Table of Contents
Anti-money laundering is the body of laws, regulations, policies, and institutional procedures designed to detect, report, prevent, and ultimately prosecute the process by which the proceeds of criminal activity are introduced into the legitimate financial system and transformed into assets that appear lawfully acquired — a system whose regulatory foundation in the United States is the Bank Secrecy Act of 1970, as substantially expanded by the USA PATRIOT Act of 2001 and the Anti-Money Laundering Act of 2020, and whose specific requirements for broker-dealers are codified in FINRA Rule 3310, administered by the Financial Crimes Enforcement Network of the United States Treasury Department. Every broker-dealer registered with FINRA is subject to comprehensive anti-money laundering compliance obligations without exception — a mandatory written program approved by senior management, a designated anti-money laundering compliance officer, independent annual testing, ongoing employee training, a risk-based Customer Identification Program, Customer Due Diligence procedures including beneficial ownership collection for legal entity customers, and the obligation to file Suspicious Activity Reports with FinCEN when transactions meeting defined thresholds give rise to suspicion of money laundering, terrorist financing, securities fraud, or other financial crime. The 2024 FinCEN final rule extending anti-money laundering obligations to registered investment advisers and exempt reporting advisers — currently with an effective date of January 1, 2028 following FinCEN's extension published in January 2026 — represents the most significant expansion of the anti-money laundering regulatory perimeter in the securities industry in two decades. This entry examines the definition and three stages of money laundering, the statutory framework from the Bank Secrecy Act through the Anti-Money Laundering Act of 2020, the specific obligations imposed on broker-dealers under FINRA Rule 3310, the Suspicious Activity Report and Currency Transaction Report filing requirements with their specific thresholds, the Customer Identification Program and Customer Due Diligence rules, the evolving regulatory treatment of investment advisers, and the examination-critical concepts that appear throughout the SIE, Series 7, and Series 65 curricula.
Money laundering is the process through which the proceeds of criminal activity — drug trafficking, fraud, corruption, tax evasion, human trafficking, and other predicate offences — are transformed into funds that appear to have a legitimate origin, allowing criminals to use their gains without revealing their illegal source. The term derives from the historical use of cash-intensive laundries and similar businesses to commingle criminal proceeds with legitimate revenue, making the total receipts appear to arise from lawful commercial operations. Modern money laundering exploits the complexity of global financial markets, cross-border capital flows, shell company structures, and digital assets to achieve the same concealment objective with far greater sophistication.
Money laundering does not merely benefit individual criminals — it corrupts financial institutions, undermines market integrity, enables the financing of terrorism and organised crime, distorts capital allocation, and erodes public trust in the financial system. Estimates from the United Nations Office on Drugs and Crime suggest that the annual amount of money laundered globally represents somewhere between two and five percent of global GDP — a figure in the trillions of dollars annually, though precise measurement is inherently difficult given the concealed nature of the activity.
Money laundering is conventionally described as a three-stage process, though in practice the stages may overlap or occur simultaneously depending on the sophistication of the laundering scheme. Understanding all three stages is fundamental to the SIE, Series 7, and Series 65 examination curricula.
Placement is the first and often most dangerous stage — the initial introduction of criminal proceeds into the legitimate financial system. The funds at this stage are most directly traceable to their criminal source, making this the stage at which criminals face the greatest detection risk. Placement methods include structuring cash deposits to avoid currency reporting requirements, purchasing monetary instruments such as money orders or cashier's checks with cash, smuggling physical currency across borders, or using cash-intensive businesses to commingle criminal proceeds with legitimate revenue.
Layering is the second stage — the process of separating the funds from their criminal source through a series of complex financial transactions designed to obscure the audit trail. Wire transfers between multiple accounts in different countries, the purchase and sale of financial instruments, the use of shell companies and nominee accounts, and increasingly sophisticated cryptocurrency-based techniques are all common layering methods. The goal of layering is to create a transactional history so complex that tracing the funds back to their original criminal source becomes practically impossible.
