Skip to main content
Welcome to the new FINRA.org. Learn more about our updates.
Create your own user feedback survey

Anti-Money Laundering (AML)

Regulatory Obligations

The Bank Secrecy Act (BSA) requires firms to monitor for, detect and report suspicious activity to the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN). Further, FINRA Rule 3310 (Anti-Money Laundering Compliance Program) requires that members develop and implement a written AML program reasonably designed to comply with the requirements of the BSA and regulations promulgated thereunder. FINRA also notes that FinCEN’s CDD rule requires that firms identify beneficial owners of legal entity customers, understand the nature and purpose of customer accounts, conduct ongoing monitoring of customer accounts to identify and report suspicious transactions, and—on a risk basis—update customer information.6

Noteworthy Examination Findings

FINRA identified the following issues relating to firms’ AML programs, including challenges with transaction monitoring systems.

  • Inadequate AML Transaction Monitoring – FINRA noted deficiencies in the design and implementation of systems and processes to detect and report suspicious activity:
    • Some firms did not tailor their transaction monitoring to address the risk(s) relating to the firms’ business (for example, some firms did not adjust their AML programs for new sources of revenue or higher-risk customers with increased levels of activity, and other firms relied on FINRA’s AML resources without tailoring them to the firms’ business);7
    • Deficient transaction monitoring for suspicious trading and possible related money-laundering activity, which may have been due to an ongoing misconception that securities trading does not need to be monitored for suspicious activity reporting purposes, or inadequate delegation of duties to a group outside of the AML department (e.g., the securities trading desk). As a result, some firms failed to detect red flags such as market dominance, prearranged trading or instances where groups of seemingly unrelated accounts were working in concert to manipulate stock prices; and
    • Transaction monitoring processes that were not reasonably designed to identify and investigate red flags associated with third-party wire transfers, where such red flags might include transfer requests that are out of the ordinary for the customer or appear designed to deter verification of the transfer instructions.
  • Overreliance on Clearing Firms – FINRA found that some introducing firms continued to rely primarily or entirely on their clearing firm for transaction monitoring and suspicious activity reporting. While clearing firm inquiries about certain customers or activities can be triggers for further review by introducing firms, introducing firms are required to monitor for suspicious activity attempted or conducted through the firm.8

Additional Resources


6 See Regulatory Notices 17-40 (FINRA Provides Guidance to Firms Regarding Ant-Money Laundering Program Requirements Under FINRA Rule 3310 Following Adopting of FinCEN’s Final Rule to Enhance Customer Due Diligence Requirements For Financial Institutions) and 18-19 ((FINRA Amends Rule 3310 to Conform to FinCEN’s Final Rule on Customer Due Diligence Requirements for Financial Institutions) for additional information.

7 See Regulatory Notice 19-18 (FINRA Provides Guidance to Firms Regarding Suspicious Activity Monitoring and Reporting Obligations) for a list of potential red flags that firms should consider when designing an effective AML compliance program that is tailored to their business.