Back to Details

anti-money-laundering

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Anti-Money Laundering Compliance

反洗钱(AML)合规

Purpose

目的

Guide the design and operation of Bank Secrecy Act / Anti-Money Laundering (BSA/AML) compliance programs for broker-dealers, banks, and investment advisers. This skill covers FinCEN reporting obligations, OFAC sanctions screening, red flag identification, customer risk rating, and the regulatory framework for detecting and preventing money laundering and terrorist financing.
为经纪交易商、银行和投资顾问提供《银行保密法》/反洗钱(BSA/AML)合规项目的设计与运营指导。本技能涵盖FinCEN申报义务、OFAC制裁筛查、预警信号识别、客户风险评级,以及检测和预防洗钱与恐怖主义融资的监管框架。

Layer

层级

9 — Compliance & Regulatory Guidance
9 — 合规与监管指引

Direction

适用方向

prospective
前瞻性

When to Use

使用场景

  • Designing or reviewing an AML compliance program under FINRA Rule 3310
  • Determining whether a transaction triggers a Currency Transaction Report (CTR) filing
  • Evaluating whether activity warrants a Suspicious Activity Report (SAR)
  • Screening customers or counterparties against the OFAC SDN list
  • Identifying red flags for structuring, layering, or integration
  • Assessing customer risk ratings and risk-based monitoring procedures
  • Reviewing AML obligations for investment advisers under evolving FinCEN rules
  • Handling correspondent or omnibus account due diligence
  • Preparing for an independent AML audit or regulatory examination
  • Understanding FinCEN enforcement trends and penalty exposure
  • 依据FINRA规则3310设计或审查AML合规项目
  • 判断某笔交易是否触发货币交易报告(CTR)申报要求
  • 评估某类活动是否需提交可疑活动报告(SAR)
  • 针对OFAC SDN名单筛查客户或交易对手方
  • 识别结构化交易、分层转移或整合阶段的预警信号
  • 评估客户风险评级及基于风险的监控流程
  • 依据不断更新的FinCEN规则,审查投资顾问的AML义务
  • 处理代理账户或综合账户的尽职调查工作
  • 为独立AML审计或监管检查做准备
  • 了解FinCEN的执法趋势及处罚风险

Core Concepts

核心概念

Bank Secrecy Act (BSA) Framework

《银行保密法》(BSA)框架

The Bank Secrecy Act of 1970 (31 U.S.C. §§ 5311–5332) is the foundational U.S. anti-money laundering statute. It requires financial institutions to assist government agencies in detecting and preventing money laundering by maintaining records and filing reports on certain transactions. The USA PATRIOT Act (2001) significantly expanded BSA obligations, adding enhanced due diligence requirements, information-sharing provisions (Section 314(a) and 314(b)), and the requirement for written AML programs. FinCEN (the Financial Crimes Enforcement Network) is the bureau within the U.S. Treasury Department that administers and enforces BSA compliance. FinCEN issues rules, collects reports (CTRs, SARs), and coordinates with law enforcement.
1970年出台的《银行保密法》(31 U.S.C. §§ 5311–5332)是美国反洗钱领域的基础性法规。它要求金融机构协助政府部门检测和预防洗钱行为,需留存特定交易记录并提交报告。2001年的《美国爱国者法案》大幅扩展了BSA的义务,新增强化尽职调查要求、信息共享条款(第314(a)和314(b)条),以及书面AML项目的强制要求。FinCEN(金融犯罪执法网络)是美国财政部下属的局级机构,负责管理和执行BSA合规要求。FinCEN制定规则、收集报告(CTR、SAR)并与执法部门协同工作。

FINRA Rule 3310 — AML Compliance Program

FINRA规则3310 — AML合规项目

FINRA Rule 3310 requires every FINRA member firm to establish and implement a written AML compliance program that includes four pillars:
  1. Written procedures — Policies and procedures reasonably designed to detect and cause the reporting of suspicious activity. Must be tailored to the firm's business model, products, customer types, and geographic exposure.
  2. Designated AML Compliance Officer (AMLCO) — A qualified individual responsible for day-to-day AML oversight. The AMLCO must be identified by name and title in the firm's written procedures and registered with FINRA. The AMLCO must have sufficient authority, resources, and expertise.
  3. Independent testing (audit) — The AML program must be tested independently at least every calendar year (or every two years if the firm does not execute transactions or hold customer funds/securities). Testing may be performed by qualified internal personnel not involved in the AML program or by an outside party.
  4. Ongoing training — All relevant personnel must receive AML training appropriate to their responsibilities. Training must cover applicable BSA/AML regulations, the firm's own policies, red flags, and how to escalate suspicious activity. Training frequency and content should be documented.
FINRA规则3310要求每个FINRA成员公司建立并实施书面AML合规项目,包含四大核心支柱:
  1. 书面流程 — 合理设计的政策与流程,用于检测并上报可疑活动。需根据公司的业务模式、产品类型、客户群体及地域风险定制。
  2. 指定AML合规官(AMLCO) — 负责日常AML监督的合格人员。AMLCO的姓名和职位必须在公司书面流程中明确,并向FINRA注册。AMLCO需拥有足够的权限、资源和专业能力。
  3. 独立测试(审计) — AML项目必须每年至少进行一次独立测试(若公司不执行交易或不持有客户资金/证券,则每两年一次)。测试可由不参与AML项目的合格内部人员或外部机构执行。
  4. 持续培训 — 所有相关人员必须接受与其职责匹配的AML培训。培训内容需涵盖适用的BSA/AML法规、公司自身政策、预警信号及可疑活动上报流程。培训频率和内容需留存记录。

