BSA AML Compliance Explained: What It Is & Its Importance

The Bank Secrecy Act (BSA) was written in 1970, yet it still puzzles some companies.

Today, we’re providing a breakdown of everything you need to know about it, including tips on remaining compliant with this evolving piece of AML legislation.

What Is BSA AML Compliance?

BSA stands for Bank Secrecy Act, an anti-money laundering (AML) law passed by the United States Congress in 1970. It’s also known as the Currency and Foreign Transaction Reporting Act. 

This US law requires financial institutions to collaborate with the government to fight money laundering. The BSA AML requirements to remain compliant include:

  • reporting cash transactions of $10,000 or more using a Currency Transaction Report
  • identifying individuals who conduct these transactions
  • keeping an accurate paper trail, including a record of these transactions and the individuals’ identities 

Compliance is ensured by FinCEN, the US Financial Crimes Enforcement Network. Note that BSA is an evolving piece of legislation and includes amendments and guidance for dealing with businesses other than financial institutions. 

Today, the law covers verticals as varied as hemp-related businesses, cryptocurrencies, and online casinos, among others. It also overlaps with further pieces of AML regulation such as the USA Patriot Act and the National Defense Authorization Act. 

Crypto Platform Reduces AML Risk by 60% & Manual Reviews by 90%

Learn how a crypto platform deployed SEON to block money launderers and cut down fraud by 60% – as well as saved resources by reducing the need for manual reviews by a massive 90%.

See the Case Study

What Are the Pillars of BSA AML Compliance?

There are currently five pillars to ensure BSA AML compliance. These are: 

  1. Ensuring you deploy adequate internal controls: Your company must provide sufficient controls and monitoring systems for timely detection and reporting of suspicious activity.
  2. Designating a BSA AML Officer: Senior management must appoint an individual who must be charged with managing the institution’s BSA/AML with a direct line of communication to the board of directors or senior management.
  3. Establishing a BSA AML training program: Without proper training, staff might leave an institution exposed to significant money laundering risk. The training programs and staff completion of them must be documented, tailored to the person’s specific responsibilities, and updated regularly to reflect changes to internal policies, processes and monitoring systems.
  4. Getting your compliance program independently tested: The scope of the independent test should include, among others:
    • an evaluation of the overall adequacy and effectiveness of the policies, procedures, and processes
    • a risk-based transaction test
    • a review of the staff training
  5. Performing CDD checks: Customer Due Diligence checks may include AML and KYC checks designed to identify, authenticate, and vet users in order to weed out high-risk customers

It’s worth noting that there were initially only four pillars. The fifth one, pertaining to customer due diligence, was only added in 2018, following FinCEN’s CDD Final Rule. 

Who Must Comply With the Bank Secrecy Act & AML?

The Bank Secrecy Act is first and foremost aimed at US financial institutions. However, the term encompasses more types of businesses than banks and brokers. Under the BSA, financial institutions can be:

  • insured banks
  • credit unions
  • brokers or dealers in securities or commodities
  • currency exchanges
  • pawnbrokers
  • loan and finance companies
  • travel agencies
  • real estate companies
  • vehicle retailers, including those selling airplanes, boats and automobiles
  • dealers in precious metals, stones or jewels. 
  • hemp banking

Moreover, companies within certain industries fall within the definition of financial institutions if they meet specific requirements.

Casinos and gambling establishments, for instance, must have an annual gaming revenue of more than $1,000,000 and be licensed, to be subject.

Who Enforces BSA Anti-Money Laundering Compliance?

BSA compliance is enforced by the Financial Crimes Enforcement Network (FinCEN). Its mission is to “safeguard the financial system from the abuses of financial crime, including terrorist financing, money laundering, and other illicit activity”.

Note that some AML regulations can also be checked by the Financial Industry Regulatory Authority (FINRA), which writes and enforces rules that govern registered brokers and broker-dealer firms in the United States.