Integration is the third stage — the reinsertion of the laundered funds into the legitimate economy in a form that appears entirely lawful. At this stage the money has acquired a clean provenance through the placement and layering process and can be used to purchase real estate, luxury goods, business assets, or financial investments without raising suspicion. Integration is the stage at which the laundering process is complete and the criminal fully benefits from their proceeds.
The Bank Secrecy Act, formally known as the Currency and Foreign Transactions Reporting Act, was enacted on October 26, 1970 as the first comprehensive federal anti-money laundering statute in the United States. Its primary purpose was to require financial institutions to maintain records and file reports that create a paper trail useful to law enforcement in investigating money laundering, tax evasion, and other financial crimes. The Bank Secrecy Act is codified at 31 United States Code Sections 5311 through 5336, and its implementing regulations are promulgated by the Department of the Treasury through the Financial Crimes Enforcement Network.
The Bank Secrecy Act established the fundamental reporting requirements that remain the bedrock of the anti-money laundering framework: the Currency Transaction Report requirement for large cash transactions, the record-keeping requirements for financial institution transactions, and the authority of the Treasury Department to require reports of foreign financial accounts. The Bank Secrecy Act was amended repeatedly over the following five decades, with the most transformative amendment being the USA PATRIOT Act of 2001.
The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 — universally known as the USA PATRIOT Act — was enacted on October 26, 2001, forty-five days after the September 11 terrorist attacks, and represented a fundamental expansion of the anti-money laundering framework to explicitly include the financing of terrorism as a primary regulatory concern alongside traditional money laundering.
Title III of the USA PATRIOT Act, the International Money Laundering Abatement and Financial Anti-Terrorism Act of 2001, made sweeping amendments to the Bank Secrecy Act that directly created the modern anti-money laundering obligations applicable to broker-dealers. Section 312 required financial institutions, including broker-dealers, to establish due diligence programs for correspondent accounts maintained for foreign financial institutions and private banking accounts. Section 313 prohibited United States financial institutions from maintaining correspondent accounts with foreign shell banks. Section 319 required financial institutions to produce records relating to correspondent accounts within 120 hours of a formal request and to take steps to repatriate funds if requested. Section 326 required all financial institutions to establish Customer Identification Programs — the know-your-customer protocols that verify the identity of every new account holder. Section 352 required all financial institutions, including broker-dealers, to establish anti-money laundering programs meeting defined minimum standards. Section 356 specifically required broker-dealers to file Suspicious Activity Reports — implementing the suspicious transaction reporting obligation that had previously applied only to banks.
The Anti-Money Laundering Act of 2020, enacted as part of the National Defense Authorization Act for Fiscal Year 2021 and representing the most significant statutory anti-money laundering reform since the PATRIOT Act, made additional amendments to the Bank Secrecy Act expanding its scope and updating its requirements for the modern threat environment. The Act established national anti-money laundering and countering the financing of terrorism priorities — a mechanism through which FinCEN periodically identifies and publishes the most significant illicit finance threats to guide financial institution risk assessment and program design. It also expanded whistleblower protections and rewards for individuals who report Bank Secrecy Act violations.
The Financial Crimes Enforcement Network, universally known as FinCEN, is a bureau of the United States Department of the Treasury established in 1990 and charged with safeguarding the financial system from illicit use, combating money laundering, and promoting national security through the collection, analysis, and dissemination of financial intelligence. FinCEN administers the Bank Secrecy Act, issues implementing regulations, issues guidance and advisories to financial institutions, collects and maintains the database of Bank Secrecy Act reports including Suspicious Activity Reports and Currency Transaction Reports, and shares financial intelligence with law enforcement agencies including the FBI, DEA, IRS Criminal Investigation, and Homeland Security Investigations.
FinCEN has overall authority for anti-money laundering enforcement and compliance, including authority to impose civil monetary penalties for Bank Secrecy Act violations. For broker-dealers, FinCEN has delegated examination authority to FINRA, which examines member firms for anti-money laundering compliance under FINRA Rule 3310 as part of its routine examination programme.