Currency Transaction Reports (CTRs)

货币交易报告(CTRs)

Financial institutions must file FinCEN Form 112 (CTR) for each cash transaction exceeding $10,000 in a single business day (31 CFR § 1010.311). Key rules:
  • $10,000 threshold — Applies to cash received or disbursed, including currency, coin, cashier's checks (under certain circumstances), and money orders purchased with cash.
  • Aggregation rule — Multiple cash transactions by or on behalf of the same person during a single business day must be aggregated. If the aggregate exceeds $10,000, a CTR is required.
  • Filing deadline — CTRs must be filed within 15 calendar days of the transaction date.
  • Structuring prohibition (31 U.S.C. § 5324) — It is a federal crime to structure transactions (i.e., break up a transaction into smaller amounts) to evade CTR reporting requirements. Both the customer and any employee who assists are liable. Structuring is illegal regardless of the source of the funds — even legitimate funds structured to avoid reporting trigger criminal liability.
  • Exemptions — Certain customers (e.g., listed companies, government agencies, banks) may be exempt from CTR filing under 31 CFR § 1020.315, but exemptions must be documented and periodically reviewed.
金融机构必须针对单个工作日内超过10000美元的现金交易提交FinCEN 112表格(CTR)(31 CFR § 1010.311)。关键规则:
  • 10000美元阈值 — 适用于收到或支付的现金,包括纸币、硬币、 cashier's checks(特定场景下)及用现金购买的汇票。
  • 合并规则 — 同一人或代表同一人在单个工作日内的多笔现金交易需合并计算。若合并金额超过10000美元,则需提交CTR。
  • 申报期限 — 需在交易发生后15个日历日内提交CTR。
  • 结构化交易禁令(31 U.S.C. § 5324) — 将交易拆分为较小金额以规避CTR申报要求属于联邦犯罪。客户及协助拆分的员工均需承担责任。无论资金来源是否合法,结构化交易均属违法,即使是合法资金为规避申报而拆分也会触发刑事责任。
  • 豁免条款 — 特定客户(如上市公司、政府机构、银行)可根据31 CFR § 1020.315豁免CTR申报,但豁免需留存记录并定期审查。

Suspicious Activity Reports (SARs)

可疑活动报告(SARs)

SARs are filed using FinCEN Form 111 to report known or suspected violations of law, suspicious transactions, or transactions with no apparent lawful purpose. Filing thresholds and obligations vary by institution type:
  • Broker-dealers (FINRA members) — Must file a SAR for transactions of $5,000 or more that the firm knows, suspects, or has reason to suspect involve funds from illegal activity, are designed to evade BSA requirements, lack a business or apparent lawful purpose, or involve use of the firm to facilitate criminal activity (31 CFR § 1023.320).
  • Banks — Must file a SAR for transactions of $5,000 or more involving known suspects, or $25,000 or more regardless of suspect identification (31 CFR § 1020.320).
  • Filing deadline — SARs must be filed within 30 calendar days of initial detection. If no suspect is identified, the deadline extends to 60 days.
  • Continuing activity — If suspicious activity continues, the firm must file continuing SARs at least every 90 days.
  • Tipping-off prohibition — It is a violation to notify the subject of the SAR that a SAR has been or will be filed (31 U.S.C. § 5318(g)(2)). This prohibition extends to all employees, officers, and directors. Disclosure of a SAR filing can result in criminal penalties.
  • Safe harbor — Financial institutions and their employees are protected from civil liability for filing SARs in good faith (31 U.S.C. § 5318(g)(3)). This safe harbor applies even if the reported activity turns out to be legitimate.
  • SAR confidentiality — SARs are confidential. They cannot be produced in response to subpoenas, discovery requests, or FOIA requests (with narrow law enforcement exceptions). The underlying facts that triggered the SAR, however, are not themselves privileged.
SAR使用FinCEN 111表格提交,用于上报已知或涉嫌的违法违规行为、可疑交易或无明显合法目的的交易。申报门槛和义务因机构类型而异:
  • 经纪交易商(FINRA成员) — 对于金额5000美元及以上、已知/涉嫌涉及非法资金、旨在规避BSA要求、缺乏商业或合法目的,或利用公司协助犯罪活动的交易,必须提交SAR(31 CFR § 1023.320)。
  • 银行 — 对于涉及已知嫌疑人的5000美元及以上交易,或无论是否识别嫌疑人的25000美元及以上交易,必须提交SAR(31 CFR § 1020.320)。
  • 申报期限 — 需在首次检测到可疑活动后30个日历日内提交。若未识别嫌疑人,期限可延长至60天。
  • 持续活动申报 — 若可疑活动持续,公司需每90天提交一次后续SAR。
  • 泄密禁令 — 通知SAR申报对象已提交或即将提交SAR属于违规行为(31 U.S.C. § 5318(g)(2))。该禁令适用于所有员工、高管和董事。泄露SAR申报信息可能导致刑事处罚。
  • 安全港条款 — 金融机构及其员工善意提交SAR可免受民事责任(31 U.S.C. § 5318(g)(3))。即使上报的活动最终被证明合法,该安全港条款依然适用。
  • SAR保密性 — SAR属于保密文件。除极少数执法例外情况外,不得根据传票、 discovery请求或FOIA请求提供SAR文件。但触发SAR的基础事实本身不享有特权。

