U.S. Capitol Building at sunset


Money laundering is the process of making illegally gained proceeds (i.e., “dirty money”) appear legal (i.e., “clean”). Typically, it involves three steps: placement, layering and integration. First, the illegitimate funds are furtively introduced into the legitimate financial system. The money is then moved around to create confusion, sometimes by wiring or transferring through numerous accounts. Finally, it is integrated into the financial system through additional transactions until the “dirty money” appears “clean.” Money laundering can facilitate crimes such as drug trafficking and terrorism and can adversely impact the global economy.

On December 11, 2020, the Senate passed the Anti-Money Laundering Act of 2020 (AMLA or the Act) - DIVISION F of the National Defense Authorization Act for the fiscal year 2021 (the NDAA). The House of Representatives had previously passed the measure on December 8, 2020.

On January 1, 2021, as part of overriding the President's veto of a defense spending bill, Congress enacted the Anti-Money Laundering Act (AMLA), which will become law and will amend the Bank Secrecy Act (BSA) for the first time since 2001.

The AMLA, like other regulatory initiatives, seems to come from several prior legislative attempts to reform various specific aspects of the Bank Secrecy Act (BSA), including the Corporate Transparency Act of 2019, the Illicit CASH Act of 2020, and the STIFLE Act of 2020. A vital purpose of the AMLA is to expand coordination and information sharing among administering agencies, examining agencies, law enforcement agencies, national security agencies, the intelligence community and financial institutions.

The AMLA has numerous substantive provisions that appear to address weaknesses in the U.S. approach to anti-money laundering/countering the financing of terrorism (AML/CFT), including the absence of corporate beneficial ownership reporting requirements at the national level. The United States has been criticized by, among others, the Financial Action Task Force (FATF) for the absence of beneficial ownership reporting requirements at the national level. FATF has described the absence as a “significant gap” and a “serious deficiency” in the U.S. AML regime.  Ready access to beneficial ownership information has also long been a goal of federal law enforcement and national security officials. AMLA also focuses on the use of reasonably designed risk-based programs that embrace innovation and embed technology.

Boards and Compliance Officers should consider the following:

  • Revamping customer due diligence. Regulators will more likely than not expect companies to enhance their customer due diligence process to determine who could be using "fronts" or hiding behind shell companies. Why? Those names and business ties will be more readily available because corporations, limited liability companies and similar U.S. entities, as well as those same foreign entities that register to do business in the United States, will be required to submit, as part of the company formation or registration process, a report to Financial Crimes Enforcement Network (FinCEN) that includes specific identification information for each beneficial owner. A beneficial owner is defined to mean any individual who (a) exercises substantial control over an entity or (b) owns or controls 25 percent or more of the ownership interests of an entity. Several exclusions exist, including an individual acting as an agent for another individual and an individual acting solely as an employee.
  • Reviewing the whistleblower program. AMLA establishes a whistleblower reward program for suspected violations of the BSA. The program is similar in some ways to the whistleblower program at the Securities and Exchange Commission (SEC): tipsters who provide original information that leads to an enforcement penalty of more than $1 million would be eligible for a reward as high as 30 percent of the collected total. Also, reporting tips would allow that individual to claim anti-retaliation protections included under AMLA. Specifically, in the event of a violation of these provisions, the whistleblower can file a complaint with the Department of Labor and seek recourse in federal district court if it is not adjudicated within a certain period.

My initial interpretation of this whistleblower program is that compliance and internal audit professionals will be eligible to submit tips and pursue awards, even without internally reporting misconduct allegations. A maneuver many of us shunned over the years; however, this does make sense if you think carefully. At some point, I hope, the SEC requires the departure of the CCO or CAE to be an 8-K triggering event. Potentially bypassing internal reporting is another reason why the board and compliance professionals everywhere to think hard about the compliance program's current state.

The AMLA contemplates several new mechanisms for sharing BSA-related information, emphasizing the utilization of data, metrics, statistics, and analytics. Three of these mechanisms are as follows:

  • Threat Pattern and trend analyses of BSA reports: FinCEN will be required to publish threat pattern and trend information to provide meaningful information about the preparation, use, and value of SARs and other reports filed by financial institutions.
  • Strengthening the feedback loop on BSA reports: The Department of Justice will be required to submit to Treasury an annual report on the use of data derived from financial institutions reporting under the BSA, to be used for specified purposes that include enhancing feedback and communications with financial institutions. Notably, this report's specific purpose will be to provide more detail in Treasury’s semiannual report to the financial services industry on suspicious activities.
  • SAR Sharing with foreign branches, subsidiaries and affiliates: Two provisions in the Act aim to facilitate cross-border sharing of SARs and suspicious transaction information within financial institutions. Financial institutions will be prohibited from establishing or maintaining any operation located outside the United States for the primary purpose of BSA compliance due to these provisions.

Also notable

  • The AMLA reiterates that financial institutions should implement reasonably designed risk-based programs that “direct its resources to its higher-risk customers and activities, consistent with the risk profile of a financial institution.”
  • The AMLA's expansion of the BSA’s purpose to include “establish[ing] appropriate frameworks for information sharing among financial institutions, their agents and service providers, their regulatory authorities, associations of financial institutions, the Department of the Treasury and law enforcement.”
  • The adverse consequences of “de-risking”—generally understood in the AML/CFT context to mean financial institutions’ terminating or restricting business relationships with clients or categories of clients to avoid, rather than manage, risk.


The AMLA has several provisions that could result in significantly increased civil and criminal enforcement of AML violations. Thus, board members and compliance professionals need to start preparing today. One way to do this is through proper training.

For example, the AML states that any person convicted of violating the BSA shall, “in addition to any other fine under this section, be fined in an amount that is equal to the profit gained by such person by reason of such violation,” and, in the event the person was employed at a financial institution at the time of the violation, repay to the financial institution any bonus paid during the calendar year during or after which the violation occurred.


Financial Crimes Enforcement Network
William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, H.R. 6395. Division F of the NDAA is the Anti-Money Laundering Act of 2020, and Title XCVII within the bill contains additional provisions relevant to the financial services industry.

Jonathan T. Marks
College rankings reporting
Next up

Oversight of institutional data reporting