Regulatory Compliance News August 2025

Question: Bank Secrecy Act (BSA) to Countering the Financing of Terrorism (CFT): Is simple text replacement sufficient for my program? 

Short Answer: 

No, you shouldn’t simply find-and-replace “BSA” with “CFT” in your program and procedures. The Bank Secrecy Act remains the foundational legal framework, while Countering the Financing of Terrorism represents an integrated component within modern BSA/ anti-money laundering (AML) programs. Today’s compliance programs should reference “BSA/AML/CFT” to reflect the comprehensive nature of requirements that address both money laundering and terrorism financing. Rather than replacement, focus on ensuring your procedures adequately cover CFT-specific elements like enhanced due diligence for high-risk jurisdictions, terrorism financing red flags, and suspicious activity reporting for potential terrorism-related transactions, while maintaining all traditional BSA requirements for currency reporting and anti-money laundering controls. 

Answer Details: 

The Bank Secrecy Act of 1970 was originally enacted as a tool to combat tax evasion and detect unreported income through mandatory reporting of large currency transactions. Financial institutions were required to file Currency Transaction Reports for cash transactions exceeding $10,000, creating a paper trail that law enforcement could use to track suspicious financial activity. However, the scope and purpose of the BSA expanded dramatically over the following decades as regulators recognized its potential for addressing broader financial crimes. 

The transformation accelerated significantly after September 11, 2001, when the USA PATRIOT Act fundamentally reshaped the BSA landscape. The USA PATRIOT Act introduced explicit CFT requirements, mandating that financial institutions implement Customer Identification Programs (CIPs), conduct enhanced due diligence on high-risk accounts, and file Suspicious Activity Reports (SARs) specifically targeting potential terrorism financing. This marked the formal integration of CFT into the traditional anti-money laundering framework, creating a dual-purpose system designed to combat both criminal proceeds and terrorism funding. 

Recent regulatory developments demonstrate the continued evolution of this framework. The Financial Crimes Enforcement Network’s (FinCEN) beneficial ownership rules require financial institutions to identify the true owners of legal entity customers, while updated Customer Due Diligence requirements mandate ongoing monitoring of customer relationships. The proposed Investment Adviser Anti-Money Laundering Rule, recently delayed until 2028, would extend BSA obligations to investment advisers, reflecting the expanding scope of covered institutions. Additionally, regulators have increased focus on emerging threats such as virtual currencies, trade-based money laundering, and sophisticated layering schemes that blur the lines between traditional money laundering and terrorism financing. 

The operational shift from BSA to CFT represents a fundamental change in how financial institutions approach compliance. Traditional BSA compliance focused primarily on detecting the proceeds of criminal activity after crimes had been committed. CFT requirements, however, demand proactive identification of potential terrorism financing before attacks occur. This requires institutions to understand complex financing networks, identify suspicious patterns that may not involve large sums of money, and recognize that terrorism financing often involves legitimate funds used for illegitimate purposes. 

Modern financial institutions now operate comprehensive BSA/AML/CFT programs that integrate all these elements through risk-based approaches. These programs include sophisticated transaction monitoring systems that screen for both traditional money laundering red flags and terrorism financing indicators, enhanced due diligence procedures that consider geopolitical risks and sanctions compliance, and specialized training programs that help staff recognize the unique characteristics of terrorism financing. The regulatory examination process has similarly evolved, with examiners now evaluating institutions’ ability to detect and report both money laundering and terrorism financing activities as part of a unified compliance framework. 

This evolution continues today as financial institutions face new challenges from digital assets, fintech innovations, and evolving terrorist financing methods. The integration of artificial intelligence (AI) and machine learning into compliance programs reflects the ongoing adaptation required to address sophisticated threats that span traditional money laundering and terrorism financing. The future of financial crime prevention will likely see further convergence of BSA and CFT requirements as regulators and institutions recognize that effective compliance requires a holistic approach to detecting and preventing all forms of illicit financial activity. 

Contact Us
If you are interested in discussing your lending compliance program, or are in need of a compliance audit, please contact Erica M. Torres, Principal – Director of Regulatory Compliance Services or Brian Shea, Senior Manager Compliance Services. 

Regulatory News  

OCC Eliminates Disparate Impact Examinations from Fair Lending Supervision 

The Office of the Comptroller of the Currency (OCC) Bulletin 2025-16 announced that the OCC has removed references to disparate impact liability from its fair lending supervision practices, effective immediately, based on Executive Order 14281 issued in April 2025. OCC examiners will no longer examine banks for disparate impact violations or require disparate impact risk analyses, though they will continue conducting fair lending assessments for disparate treatment (intentional discrimination), analyzing Home Mortgage Disclosure Act data, and taking enforcement actions when evidence of disparate treatment is found. This policy change applies to all national banks, federal savings associations, and federal branches, including community banks, while the OCC maintains that banks must still provide fair access to financial services and comply with all applicable fair lending laws. 

Read more here 

Treasury Department Delays Investment Adviser Anti-Money Laundering Rule Until 2028

The U.S. Treasury’s FinCEN announced it is postponing the effective date of the Investment Adviser Anti-Money Laundering Rule from January 1, 2026, to January 1, 2028, and will reopen the rule for review. The rule, which would establish AML/CFT program and suspicious activity reporting requirements for registered investment advisers and exempt reporting advisers, aims to address illicit finance risks posed by criminals and foreign adversaries exploiting the U.S. financial system through investment advisers. FinCEN cited the need to ensure efficient regulation that balances costs and benefits while properly tailoring requirements to the diverse business models and risk profiles within the investment adviser sector and will provide exemptive relief to delay implementation while conducting a broader review of the rule’s substance through future rulemaking. 

Read more here 

Other News 

• FDIC Proposes Simplified Digital Sign and Advertising Requirements for Banks 
• Announcement for Users of OFAC’s Licensing Hotline 
• NYC Debt Collection Rules: New Regulations for Collectors and Agencies 
• Massachusetts Junk Fee Regulations: New Consumer Protection Rules (940 CMR 38.00) 

Enforcement Actions 

• FDIC Enforcement Decisions and Orders 
• $48.5 Million Settlement with Paxos Trust Company for AML Deficiencies and Diligence Failures with Relation to Binance Partnership 

Wolf Resources 

• Action Required for Trust Accounts 
• Beyond the Data Fields: Preparing for Small Business Lending Collection and Reporting Implementation 
• Preparing for AI in Financial Institutions: How to Embrace the Future of Automation 
• Think You’re Secure? Penetration Testing Will Reveal Common Vulnerabilities

Calendar of Important Regulatory Dates  

This calendar highlights upcoming dates whereby new or revised regulatory requirements will be applied to financial institutions. 

Table 1: Compliance dates and filing deadlines for updated small business lending rule 1071 deadlines.