OFAC Screening

OFAC筛查

The Office of Foreign Assets Control (OFAC), a bureau within the U.S. Treasury, administers and enforces U.S. economic and trade sanctions. Financial institutions must screen customers, counterparties, and transactions against OFAC-maintained lists:
  • SDN List (Specially Designated Nationals and Blocked Persons) — Individuals and entities owned or controlled by targeted countries, or designated as narcotics traffickers, terrorists, or proliferators. Transactions with SDN-listed parties must be blocked (frozen), and the blocked property must be reported to OFAC within 10 business days.
  • Sectoral Sanctions (SSI List) — Restrictions on specific types of transactions with identified entities (e.g., prohibiting new debt or equity issuance). The transaction is not fully blocked; only the prohibited type of dealing is restricted.
  • Geographic sanctions — Comprehensive sanctions programs prohibit virtually all transactions with certain countries or regions (e.g., North Korea, Iran, Cuba, the Crimea region). Any transaction touching a comprehensively sanctioned jurisdiction must be blocked or rejected.
  • Screening obligations — Firms must screen at account opening, upon receipt of wire transfers or other transactions, and when OFAC updates its lists. Screening must cover all relevant identifiers: names, aliases, addresses, dates of birth, passport numbers, and other identifying information.
  • Strict liability — OFAC violations are a strict liability regime. A firm can be penalized even if it did not know the counterparty was sanctioned. Penalties can reach millions of dollars per violation.
  • Voluntary self-disclosure — OFAC looks favorably on voluntary self-disclosure and considers it a significant mitigating factor in enforcement actions.
OFAC(外国资产控制办公室)是美国财政部下属机构,负责管理和执行美国经济与贸易制裁。金融机构必须针对OFAC维护的名单筛查客户、交易对手方及交易:
  • SDN名单(特别指定国民和被封锁人员名单) — 包含受制裁国家拥有或控制的个人和实体,或被列为毒品贩运者、恐怖分子或扩散者的对象。与SDN名单主体的交易必须被冻结,并需在10个工作日内向OFAC上报被冻结的资产。
  • 行业制裁(SSI名单) — 针对特定实体的特定交易类型施加限制(如禁止新的债务或股权发行)。交易并非完全被冻结,仅受限的交易类型被禁止。
  • 地域制裁 — 全面制裁项目禁止与特定国家或地区(如朝鲜、伊朗、古巴、克里米亚地区)进行几乎所有交易。涉及全面制裁辖区的任何交易必须被冻结或拒绝。
  • 筛查义务 — 公司必须在开户时、收到电汇或其他交易时,以及OFAC更新名单时进行筛查。筛查需覆盖所有相关识别信息:姓名、别名、地址、出生日期、护照号码及其他身份信息。
  • 严格责任 — OFAC违规属于严格责任制度。即使公司不知情,与受制裁对手方交易也可能被处罚。单次违规处罚金额可达数百万美元。
  • 自愿自曝 — OFAC对自愿自曝持积极态度,并将其作为执法行动中的重要减轻因素。

