater resources to higher-risk customers and activities rather than applying identical controls across all risk categories.
The proposal could also reshape supervisory expectations. According to the draft rule, enforcement actions related to AML/CFT program maintenance would generally focus on significant or systemic failures, potentially raising the threshold for regulatory actions in cases where institutions can demonstrate a properly established compliance framework.
The proposed rule remains subject to a 60-day public comment period before FinCEN moves toward a final version. If adopted, financial institutions would have approximately 12 months to implement the required changes.
The proposal represents one of the most significant potential updates to the U.S. AML/CFT regulatory framework in recent years and is expected to have a substantial impact on compliance programs, governance structures, and risk-based monitoring practices throughout the financial industry.