FINRA Rule 3310 sets forth the minimum standards that every FINRA member firm — without exception — must meet in establishing and maintaining a written anti-money laundering compliance programme. The rule explicitly states that the Bank Secrecy Act and its implementing regulations apply to all broker-dealers, with no exceptions based on size, business model, or customer base. Broker-dealers may tailor the sophistication and complexity of their programmes to match their individual risk profiles, but the obligation to have a programme meeting the Rule 3310 minimum standards applies universally.
The written anti-money laundering programme required by FINRA Rule 3310 must at minimum contain six core components. First, the programme must establish and implement policies and procedures that can reasonably be expected to detect and cause the reporting of transactions required under 31 United States Code Section 5318(g) — the suspicious activity reporting requirement. Second, the programme must establish and implement policies, procedures, and internal controls reasonably designed to achieve compliance with the Bank Secrecy Act and its implementing regulations more broadly. Third, the programme must provide for independent testing on an annual calendar-year basis by member personnel or a qualified outside party — unless the member does not execute transactions for customers or hold customer accounts, in which case testing is required every two years. Fourth, the programme must designate an individual or individuals responsible for implementing and monitoring the day-to-day operations and internal controls of the programme — the anti-money laundering compliance officer — and must identify that individual to FINRA by name, title, mailing address, email address, telephone number, and facsimile number. Fifth, the programme must provide for ongoing training for appropriate personnel. Sixth, the programme must include appropriate risk-based procedures for conducting ongoing customer due diligence, including understanding the nature and purpose of customer relationships to develop customer risk profiles, conducting ongoing monitoring to identify and report suspicious transactions, and maintaining and updating customer information including beneficial ownership information for legal entity customers.
The programme must be approved in writing by a member of senior management, and any material changes to the programme must be re-approved by senior management. The anti-money laundering compliance officer need not be a FINRA-registered person solely by virtue of serving that function, though many firms choose to register their compliance officers.
The Suspicious Activity Report is the primary tool through which broker-dealers fulfil their obligation to report potential money laundering, terrorist financing, and other financial crime to federal authorities. The obligation to file SARs is established by Section 356 of the USA PATRIOT Act, codified at 31 United States Code Section 5318(g), and implemented through Treasury regulations at 31 Code of Federal Regulations Part 1023.
A broker-dealer must file a SAR with FinCEN when it knows, suspects, or has reason to suspect that a transaction conducted or attempted through the broker-dealer involves at least five thousand dollars in funds or other assets and meets one or more of the following criteria: the transaction involves funds derived from illegal activity or is intended to disguise funds derived from illegal activity; the transaction is designed to evade any reporting requirement of the Bank Secrecy Act; the transaction lacks a lawful purpose or is not the type in which the customer would normally be expected to engage and the broker-dealer knows of no reasonable explanation for the transaction; or the transaction involves the use of the broker-dealer to facilitate criminal activity.
The five-thousand-dollar threshold for broker-dealer SAR filing distinguishes broker-dealers from banks, which must file SARs for transactions of five thousand dollars or more involving a known, suspected, or unknown subject, but also for any transaction of twenty-five thousand dollars or more regardless of any identified subject. The SAR must be filed with FinCEN within thirty calendar days of the date on which the broker-dealer becomes aware of the suspicious activity, or within sixty calendar days if no suspect can be identified. A SAR filing is confidential — the broker-dealer is prohibited from disclosing to the subject of the report or to any other person that a SAR has been filed, a prohibition known as the tipping-off prohibition. Violation of the tipping-off prohibition is a federal offence.
Firms are not penalised for filing SARs in good faith even if the activity reported turns out not to involve actual money laundering or criminal activity. The SAR represents a broker-dealer's reasonable suspicion, not a finding of wrongdoing. However, failing to file a SAR when the required thresholds and criteria are met can expose a broker-dealer to significant civil and criminal penalties.
The Currency Transaction Report is a separate reporting obligation, distinct from the SAR, triggered by any transaction involving more than ten thousand dollars in currency — physical cash — in a single business day. Broker-dealers must file CTRs with FinCEN — through IRS Form 4789 for banks and a modified procedure for broker-dealers — for each individual or entity that conducts one or more currency transactions totalling more than ten thousand dollars on a single business day, whether or not the broker-dealer knows of or suspects any wrongdoing.