Red Flags for Money Laundering

洗钱预警信号

Money laundering follows three stages — placement (introducing illicit funds into the financial system), layering (obscuring the trail through complex transactions), and integration (reintroducing laundered funds into the legitimate economy). Key red flags include:
  • Structuring — Deposits or withdrawals just below $10,000 (e.g., $9,500, $9,800), especially if repeated across days or accounts. Multiple deposits at different branches in a single day.
  • Rapid movement of funds — Funds received and immediately wired out, particularly to unrelated third parties or foreign jurisdictions. No economic rationale for the speed of movement.
  • Layering patterns — Multiple transfers between accounts at different institutions, use of intermediary accounts, frequent conversion between asset types (cash to securities to wire transfers), round-dollar transactions with no apparent business purpose.
  • Integration patterns — Purchase of high-value assets (real estate, luxury goods, securities) with funds of unclear origin. Use of investment accounts to create the appearance of legitimate investment returns.
  • Shell company activity — Accounts held by entities with no apparent business operations, nominal capital, nominee directors, or registered in secrecy jurisdictions. Transactions that do not correspond to the entity's stated business purpose.
  • Unusual customer behavior — Reluctance to provide identification, use of multiple SSNs or TINs, frequent changes to account ownership or signatory authority, unexplained wealth inconsistent with known employment or business.
  • Geographic risk — Transactions involving jurisdictions identified as high risk by FATF, FinCEN advisories, or the firm's own risk assessment. Unexplained connections to countries with weak AML regimes or under comprehensive sanctions.
  • Third-party transactions — Deposits or payments by unrelated third parties with no clear explanation, especially if the third party has no apparent relationship to the account holder.
洗钱分为三个阶段 — 放置(将非法资金引入金融体系)、分层(通过复杂交易掩盖资金轨迹)、整合(将洗白后的资金重新引入合法经济体系)。主要预警信号包括:
  • 结构化交易 — 存款或取款金额略低于10000美元(如9500美元、9800美元),尤其是跨日或跨账户重复发生的情况。单日内在不同分支机构多次存款。
  • 资金快速转移 — 收到资金后立即汇出,尤其是汇给无关第三方或境外辖区。资金转移速度无经济合理性。
  • 分层交易模式 — 在不同机构账户间多次转账、使用中间账户、频繁转换资产类型(现金转证券再转电汇)、无明显商业目的的整数金额交易。
  • 整合交易模式 — 用来源不明的资金购买高价值资产(房地产、奢侈品、证券)。利用投资账户制造合法投资收益的假象。
  • 空壳公司活动 — 由无明显业务运营、名义资本、代持董事或注册在保密辖区的实体持有账户。交易与实体声明的业务目的不符。
  • 异常客户行为 — 不愿提供身份证明、使用多个SSN或TIN、频繁变更账户所有权或签字权限、无法解释的财富与已知职业或业务不符。
  • 地域风险 — 涉及FATF、FinCEN公告或公司自身风险评估认定为高风险辖区的交易。与AML制度薄弱或受全面制裁国家存在无法解释的关联。
  • 第三方交易 — 无关第三方进行存款或支付且无合理解释,尤其是第三方与账户持有人无明显关系的情况。

AML for Investment Advisers

投资顾问的AML要求

Historically, registered investment advisers (RIAs) have not been subject to BSA/AML program requirements, although the SEC has long advocated extending these rules. In 2024, FinCEN issued a final rule (effective January 1, 2026) requiring certain investment advisers — specifically, SEC-registered investment advisers and exempt reporting advisers — to establish AML/CFT programs, file SARs, and comply with other BSA requirements (31 CFR Part 1032). Key elements:
  • Investment advisers covered by the rule must implement risk-based AML programs with the same four pillars as broker-dealers (written procedures, designated compliance officer, independent testing, training).
  • Advisers must file SARs and comply with FinCEN information-sharing requests under Section 314(a).
  • Advisers with bank or broker-dealer affiliates should coordinate their AML programs to avoid gaps.
  • State-registered advisers are not currently covered, but FinCEN may expand coverage in the future.
历史上,注册投资顾问(RIA)无需遵守BSA/AML项目要求,尽管SEC长期倡导扩展此类规则。2024年,FinCEN发布最终规则(2026年1月1日生效),要求特定投资顾问 — 尤其是SEC注册投资顾问和豁免申报顾问 — 建立AML/CFT项目、提交SAR并遵守其他BSA要求(31 CFR Part 1032)。核心内容:
  • 受规则约束的投资顾问必须实施基于风险的AML项目,包含与经纪交易商相同的四大支柱(书面流程、指定合规官、独立测试、培训)。
  • 顾问必须提交SAR并遵守FinCEN第314(a)条下的信息共享请求。
  • 拥有银行或经纪交易商关联机构的顾问需协调其AML项目,避免出现监控漏洞。
  • 州注册顾问目前不受约束,但FinCEN未来可能扩展覆盖范围。

