Banks Face Tougher Rules to Combat Money Laundering and Terrorism Financing
Published Date: 4/10/2026
Proposed Rule
Summary
Banks and credit unions will need to step up their game to stop money laundering and terrorist financing by creating stronger, smarter programs. These changes line up with new rules from another agency and aim to help catch bad guys faster. You’ve got until June 9, 2026, to share your thoughts before the rules become official, and these updates could shake up how banks handle security and compliance.
Analyzed Economic Effects
7 provisions identified: 3 benefits, 3 costs, 1 mixed.
Banks must have effective AML/CFT programs
Banks and credit unions supervised by the OCC, FDIC, or NCUA must establish and maintain an effective anti-money laundering and countering the financing of terrorism (AML/CFT) program that is reasonably designed to identify, assess, and mitigate illicit finance risks. The rule makes having an effective, implemented program a standing obligation rather than a one-time step.
Required program components spelled out
The proposal explicitly requires banks to have a risk-based set of internal policies, procedures, and controls (including risk assessment processes), ongoing customer due diligence, an ongoing employee training program, and independent AML/CFT program testing. These components must be kept current and updated promptly when a bank knows or has reason to know its ML/TF risks change.
Higher threshold for major enforcement actions
The proposed rule distinguishes failures to 'establish' a program from failures to 'implement' it and states that only significant or systemic failures to implement an established AML/CFT program would warrant an AML/CFT enforcement action or a significant AML/CFT supervisory action. Isolated, technical, or immaterial implementation issues would not, by themselves, justify such actions.
Designated AML officer must be U.S.-based
A bank must designate an individual responsible for establishing and implementing the AML/CFT program who is located in the United States and accessible to FinCEN and the appropriate Agency for oversight and supervision. That person must coordinate and monitor day-to-day compliance.
Agencies must give FinCEN 30-day notice
Before taking an AML/CFT enforcement action or a significant AML/CFT supervisory action, an Agency must give FinCEN written notice at least 30 days beforehand so FinCEN can review the action and provide input. The Agencies must consider any input FinCEN offers about the bank's AML/CFT program.
Aligning Agency rules with FinCEN
The Agencies propose to align their AML/CFT program requirements with FinCEN's concurrently proposed rule so that banks are subject to consistent regulatory text and not required to comply with differing standards between FinCEN and the Agencies. The Agencies say consistent text should avoid additional burden or confusion.
Adds 'CFT' term to program rules
The proposed rule inserts the term 'countering the financing of terrorism (CFT)' into the Agencies' program rules and changes titles (for example, to 'Anti-Money Laundering/Countering the Financing of Terrorism Compliance, Supervision, and Enforcement'). The Agencies say this insertion is technical and is not expected to create new obligations for banks.
Your PRIA Score
Personalized for You
How does this regulation affect your finances?
Sign up for a PRIA Policy Scan to see your personalized alignment score for this federal register document and every other regulation we track. We analyze your financial profile against policy provisions to show you exactly what matters to your wallet.
Key Dates
Department and Agencies
Take It Personal
Get Your Personalized Policy View
Start a Free Government Policy Watch to see how policy affects your household, then upgrade to PRIA Full Coverage for year-round monitoring.
Already have an account? Sign in