What Is the Bank Secrecy Act (BSA)?
The Bank Secrecy Act (BSA) was enacted in 1970 and is the core of the US’ anti-money laundering (AML) efforts. The act tasks financial institutions with assisting the government agencies. The companies should be detecting and preventing financial crimes by maintaining records, reporting suspicious activities, as well as verifying customer identities. The act was first designed to fight organised crime and tax evasion, but with emerging new crimes like terrorist financing, cybercrime, and cryptocurrency-related laundering, the BSA evolved accordingly. With the help of newer laws like the USA PATRIOT Act of 2001 and the Anti-Money Laundering Act of 2020, the act can reach a wider scope to enforce its rules. In this blog post, we’ll be talking about the core obligations demanded by the act, how BSA compliance officers work, as well as recent updates to the act.
What is the Purpose of BSA?
The Bank Secrecy Act is there to protect the U.S. financial system from financial crimes like money laundering and terrorist financing. It achieves this through several obligations like filing Suspicious Activity Reports (SARs), system protection, and mandating AML programs.
The act works to make sure financial firms are able to detect and report suspicious activities. This can be done using SARs to report odd activity that can lead to money laundering, fraud, or terrorism financing. The BSA is responsible with making sure these filings are done without delays.
System protection is another purpose of the BSA. The financial system can be protected by the implementation of Know Your Customer (KYC) and Customer Due Diligence (CDD) procedures. These procedures are there to help your company verify identities of customers, monitor transactions, as well as detecting anomalies in transactions or customer behaviour.
One other purpose of the act is mandating AML program implemention for financial firms. Features like internal controls, employee training, independent audits, and a designated compliance officer are needed when it comes to creating a strong AML program. These features will help prevent money laundering and keep companies safer.
In February 2025, FinCEN announced a $37 million civil money penalty against Brink’s Global Services USA, Inc for willful violations of the BSA, including failing to register as a money services business, failing to maintain an effective AML program and failing to file SARs. This shows how the BSA keeps companies in check and fines whoever isn’t complying with the regulations.
Who Must Comply with BSA Regulations?
The BSA covers several types of institutions and business that operate within the U.S. financial system. The act focuses mostly on sectors that can be exploited by criminals for money laundering and terrorist financing. Some of these sectors are chosen because of their services like handling customer funds and facilitating payments. Entitites within these sectors are obligated to implement AML programs as well as conduct due diligence procedures.
Banks & Credit Unions
These institutions are the primary focus of any regulatory body or act related to financial crime prevention since they handle deposits, loans, and international transfers. These firms are tasked with implementing strong AML programs as well as risk-based transaction monitoring. Under the BSA, banks and credit unions are also required to file SARs for any suspicious transaction or customer behaviour. They should also file Currency Transaction Reports (CTRs) for any transaction of above $10,000 per day. These firms are also responsible with screening customers against well-known lists like OFAC sanctions lists.
Broker-Dealers
Broker dealers manage securities trading as well as investment accounts, which is the reason why they’re obligated to comply with BSA regulations under the oversight of both the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA). They should be monitoring suspicious trading activity, insiders trading, market manipulation, as well as laundering that’s done using complex securities transactions. Verifying client identities during account openings and keeping transaction records are also crucial for safety.
Money Services Businesses (MSBs) & Cryptocurrency Exchanges
Money services businesses (MSBs) include money transmitters, currency exchanges and digital asset platforms. Therefore, they are covered under the BSA, with the recent inclusion of cryptocurrency exchanges and virtual asset providers (VASPs) under this category as well. These companies should first register with FinCEN and implement AML and KYC programs for their safety as well as their customers’. MSBs should verify customers, monitor for irregular transfers, and keep audit trails for potential investigations.
Casinos & Insurers
Casinos and insurance companies are considered high-risk sectors under the BSA since they deal with large cash transactions and complex financial instruments. For casinos, those that handle more than $1 million of annual gaming revenue should be maintaining AML programs as well as verifying player identities. The reporting of suspicious or unusually large wagers, deposits, or redemptions are needed. For insurance companies, especially ones that are dealing in cash-value or investment-linked products, detection and reporting of money laundering attempts done through insurance purchases, policy loans, or early surrenders is mandated.
Mutual Funds & Foreign Bank Branches
Mutual funds and foreign banks that operate in the U.S. are required to comply with the BSA. Mutual funds should be monitoring investor inflows and redemptions for potential layering attemps and integration schemes. These funds should ensure that fund transfers don’t conceal illicit origins. For foreign bank branches, the same AML standards should be reached as domestic institutions. These include customer verification, recordkeeping and SAR filing. These institutions are also required to keep correspondent banking due diligence, especially for dealing with high-risk jurisdictions and politically exposed persons (PEPs).
What is BSA Compliance Officer?
A BSA compliance officer is tasked with ensuring full compliance with the BSA and other AML laws within a financial firm. The position is needed to protect your company from exploitative acts like money laundering, terrorist financing and other financial crimes. The compliance officer’s role is to create a bridge between management and regulators to ensure AML controls are effective.
There are several responsibilities a BSA compliance officer needs to deal with. The officer should be able to create strong AML policies within the company that aligns with the BSA and FinCEN guidelines. Another responsibility of the officer is submitting Suspicious Activity Reports (SARs) when needed.
The officer should also train company staff accordingly to make sure they can spot red flags and anomalies in transactions. One other responsibility of the officer is managing FinCEN audits as well as regulatory examinations. These are important since failing to keep detailed records and audit trails might lead to fines in potential investigations.