Correspondent and Omnibus Account Considerations

代理账户与综合账户考量

Enhanced due diligence applies to correspondent accounts for foreign financial institutions (Section 312 of the USA PATRIOT Act, 31 CFR § 1010.610):
  • Firms must assess the AML risk posed by each foreign correspondent relationship, considering the jurisdiction's AML regime, the institution's AML controls, and the nature of the correspondent services provided.
  • For shell banks, correspondent accounts are prohibited. Firms must obtain certifications that the foreign institution is not a shell bank and that it will not permit its accounts to be used by shell banks.
  • Omnibus accounts (where a single account holds positions for multiple underlying clients) present heightened risk because the firm may have limited visibility into the ultimate beneficial owners. Firms should obtain sufficient information to identify and monitor for suspicious activity, and may need to "look through" the omnibus structure in certain circumstances.
针对外国金融机构的代理账户需执行强化尽职调查(《美国爱国者法案》第312条,31 CFR § 1010.610):
  • 公司必须评估每个外国代理关系带来的AML风险,考量辖区的AML制度、机构的AML控制措施及代理服务的性质。
  • 禁止为空壳银行开设代理账户。公司必须获取外国机构的证明,确认其并非空壳银行且不会允许其账户被空壳银行使用。
  • 综合账户(单个账户持有多个底层客户的头寸)风险更高,因为公司可能对最终受益所有人的 visibility有限。公司应获取足够信息以识别和监控可疑活动,在特定情况下可能需要“穿透”综合账户结构。

Customer Risk Rating

客户风险评级

A risk-based approach requires firms to assess and assign risk ratings to customers based on factors including:
  • Customer type — Individuals, entities, trusts, PEPs (politically exposed persons), non-resident aliens, foreign financial institutions.
  • Geographic risk — Customer domicile, transaction counterparties, and fund flow jurisdictions.
  • Product/service risk — Higher-risk products include private banking, correspondent accounts, wire transfers, and accounts holding securities in bearer form.
  • Transaction patterns — Volume, frequency, and nature of transactions relative to the customer's profile.
Risk ratings should be documented, periodically reviewed, and updated when new information becomes available. Higher-risk customers warrant enhanced due diligence (EDD), which may include more frequent transaction monitoring, senior management approval for account opening, and collection of additional documentation on source of funds and source of wealth.
基于风险的方法要求公司根据以下因素评估并分配客户风险评级:
  • 客户类型 — 个人、实体、信托、PEP(政治公众人物)、非居民外国人、外国金融机构。
  • 地域风险 — 客户住所地、交易对手方及资金流向辖区。
  • 产品/服务风险 — 高风险产品包括私人银行业务、代理账户、电汇及持有无记名证券的账户。
  • 交易模式 — 交易量、频率及性质与客户档案的匹配度。
风险评级需留存记录、定期审查,并在获取新信息时更新。高风险客户需执行强化尽职调查(EDD),可能包括更频繁的交易监控、开户需高管批准、收集额外的资金来源和财富来源文件。

Recordkeeping Requirements

记录留存要求

BSA/AML regulations impose specific recordkeeping obligations:
  • SARs — Supporting documentation must be retained for 5 years from the date of filing (31 CFR § 1010.320(d)). The SAR itself and all supporting documentation must be made available to FinCEN and law enforcement upon request.
  • CTRs — Records must be retained for 5 years from the date of the report (31 CFR § 1010.306(a)).
  • CIP records — Customer identification records (copies of identification documents or descriptions of documents reviewed, methods used to verify identity) must be retained for 5 years after the account is closed (31 CFR § 1023.220(a)(3)).
  • Correspondence and transaction records — Generally retained for 5 years under BSA and FINRA Rules (FINRA Rule 3110, SEC Rule 17a-4).
  • Firms should ensure that AML records are organized, retrievable, and protected from unauthorized access or alteration.
BSA/AML法规规定了特定的记录留存义务:
  • SARs — 支持文件需自申报之日起留存5年(31 CFR § 1010.320(d))。SAR本身及所有支持文件需在FinCEN和执法部门要求时提供。
  • CTRs — 记录需自报告之日起留存5年(31 CFR § 1010.306(a))。
  • CIP记录 — 客户身份识别记录(身份证明文件副本或审查的文件描述、身份验证方法)需在账户关闭后留存5年(31 CFR § 1023.220(a)(3))。
  • 通信与交易记录 — 通常需根据BSA和FINRA规则(FINRA规则3110、SEC规则17a-4)留存5年。
  • 公司需确保AML记录有序、可检索,并防止未经授权的访问或篡改。