The CTR requirement exists independently of any suspicion of illegal activity. A customer who deposits eleven thousand dollars in cash to fund a new brokerage account triggers a CTR regardless of whether the deposit appears entirely routine. The purpose of the CTR is to create a comprehensive record of large cash transactions that law enforcement can query when investigating money laundering and other financial crimes.
A critical concept related to CTRs is structuring — the illegal practice of deliberately breaking up cash transactions into multiple smaller transactions specifically to avoid triggering the ten-thousand-dollar CTR threshold. A customer who deposits nine thousand five hundred dollars on Monday and nine thousand five hundred dollars on Wednesday, intending to avoid the reporting requirement that would be triggered by a single twenty-thousand-dollar deposit, is engaging in structuring — itself a federal crime under 31 United States Code Section 5324, regardless of whether the underlying funds have any connection to money laundering. Broker-dealers who detect structuring activity are required to file a SAR reporting the suspicious activity.
Section 326 of the USA PATRIOT Act required every financial institution, including broker-dealers, to establish a Customer Identification Program — the formal regulatory framework for the informal know-your-customer concept that had long been a bedrock of sound financial practice. The CIP requirement is implemented for broker-dealers through Treasury regulations at 31 Code of Federal Regulations Part 1023.220.
A broker-dealer's Customer Identification Programme must include procedures for verifying the identity of every customer at or before the time a new account is opened, using identifying information provided by the customer — at minimum the customer's name, date of birth for individuals, address, and identification number such as a Social Security number for United States citizens or a taxpayer identification number or passport number for foreign individuals. The broker-dealer must verify this information through documentary means — government-issued photo identification — or non-documentary means — database verification against public records, credit bureaus, or other third-party sources — within a reasonable period after account opening.
The broker-dealer must also check the names of new customers against lists of known or suspected terrorists or terrorist organisations maintained by the Office of Foreign Assets Control, the Treasury's sanctions enforcement arm, and any other government list required by law. Broker-dealers may contract with third parties to perform CIP functions on their behalf but retain full regulatory responsibility for compliance.
The Customer Due Diligence Rule, finalized by FinCEN in May 2016 and incorporated into FINRA Rule 3310 through a 2018 amendment, added a fourth element to anti-money laundering programme requirements beyond identification, verification, and sanctions screening: the collection of beneficial ownership information for legal entity customers.
The CDD Rule requires broker-dealers to identify and verify the beneficial owners of legal entity customers — specifically, any individual who directly or indirectly owns twenty-five percent or more of the equity interests of the legal entity, and a single individual who controls or manages the entity. This requirement addresses the use of shell companies and complex corporate structures to conceal the true human owners of financial accounts — a fundamental layering technique in sophisticated money laundering schemes.
A beneficial owner for CDD purposes is a natural person — not another legal entity — who meets either the ownership threshold or the control test. The broker-dealer must collect a certification from the legal entity customer identifying all beneficial owners meeting the threshold and the single control person, verify their identities through the standard CIP process, and update this information when facts change. Legal entity customers include corporations, limited liability companies, partnerships, business trusts, and other entities that are not natural persons, though certain categories of entities including publicly traded companies, domestic financial institutions regulated by federal functional regulators, and governmental entities are excluded from the beneficial ownership collection requirement.
The practical challenge in anti-money laundering compliance for broker-dealers is identifying suspicious activity among the enormous volume of routine transactions that flow through the firm daily. FINRA Rule 3310 and FinCEN guidance identify numerous red flags — indicators that a transaction may warrant further investigation and potentially a SAR filing — that broker-dealers must be trained to recognise and escalate through their compliance programmes.
Common red flags in broker-dealer accounts include account activity inconsistent with the customer's stated investment objectives or financial profile — a customer with a conservative income-oriented account profile who begins trading heavily in speculative penny stocks, for example. Rapid movement of large sums in and out of accounts without any obvious investment purpose, particularly cash wires from or to high-risk jurisdictions, is a significant red flag. Transactions in low-priced securities involving unusually large blocks traded at prices inconsistent with market prices can indicate wash trading or other market manipulation used to generate artificial trading volume for laundering purposes. Reluctance to provide required identification information, providing inconsistent or clearly false information, or an unusual level of secrecy about transaction counterparties are all behavioural indicators that warrant elevated scrutiny.