List of BSA/AML Report Types

Reporting plays a big part in BSA compliance. There are five key types of reports to fill:

  1. CTR Currency transaction reports: A currency transaction report, or CTR, keeps a log of transactions exceeding $10,000 in a single business day. This includes multiple transactions amounting to that sum from the same customer. The report must include a bank account number, name, address, and social security number.
  2. SAR – Suspicious activity report: A SAR must be filled whenever your organization suspects a customer action points to money laundering, wire transfer fraud, or check fraud. Some AML software tools let you create these automatically.
  3. FBAR – Foreign bank account report: An FBAR is designed to list US residents and citizens with a financial interest tied to foreign bank accounts.
  4. MIL – Monetary instrument log: A MIL must keep track of cash purchases of monetary instruments such as checks above a value of $3,000. Financial institutions must keep that record for at least five years. Note that purchases above $10,000 must be logged on CTRs instead. 
Reduce Fraud by 70–99%

Partner with SEON to reduce fraud rates in your business and boost your AML efforts with real-time data enrichment, machine learning and advanced APIs.

Ask an Expert

How to Establish an Effective BSA Compliance Program

The first thing to do in order to establish an effective BSA compliance program is to go over the aforementioned five pillars. 

Since the BSA and AML are so closely linked, you should also check our AML checklist.

Key steps to build into your process include: 

  1. Ensure you meet the AML requirements.
  2. Leverage data enrichment for pre-KYC and AML checks.
  3. Deploy risk-based monitoring.
  4. Monitor transactions using transaction monitoring software.

How SEON Can Augment Your AML and BSA Checks

SEON is a complete fraud prevention system based on data enrichment and risk scoring. The modular nature of our data is what makes it a tool of choice for several companies dealing with AML regulations. Here is what we offer:

  • AML checks: SEON’s AML functionality includes the ability to see if someone’s name or its variations appear on any AML lists, including PEP and relatives lists, crime and fugitives lists, sanctions lists, and so on.
  • Frictionless digital footprinting: This allows you to instantly vet good and bad customers based on a phone number, email address, or IP address only by sourcing real-time data from 90+ online platforms, all before running expensive KYC checks.
  • Dynamic risk scoring: Leverage a traffic light system to automatically accept, decline, or review user actions, including sign-ups and deposits.
  • Pre-KYC to save money: Use the results of data enrichment and risk scoring to block out obvious, provable fraudsters in order to save money on KYC, EDD and other pricey checks.
  • Real-time transaction monitoring and alerts: Stay on top of all your transactions, purchases, or money withdrawals. Export the data for your BSA reports in seconds.

All of the above is available with one of the quickest integration times in the industry. Ready to get started? Click the button below to book a demo, or sign yourself up for a trial to take a look around.


What is BSA AML certification?

A number of companies offer BSA and AML certification programs, which aim to train, test, and prepare individuals for BSA compliance. The price and duration of each program will vary depending on the provider and scope. 

What is BSA AML compliance software?

BSA AML compliance software is designed to monitor transactions, create real-time alerts, and automatically fill the appropriate reports pertaining to BSA law. 

What are the consequences of non-compliance with BSA AML legislation?

Companies who fail to comply with BSA AML mandates risk severe fines as well as potential imprisonment for staff deemed responsible for this. In the USA, where the BSA applies, civil penalties imposed by banking regulators can be as high as $1 million for every single day the violation occurs. Similar AML legislation in the UK can result in up to 14 years of imprisonment, and you can expect similar consequences in most countries.

You might also be interested in:


  • The Bank Secrecy Act
  • Information on Complying with the Customer Due Diligence (CDD) Final Rule

Share article

Speak with a fraud fighter.

Click here

Author avatar
Florian Tanant

Communication Specialist | Florian helps tech startups and global leaders organise their thoughts, find their voices, and connect with customers worldwide.

Sign up for our newsletter

The top stories of the month delivered straight to your inbox