Five Pillars of AML Compliance in the Bank Secrecy Act


What do the five pillars of the Bank Secrecy Act have to do with a money laundering, aspiring rapper? They crossed paths this year. 

Tongue out, hands up in a nearly Star Trekian gesture, Heather Morgan became her alter ego, Razzlekhan. Calling herself the Crocodile of Wall Street, Morgan was eventually accused in a scheme to launder billions in stolen cryptocurrency alongside her husband. In 2023, Morgan pled guilty to money laundering and conspiracy to defraud the United States government. Having previously called herself a dirty, dirty person, it seems that her money was the most soiled. Now, she’s looking to clean up her act. 

Money can be filthy. Dirty funds like Morgan’s – stolen from the crypto exchange Bitfinex – might accrue through illicit activity, corrupt public officials, or finance terrorists. Washing is often attempted by layering or sending the money around the world, depositing it in smaller increments to avoid scrutiny, and converting it to other types of funds. Reports on how Morgan and her husband were caught point to Walmart gift cards the couple thought would hide the source of the funds. 

As part of the Bank Secrecy Act, efforts toward Anti-Money Laundering are also made by requiring various institutions to plan and implement structures designed to more easily detect and report suspicious activities. By asking banks, brokers, casinos, cryptocurrencies, and other industries to comply, the federal government creates a system to catch bad actors. Let’s discuss a few pillars of AML rules.  

Document Policies and Procedures

Written policies and procedures help prove that your bank has thought through every step of AML compliance, as required. Your policy should be tailored to the institution’s risk profile, but a supervisor will be held responsible for this documentation, so it should be well-designed, reviewed, and ultimately approved by that senior manager. 

Policies and procedures should address technological oversight with an eye toward the security and access to storage and sourcing of information. It should include double-checks for all functions and strict segregation of duties to keep integrity high in meeting AML requirements. Policies and procedures should also be updated quickly as any changes to rules are made. Should any bank personnel change, procedures should document a strategy for an uninterrupted workflow surrounding AML cases.

Choose a Compliance Officer

A highly knowledgeable and experienced industry veteran is the perfect candidate for the AML compliance officer role. The officer would not only examine and update or change policies and procedures, but they could also be the liaison to the federal government for communications related to the BSA if they are also designated the AML Contact Person in some firms. The officer would also supervise the training of new employees and ensure that Suspicious Activity Reports are duly filed and also kept on record for five years after their file date. In a bank, the board of directors often selects the person who fills the compliance officer role. 

Assess Risk

To stay ahead of any fraud, money laundering, insider trading, and tax evasion that could be happening under your nose, a risk assessment is in order. Stay current and periodically review activity for suspicious patterns. New AI tools promise to simplify the task of recognizing odd money movements and pointing them out for you. Keep an eye out for customers, locations, and specific product services with elevated risk, how well you can analyze that information, and create an agile and informed team to respond to it to meet AML requirements. 

Test Independently 

Under the guidelines of the AML, testing of the AML system should occur periodically. This testing can be done in-house by an audit department or use an outside auditor, consultant, or qualified party. Banks and other financial institutions should be careful of selecting parties with no conflicting responsibilities or oversight and should test parts or the whole of their system relative to changes made in the bank’s risk profile or significant changes to staffing or processes. 

Train Regularly

Eschew one-size-fits-all. When it comes to ongoing training of employees, a key pillar of compliance, you should tailor the training to the employee’s role and the scope of their responsibilities with the enterprise. The training should include an overview of key BSA and AML laws, how they can help comply, and what to look for regarding suspicious activity. Training should also be updated periodically and reviewed as the law is updated. Changes to the bank’s risk profile are another moment for review of applicable AML topics.  

Learning and training are key pillars of complying with the AML. Bankers Hub offers courses and certifications for staff in a variety of settings, including sessions on Identifying Suspicious Activity through Client Facing Training. That specific training is for front-line employees who interface with clients directly. We invite you to explore our related in-depth courses, including the self-paced Bankers Hub BSA AML Professional Certification for new and veteran financial professionals. The course delves into training new staff and reporting expectations in addition to the fundamentals of the BSA AML.


UDAAP: Avoiding Consumer Harm & Monitoring for Consumer Complaints

September 30, 2024 @ 2:00 pm – 3:00 pm – This lending compliance webinar will review best practices, procedures, and tools to strengthen your UDAAP compliance program, as well as review how to incorporate the requirements of the new Fair Debt Collections Practices Act into your UDAAP program.

Read More »

ACH Basics 3-Part Bootcamp

September 23, 2024 – September 25, 2024 @ 2:00 pm – 3:00 pm – This three-part series focuses on the basics of ACH, including the history of the network, defining the parties of ACH transactions, their roles and responsibilities, and the transaction flow and settlement process. In addition, we will cover all aspects of exception item processing, including your options in handling unauthorized transactions, stop payments and revoked authorizations. […]

Read More »
Cash Flow

Why EBITDA Doesn’t Spell Cash Flow

September 24, 2024 @ 12:00 pm – 1:00 pm – EBITDA (Earnings before Interest, Taxes, Depreciation, and Amortization) is a popular measure of cash flow, but it is not accurate, and those who rely on it as an indicator of repayment ability will be deeply disappointed

Read More »

More Posts

14 Effective Deposit Growth Strategies for Banks

Banks face significant challenges in growing their deposit bases in an era of unprecedented competition and evolving consumer expectations. Modern financial institutions must deploy innovative and customer-centric strategies to attract

Digital Banking Frauds

9 Types of Digital Banking Frauds to Be Aware Of

The banking industry has undergone a remarkable transformation in the era of digitization, enabling seamless transactions and improved customer experiences. However, with these advancements come sophisticated threats that target digital


What is EBITDA & Is It Reliable?

EBITDA (Earnings Before Interest, Taxes, Depreciation, and Amortization) is a metric that often sparks lively debate among financial professionals. Stripping out the cost of certain expenses may provide a clearer

What is a Fair Lending Risk Assessment?

A fair lending risk assessment is a critical process financial institutions use to ensure they comply with fair lending regulations. These laws aim to prevent discrimination in lending practices and