The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) is proposing a rule to strengthen and modernize financial institutions' anti-money laundering and countering the financing of terrorism (AML/CFT) programs, as part of realizing the Anti-Money Laundering Act of 2020 (AML Act).
What would FinCEN’s proposal include?
For the first time, FinCEN would mandate that AML/CFT programs be risk-based in order to be considered compliant. It is a significant change to the enforcement approach for AML/CFT, making it explicit that ‘check-the-box’ approaches to AML/CFT will no longer be sufficient.
- Under the proposal, financial institutions would have a mandatory risk assessment process.
- The proposed rule also would require financial institutions to review government-wide AML/CFT priorities and incorporate them, as appropriate, into risk-based programs, and implement technical changes to program requirements.
- Financial institutions would have certain broader considerations for an effective and risk-based AML/CFT framework as envisioned by the AML Act.
- FinCEN is also proposing regulatory amendments to promote clarity and consistency across FinCEN's program rules for different types of financial institutions.
FinCEN sought input from experts across the financial services spectrum to help understand the potential impact on financial institutions (FIs) of the proposed changes.
Napier AI provided insights including:
- The importance of a risk-based approach to AML/CFT
The proposed rule mandates financial institutions to develop effective, risk-based AML/CFT programs. A crucial component of this is the introduction of a mandatory risk assessment process, where institutions will need to evaluate their exposure to money laundering (ML) and terrorism financing (TF) risks continuously.
Napier AI champions this risk-based approach (RBA) but suggests that financial institutions need to move beyond over-reliance on traditional, static assessments. Napier AI advocates for these to be complemented with Perpetual Client Risk Assessment (PCRA), which would provide real-time, continuous insights into customer risk profiles. This method allows for a more dynamic view of risk, enabling institutions to identify and respond to potential threats as they evolve.
- Embracing innovation through AI
Innovation is a cornerstone of FinCEN’s proposal, particularly in the use of technology to enhance compliance. Napier AI strongly supports the adoption of Artificial Intelligence (AI) in AML/CFT programs. AI can significantly improve the efficiency and accuracy of the risk assessment in action, by automating routine tasks and reducing human error.
However, Napier AI stresses the need for explainable AI, ensuring that AI-generated decisions and reports are transparent and understandable to human operators. This transparency is crucial, not only for compliance but also for maintaining trust between financial institutions and regulators.
AI-driven systems like Napier’s PCRA could also help reduce the volume of false positives—a common issue in current AML systems. By leveraging real-time data and dynamic customer segmentation, AI can prioritize genuine threats, saving valuable resources and reducing compliance costs.
- Incorporating AML/CFT priorities effectively
The proposal also requires financial institutions to align their programs with FinCEN’s AML/CFT National Priorities. While this alignment is crucial, Napier AI points out that some financial institutions may focus too heavily on identifying suspicious transactions without fully understanding the broader customer risk profiles.
Napier AI suggests that FinCEN could adopt an approach similar to the AML typologies program developed in collaboration with the UK’s Financial Conduct Authority (FCA). This program categorizes financial crime risks by institution type and product, allowing institutions to implement only those typologies relevant to their business. This targeted approach reduces unnecessary false positives and helps institutions focus on genuine threats.
- Continuous risk assessment and data-driven insights
A key issue highlighted by Napier AI is the need for continuous risk assessment rather than periodic reviews. In a world where financial crime evolves rapidly, institutions cannot afford to assess risk annually or biennially. Napier AI recommends an always-on approach, where risk profiles are constantly updated in real-time.
Moreover, Napier AI emphasizes the importance of public-private data sharing. Effective collaboration between financial institutions and regulators can improve the quality and usefulness of Suspicious Activity Reports (SARs). By creating feedback loops, institutions can refine their AML/CFT programs, ensuring that SARs contribute meaningfully to crime prevention.
- The role of innovation in reducing regulatory burden
One of the most pressing challenges facing financial institutions is how to balance compliance with innovation. Many organizations struggle to adopt new technologies due to concerns about regulatory approval. Napier AI suggests that FinCEN could provide a regulatory sandbox—a safe environment where institutions can test new technologies, including AI, without fear of non-compliance.
Such initiatives, already successful in other jurisdictions, can foster innovation while ensuring that compliance obligations are met. Moreover, clear guidelines on AI explainability and traceability would give institutions the confidence to deploy advanced technologies securely.
Towards a competitive advantage
By adopting real-time, AI-powered solutions like PCRA, institutions can not only meet their regulatory obligations but also improve operational efficiency. Reduced false positives, enhanced risk detection, and smarter allocation of compliance resources can all contribute to a more agile, resilient organization.
Read the full response here
Photo by Aral Tasher on Unsplash