FinCEN Enforcement Trends and Penalties

FinCEN执法趋势与处罚

FinCEN has significantly increased enforcement activity in recent years. Key trends include:
  • Escalating penalties — Civil money penalties can reach the greater of the amount involved in the transaction (up to $1 million) or $77,651 per violation (adjusted for inflation under 31 U.S.C. § 5321). Criminal penalties can include imprisonment of up to 10 years.
  • Individual accountability — FinCEN and DOJ increasingly pursue enforcement actions against individual compliance officers and senior management, not just institutions.
  • Willful blindness — Firms and individuals can be held liable for willfully failing to implement adequate AML controls, even without direct knowledge of specific illicit transactions.
  • Areas of focus — Virtual currency exchanges and administrators, money services businesses, and firms with repeated examination deficiencies. FinCEN has also focused on failures to file timely and complete SARs.
  • Coordination with other regulators — FinCEN actions are frequently accompanied by parallel actions from the SEC, FINRA, OCC, or DOJ, resulting in cumulative penalties and remedial orders.
  • Beneficial Ownership Information (BOI) — The Corporate Transparency Act (effective 2024) requires many companies to report beneficial ownership information to FinCEN, creating a new tool for AML enforcement and due diligence.
近年来FinCEN的执法活动显著增加。主要趋势包括:
  • 处罚升级 — 民事罚款可达交易涉及金额(最高100万美元)或单次违规77651美元(根据31 U.S.C. § 5321通胀调整)中的较高者。刑事处罚包括最高10年监禁。
  • 个人问责 — FinCEN和DOJ越来越多地针对合规官和高管个人采取执法行动,而非仅针对机构。
  • 故意视而不见 — 即使未直接知晓特定非法交易,公司和个人若故意未实施充分的AML控制措施,也需承担责任。
  • 重点领域 — 虚拟货币交易所和运营商、货币服务企业及存在多次检查缺陷的公司。FinCEN还重点关注未及时、完整提交SAR的情况。
  • 与其他监管机构协同 — FinCEN的行动常伴随SEC、FINRA、OCC或DOJ的并行行动,导致累计处罚和整改命令。
  • 受益所有权信息(BOI) — 《公司透明度法案》(2024年生效)要求众多公司向FinCEN上报受益所有权信息,为AML执法和尽职调查提供了新工具。

Worked Examples

实操案例

Example 1: Detecting structuring across multiple accounts

案例1:检测跨账户结构化交易

Scenario: A customer at a broker-dealer makes the following cash deposits over a five-day period: Monday — $8,000 into Account A; Tuesday — $7,500 into Account B (same customer, different registration); Wednesday — $9,000 into Account A; Thursday — $6,000 into Account A; Friday — $8,500 into Account B. No individual deposit or single-day aggregate exceeds $10,000, so no CTR is filed. A compliance analyst reviewing weekly transaction reports notices the pattern. Compliance Issues:
  • Although no individual day triggers a CTR, the pattern of repeated cash deposits just below $10,000 across multiple accounts is a classic structuring indicator (31 U.S.C. § 5324).
  • The firm has an obligation to monitor for structuring regardless of whether CTR thresholds are met.
  • If the analyst has reason to suspect that the transactions are designed to evade CTR requirements, a SAR must be filed. Analysis: The compliance analyst should escalate the pattern to the AMLCO. The AMLCO should review the customer's profile, transaction history, and stated source of funds. If the cash deposits are inconsistent with the customer's known business or employment, or if the customer has no apparent reason to make frequent cash deposits into a brokerage account, the firm should file a SAR on FinCEN Form 111 within 30 days of the analyst's detection of the pattern. The SAR narrative should describe the structuring pattern, including dates, amounts, and accounts involved. The firm must not inform the customer that a SAR has been filed (tipping-off prohibition). The firm should also consider whether the customer's risk rating should be elevated and whether enhanced monitoring is warranted going forward. All supporting documentation — transaction records, analyst notes, escalation communications — must be retained for 5 years.
场景:某经纪交易商的客户在5天内进行了以下现金存款:周一 — 向账户A存入8000美元;周二 — 向账户B(同一客户,不同注册信息)存入7500美元;周三 — 向账户A存入9000美元;周四 — 向账户A存入6000美元;周五 — 向账户B存入8500美元。单笔存款或单日合并金额均未超过10000美元,因此未提交CTR。合规分析师在审查周交易报告时发现该模式。 合规问题
  • 尽管单日未触发CTR门槛,但跨账户多次存入略低于10000美元现金的模式是典型的结构化交易迹象(31 U.S.C. § 5324)。
  • 无论是否达到CTR门槛,公司均有义务监控结构化交易。
  • 若分析师有理由怀疑交易旨在规避CTR要求,则必须提交SAR。 分析: 合规分析师应将该模式上报给AMLCO。AMLCO需审查客户档案、交易历史及声明的资金来源。若现金存款与客户已知业务或职业不符,或客户无明显理由频繁向经纪账户存入现金,公司应在分析师检测到模式后30天内通过FinCEN 111表格提交SAR。SAR描述需包含结构化交易模式、日期、金额及涉及账户。公司不得告知客户已提交SAR(泄密禁令)。公司还应考虑是否提升客户风险评级及是否需要后续强化监控。所有支持文件 — 交易记录、分析师笔记、上报沟通记录 — 需留存5年。

