- Key insight: Fincen’s plan to reform AML/CFT program requirements deserves praise, but its reporting forms are still broken. A handful of key changes would meaningfully reduce compliance burden without reducing investigative value.
- Supporting data: Of the approximately 167 million currency transaction reports, filed by financial institutions between 2014 and 2023, law enforcement accessed just 5.4%. Not 54%. Five point four.
- Forward look: If Fincen wants banks to prove that their programs work, the forms they use to report their findings to law enforcement must work, too.
Of the approximately 167 million currency transaction reports, or CTRs, filed by financial institutions between 2014 and 2023, law enforcement accessed just 5.4%. Not 54%. Five point four.
Processing Content
On April 7, Fincen released a
For years, banks
Treasury Secretary Scott Bessent was blunt about the NPRM’s intent: The current approach asks financial institutions to demonstrate effort, not actual effectiveness. The new approach will require them to show real results.
The rule also sends a clear signal on the use of technology, including generative artificial intelligence, machine learning and blockchain analytics. Fincen explicitly recognizes that fostering technological innovation in the fight against money laundering and terrorism financing is vital to improving financial crime compliance. For institutions that still rely on rules-based transaction monitoring systems, the NPRM is tantamount to a directive to modernize.
The one critical problem left unaddressed by the proposed rule? The reporting forms themselves.
The NPRM’s underlying principle — that AML programs must be defensible, risk-calibrated and transparent to regulatory examination — applies just as much to those programs’ outputs as to their designs. Suspicious activity reports, or SARs, that capture victim information in an unstructured text field cannot be deemed explainable. And CTRs with transaction amounts that have been aggregated and manipulated to fit form field limitations cannot be deemed a transparent record.
In other words, if Fincen wants banks to prove that their programs work, the forms they use to report their findings to law enforcement must work, too.
CTRs and SARs are the primary outputs of every bank’s AML program, as mandated by the Bank Secrecy Act, or BSA, and subsequent regulations. That 5.4% figure bears repeating here: A
Four changes would make an immediate and measurable difference to the burden of regulatory reports on banks, allowing them to spend more time on “highly useful” investigations and BSA filings.
First, eliminate the conductor and beneficiary designations on the CTR. While these fields are conceptually logical, they’re operationally quite painful. It’s nearly impossible to cleanly map them from their teller and core banking systems to their AML platforms. This translates into significant time spent correcting and amending filings. Moreover, the data captured in these fields rarely enhances law enforcement’s ability to act on a given report. Removing them would streamline the filing process without losing meaningful investigative value.
Second, eliminate transaction aggregation requirements for CTRs. The requirement to combine multiple transactions by, or on behalf of, the same person within a business day creates needless noise and friction. Beyond being operationally cumbersome, the required aggregation results in filings that are often more confusing than they are useful to law enforcement. Streamlining CTR filings to single transactions would significantly reduce the time compliance teams spend manipulating and reconciling data. In turn, they could put more resources into investigations, where human judgment matters much more.
Third, add a victim section to the SAR, mirroring the existing subject section. Currently, institutions report victim information as free text within the narrative, or they incorrectly repurpose the subject field to include nonsubject information. This makes it difficult for law enforcement to extract relevant details and act on them efficiently. Frankly, a system that gives investigators a structured, searchable field for the subject of a SAR but buries victim information in a narrative text box has its priorities backwards. A dedicated victim section would produce cleaner data without additional burden to filers — and it would demonstrate that, more than mere compliance, the reporting system exists to serve justice.
Fourth, eliminate the product and instrument type fields (sections 45 and 46) from the SAR. These fields add friction without adding value, as this information is almost universally captured in the narrative and/or attached transaction data. Removing these sections would reduce the time analysts spend completing reports, again without loss of investigative value for law enforcement.
None of these proposed reforms are radical or contrary to the spirit or intent of Fincen’s April 7 NPRM. To the contrary, they’re exactly the kinds of targeted operational improvements that the compliance community has long sought. The GAO report and Fincen’s own
The current forms were designed for a different compliance model, built in a different era. The NPRM implicitly acknowledges as much — it just stops short of updating them.
Regulators are telling FIs something the data has shown for years: The volume of institutions’ CTRs and SARs is not a proxy for program effectiveness. Fincen’s proposed AML/CFT program reforms will make compliance more efficient and much more focused on genuine risk — but the reporting infrastructure must be addressed in parallel.
Fincen has the authority and the momentum to go further. A companion document specifically targeting CTR and SAR modernization would complete what this NPRM begins — and it would prove that Fincen’s commitment to effectiveness over paperwork is a practice, not just a principle.
