OCC, FDIC & NCUA Propose Risk-Based AML/CFT Program Rules for Banks
The OCC, FDIC, and NCUA are jointly proposing amendments to require banks and credit unions to maintain AML/CFT programs that are risk-based, outcomes-focused, and aligned with the concurrent FinCEN AML Act rulemaking — modernizing a framework that has remained largely unchanged for decades. Banks with crypto-related customers or services should pay particular attention, as the risk-based approach may reshape how they assess and document illicit finance risks associated with digital assets. This proposal runs in parallel with the FinCEN proposal and compliance officers should review both together.
What to do
- Map your current AML/CFT program against the proposed risk-based requirements, identify documentation and governance gaps, and coordinate with your BSA Officer to draft a comment letter or engage your banking regulator during the comment period.
Who this affects
Does this affect your program?
Pick your institution type for an instant read on whether you're in scope — then see exactly which sections of your own policies this changes.
Source
Read the official publicationThis radar entry is educational and does not constitute legal advice. Summaries are AI-assisted and grounded in the linked official source; always verify against the primary source and consult qualified legal counsel for jurisdiction-specific guidance.