Example 2: Identifying layering through rapid fund movements

案例2:通过资金快速转移识别分层交易

Scenario: A newly opened brokerage account receives a $500,000 incoming wire from a foreign bank in a FATF-identified high-risk jurisdiction. Within three business days, the customer purchases and sells several highly liquid equities at negligible profit or loss, then requests an outgoing wire of $490,000 to a different bank in a third country. The customer has no prior trading history and the account application lists the customer as a "consultant" with no further detail. Compliance Issues:
  • Rapid movement of large funds through securities transactions with no apparent profit motive is a hallmark of layering — the second stage of money laundering.
  • The foreign-source wire from a high-risk jurisdiction triggers enhanced due diligence obligations.
  • The near-immediate outbound wire to a different jurisdiction suggests the brokerage account is being used as a pass-through vehicle.
  • The vague occupation and lack of trading history are additional red flags. Analysis: The firm should immediately place a hold on the outgoing wire pending review by the AMLCO. The AMLCO should request additional information from the customer regarding the source of the incoming funds, the purpose of the trades, and the relationship to the recipient of the outgoing wire. Regardless of the customer's response, the pattern of activity — incoming wire from a high-risk jurisdiction, rapid buy-sell transactions with no economic rationale, and near-immediate outbound wire to a third country — strongly warrants a SAR filing. The SAR narrative should detail the timeline, amounts, counterparties, and the absence of legitimate business purpose. The firm should also evaluate whether to file a voluntary self-disclosure with OFAC if any aspect of the transaction involves a sanctioned jurisdiction or party. The customer's risk rating should be elevated to high, and the firm should consider whether to exit the relationship (file a SAR before closing the account, and do not disclose the SAR as the reason for account closure).
场景:一个新开立的经纪账户收到来自FATF认定高风险辖区境外银行的50万美元电汇。3个工作日内,客户买卖多只高流动性股票,利润或损失可忽略不计,随后要求向第三国另一家银行汇出49万美元。客户无过往交易记录,账户申请表将客户列为“顾问”,无进一步细节。 合规问题
  • 大额资金通过证券交易快速转移且无明显盈利动机,是洗钱第二阶段 — 分层交易的典型特征。
  • 来自高风险辖区的境外电汇触发强化尽职调查义务。
  • 近乎立即向其他辖区汇出资金表明经纪账户被用作中转工具。
  • 模糊的职业描述和无交易记录是额外的预警信号。 分析: 公司应立即暂停汇出资金,等待AMLCO审查。AMLCO应要求客户提供汇入资金来源、交易目的及与收款方关系的额外信息。无论客户如何回应,该活动模式 — 来自高风险辖区的电汇、无经济合理性的快速买卖交易、近乎立即向第三国汇出资金 — 强烈需要提交SAR。SAR描述需包含时间线、金额、交易对手方及缺乏合法商业目的的情况。若交易涉及受制裁辖区或主体,公司还应评估是否向OFAC自愿自曝。客户风险评级应提升至高风险,公司应考虑是否终止客户关系(关闭账户前提交SAR,且不得将SAR作为关闭账户的理由告知客户)。

Example 3: Handling a match on the OFAC SDN list during onboarding

案例3:开户时处理OFAC SDN名单匹配

Scenario: During the account opening process, a broker-dealer's automated screening system generates a potential match between a new applicant and an individual on the OFAC SDN list. The applicant's name is "Ahmad Al-Rashid," which matches an SDN entry. The applicant's date of birth and passport country also align with the SDN entry's identifying information. Compliance Issues:
  • If the applicant is indeed the SDN-listed individual, the firm is prohibited from opening the account and must block any property or interests in property of the individual.
  • OFAC violations carry strict liability — the firm is responsible even if it inadvertently transacts with a sanctioned person.
  • A false positive (a different person with the same name) must be carefully distinguished from a true match. Analysis: The firm should not open the account pending resolution of the OFAC match. The compliance team should compare all available identifying information — full legal name, aliases, date of birth, nationality, passport number, address — against the SDN entry. If the identifying details match or are substantially similar and cannot be distinguished, the firm must treat the applicant as a blocked person. The firm must reject the account application, block any funds or property submitted with the application, and file a blocked property report with OFAC within 10 business days using OFAC's online reporting system. If the compliance team determines that the applicant is definitively not the SDN-listed individual (e.g., different date of birth, different passport number, different country of citizenship), the firm should document the basis for the false-positive determination, retain the documentation, and proceed with normal account opening and CIP/CDD procedures. In ambiguous cases where the firm cannot conclusively confirm or rule out a match, the firm should contact OFAC's hotline (1-800-540-6322) for guidance before proceeding. The entire screening process, analysis, and disposition must be documented and retained.
场景:开户过程中,经纪交易商的自动筛查系统显示新申请人与OFAC SDN名单中的个人存在潜在匹配。申请人姓名为“Ahmad Al-Rashid”,与SDN条目匹配。申请人的出生日期和护照国家也与SDN条目的身份信息一致。 合规问题
  • 若申请人确实是SDN名单中的个人,公司禁止为其开户,必须冻结该个人的任何资产或财产权益。
  • OFAC违规属于严格责任 — 即使公司无意中与受制裁人员交易,也需承担责任。
  • 必须仔细区分误匹配(同名不同人)与真实匹配。 分析: 在解决OFAC匹配问题前,公司不得开户。合规团队需将所有可用身份信息 — 全名、别名、出生日期、国籍、护照号码、地址 — 与SDN条目进行比对。若身份信息匹配或高度相似且无法区分,公司必须将申请人视为被封锁人员。公司需拒绝开户申请、冻结随申请提交的任何资金或财产,并在10个工作日内通过OFAC在线报告系统提交冻结资产报告。若合规团队确定申请人并非SDN名单中的个人(如出生日期不同、护照号码不同、国籍不同),公司需记录误匹配的判定依据、留存文件,并继续正常开户及CIP/CDD流程。若无法明确确认或排除匹配,公司应联系OFAC热线(1-800-540-6322)获取指导后再行动。整个筛查流程、分析及处理结果需记录并留存。