Core BSA Reporting Obligations
There are several obligations that firms covered by the BSA need to fulfill. These obligations help your company enhance transparency and prevent financial crimes.
Suspicious Activity Report (SAR)
A SAR is a really important tool to have in order to protect your company from money laundering, terrorist financing, or fraud cases. Covered entities under the BSA should be filing a SAR within 30 days of detecting odd activity, and the FinCEN BSA e-filing system should be used for it. Some odd activities that might need reporting are unusual patterns of deposits and withdrawals, transactions with no apparent economic purpose, and transactions from or to high-risk jurisdictions.
Currency Transaction Report (CTR)
Another important obligation is the filing of CTR when needed. Your company should be filing CTRs for any cash transaction of over $10,000 per day, and it doesn’t matter whether it’s a deposit, withdrawal, or currency exchange. With CTRs, regulators can monitor large cash movements and discover potential structuring or layering schemes. Filing these reports without delay and keeping records for future reference is another recommendation for companies.
Foreign Bank Account Report (FBAR)
This report is for U.S. citizens, residents, and entities that have foreign financial accounts of over $10,000 during a calendar year. By filing the FBAR, you help the U.S. government track offshore assets and prevent crimes like money laundering and tax evasion. FBARs should be submitted electronically to FinCEN, and failing to do so will have its own civil and criminal penalties.
Form 8300
Form 8300 is used by firms that receive more than $10,000 in cash in a single transaction or in related transactions like those in car dealerships, real estate firms, and retail businesses. The form includes details of the transaction as well as the person sending the cash. This form is important for transparency purposes and helps law enforcement detect large cash movements that might be related to financial crime.
What Are the BSA/AML Program Requirements?
For your company to have a strong AML program that aligns with the BSA, there are several requirements to think about. One of these requirements is internal controls, which allow your company to keep accurate records, monitor transactions as well as ensuring reporting without error. Automated systems for screening customers and detecting unusual patterns is also included in these controls.
Another requirement set forth by the act is a BSA compliance officer within your company. The officer should have enough resources, authority and access to keep the AML program going effectively. Staff training is another requirement that makes sure employees can identify unusual activity and act accordingly. Independent testing or audits should also be done at least annually, since failing to do so can prevent you from reaching your program’s full effectiveness.
Customer Due Diligence (CDD) is another really important requirement, and the process involves verifying Ultimate Beneficial Ownership (UBO) as well as performing risk-based monitoring. The final requirement we’ll mention is real-time transaction monitoring. The monitoring process detects odd activities and reports the findings using SARs if necessary.
FinCEN’s Role Under BSA
The Financial Crimes Enforcement Network (FinCEN) works to enforce the BSA and oversees compliance while aiming to enhance transparency in the financial system of the U.S. It brings together the findings of CTRs, STRs, and FBARs. The data compiled from these reports provides companies with financial intelligence. FinCEN also works in regulatory coordination, acting as a bridge between agencies like the IRS, FDIC, and OCC to make sure obligations for AML are consistent in every sector. The network also issues guidance updates, advisories, and FAQs to help companies while they try to better their AML efforts.
What’s New in 2025?
The BSA gets updated regularly to keep up with the developments of financial crime. One update is the Beneficial Ownership Registry. This registry is there to increase transparency and it aims to do so by making corporate ownership information easier to access. Regulators can identify hidden parts of ownership structures better with this registry.
Another update is the adoption of AI-based SAR analytics, which enables companies to analyse more transaction data faster and more efficiently. The AI integrated system helps flag suspicious activities as well. Moreover, crypto monitoring tools are also being used more frequently in AML programs, since they help track virtual asset transactions while identifying high-risk wallets as well.
Common BSA Violations & Penalties
There are different types of BSA violations to avoid if you don’t want your company to get fined. For failing to file required SARs or CTRs, companies can get fines of up to $500,000 per violation. Weak internal controls can lead to regulatory enforcement by responsible bodies, some of which can be resctrictions on operations or heightened oversight. Tipping off customers about an investigation beforehand is another criminal offense that might lead to prosecution.
You should also be careful against inadequate risk assessments or failure to fully monitor transactions, since these offenses can result in civil penalties as well as reputational damage. In January, 2025, state financial regulators fined Block Inc. (Cash App) $80 million for insufficient money laundering controls, which included violations of the BSA/AML obligations. The severity of the fine shows the importance of BSA compliance.
What Are the Best Practices for BSA Compliance
For BSA compliance in 2025, your company should be knowledgeable about the best practices within the sector. Automating SAR and CTR filings is one of these practices that result in reduced human error. The practice also ensures timely submission to FinCEN, helping your company avoid fines. Updating customer risk profiles frequently and conducting detailed risk assessments is another recommended practice to help identify high-risk clients. Tools like Sanction Scanner are there to help companies perform real-time screening, receive adverse media alerts, conduct global sanctions lists checks, and keep detailed audit trail logs.
FAQ's Blog Post
The BSA helps detect money laundering by requiring financial institutions to file Suspicious Activity Reports (SARs) and monitor transactions.
Banks, credit unions, MSBs, casinos, and broker-dealers must comply with the Bank Secrecy Act.
Institutions must file CTRs, SARs, and maintain customer identification and transaction records.
Technology improves BSA compliance by automating transaction monitoring, recordkeeping, and suspicious activity detection.
Sanction Scanner helps banks meet BSA requirements with automated screening, AML monitoring, and real-time alerts.