Common Pitfalls

常见误区

  • Filing CTRs but failing to monitor for structuring — the obligation to detect evasion exists independently of the CTR filing obligation
  • Treating SAR filing as a one-time event rather than monitoring for continuing suspicious activity and filing 90-day continuing SARs
  • Tipping off customers about SAR filings, including indirectly by citing "compliance concerns" as the reason for account closure or transaction rejection
  • Relying solely on automated OFAC screening without manual review of potential matches — fuzzy matching algorithms require human judgment to resolve
  • Failing to screen existing customers when OFAC updates its SDN list — screening must be ongoing, not limited to account opening
  • Applying a one-size-fits-all approach to customer risk rating instead of a risk-based methodology that accounts for customer type, geography, products, and transaction patterns
  • Inadequate SAR narratives that describe what happened but fail to explain why the activity is suspicious or lacks a lawful purpose
  • Treating the AML program as a static document rather than updating it as the firm's business, customer base, and risk profile evolve
  • Assuming investment advisers have no AML obligations — the 2024 FinCEN final rule will require covered advisers to implement full BSA/AML programs effective January 1, 2026
  • Failing to coordinate AML monitoring across affiliated entities (e.g., a broker-dealer and investment adviser under common ownership), creating gaps in detection
  • Neglecting to document the independent testing (audit) findings and the firm's remediation of identified deficiencies
  • Not retaining SAR and CTR supporting documentation for the full 5-year period required under BSA regulations
  • 提交CTR但未监控结构化交易 — 规避检测义务独立于CTR申报义务存在
  • 将SAR申报视为一次性事件,未监控持续可疑活动及提交90天后续SAR
  • 向客户透露SAR申报事宜,包括间接以“合规问题”作为关闭账户或拒绝交易的理由
  • 仅依赖自动OFAC筛查,未手动审查潜在匹配 — 模糊匹配算法需要人工判断来解决
  • OFAC更新SDN名单时未筛查现有客户 — 筛查必须持续进行,而非仅限于开户阶段
  • 采用一刀切的客户风险评级方法,未使用考虑客户类型、地域、产品及交易模式的基于风险的方法
  • SAR描述仅说明发生了什么,未解释活动为何可疑或缺乏合法目的
  • 将AML项目视为静态文件,未根据公司业务、客户群体及风险概况的变化进行更新
  • 假设投资顾问无AML义务 — 2024年FinCEN最终规则要求受约束的顾问自2026年1月1日起实施完整的BSA/AML项目
  • 未在关联实体间协调AML监控(如共同所有权下的经纪交易商和投资顾问),导致检测漏洞
  • 未留存独立测试(审计)结果及公司对发现缺陷的整改记录
  • 未按BSA法规要求将SAR和CTR支持文件留存满5年

Cross-References

交叉引用

  • know-your-customer (Layer 9) — CIP and CDD are prerequisite inputs to AML monitoring; customer identification and verification feed directly into risk rating and transaction monitoring
  • sales-practices (Layer 9) — Supervisory systems for detecting unsuitable activity overlap with AML surveillance for detecting suspicious transaction patterns
  • client-disclosures (Layer 9) — AML program disclosures at account opening and the interplay between SAR confidentiality and client communication obligations
  • know-your-customer(层级9) — CIP和CDD是AML监控的前提输入;客户身份识别与验证直接为风险评级和交易监控提供数据
  • sales-practices(层级9) — 检测不当活动的监督系统与检测可疑交易模式的AML监控存在重叠
  • client-disclosures(层级9) — 开户时的AML项目披露,以及SAR保密性与客户沟通义务之间的相互作用