FINRA's Annual Regulatory Oversight Reports consistently identify failures in suspicious activity monitoring as among the most frequent anti-money laundering examination deficiencies, including firms that fail to calibrate their transaction monitoring systems to capture potentially suspicious activity, firms that conduct inadequate documented investigations when alerts are generated, and firms that fail to file SARs when the required criteria are met.
One of the most significant recent developments in the anti-money laundering regulatory landscape is the extension of formal Bank Secrecy Act obligations to registered investment advisers and exempt reporting advisers. Investment advisers had historically operated outside the core Bank Secrecy Act framework applicable to banks, broker-dealers, and futures commission merchants — a gap that FinCEN and law enforcement identified as increasingly significant as large volumes of capital flowed through investment adviser relationships without the suspicious activity monitoring and reporting that characterise bank and broker-dealer accounts.
FinCEN issued a final rule on September 4, 2024, requiring most SEC-registered investment advisers and exempt reporting advisers to establish anti-money laundering and countering the financing of terrorism programmes meeting Bank Secrecy Act standards and to file Suspicious Activity Reports with FinCEN. The rule established an initial compliance date of January 1, 2026. However, following a review initiated by the incoming administration, FinCEN issued a final rule published in the Federal Register in January 2026 extending the effective date to January 1, 2028, and committed to revisiting the scope and substance of the rule to tailor it more effectively to the diverse business models and risk profiles of investment advisers. FinCEN also announced its intention to revise the jointly proposed Customer Identification Program rule for investment advisers. Candidates sitting for securities examinations in the near term should be aware that investment advisers are not currently subject to the Bank Secrecy Act AML framework but are expected to become so under the rulemaking currently under review.
Anti-money laundering compliance for broker-dealers is inseparable from sanctions compliance administered by the Office of Foreign Assets Control, the Treasury Department agency responsible for administering and enforcing economic and trade sanctions. OFAC maintains a list of Specially Designated Nationals and Blocked Persons — individuals, entities, and countries subject to United States economic sanctions — against which broker-dealers must screen new customers and monitor existing accounts. Opening an account for or processing a transaction involving a sanctioned person or entity is a separate and independently serious regulatory violation from anti-money laundering failures, and broker-dealers must maintain robust sanctions screening capabilities as a core component of their compliance infrastructure.
Violations of the Bank Secrecy Act and its implementing regulations expose broker-dealers and their personnel to substantial civil and criminal penalties. FinCEN may impose civil monetary penalties for Bank Secrecy Act violations, and the Department of Justice may bring criminal prosecutions against institutions and individuals who wilfully violate anti-money laundering requirements. FINRA may impose disciplinary sanctions including fines, suspensions, and bars on individuals and firms that violate FINRA Rule 3310. High-profile enforcement actions against major financial institutions for anti-money laundering failures — including consent orders requiring substantial remediation programmes and civil penalties in the hundreds of millions or billions of dollars — have demonstrated that regulators take these obligations with the utmost seriousness.
Anti-money laundering is tested on the SIE, Series 7, and Series 65 examinations in the context of broker-dealer regulatory obligations, customer account supervision, suspicious activity reporting, and the foundational federal statutes governing financial crime compliance. Candidates must understand the three stages of money laundering — placement, layering, and integration — the Bank Secrecy Act as the foundational statute, the USA PATRIOT Act as the major 2001 expansion, FINRA Rule 3310 as the specific rule governing broker-dealer AML programmes, the SAR filing threshold of five thousand dollars for broker-dealers, the CTR filing threshold of ten thousand dollars in currency, the prohibition on structuring, the Customer Identification Programme requirements, and the Customer Due Diligence beneficial ownership collection obligation.
The core points to retain are these: money laundering proceeds through three stages — placement, the initial introduction of criminal proceeds into the financial system; layering, the complex series of transactions designed to obscure the audit trail; and integration, the reinsertion of funds into the legitimate economy; the Bank Secrecy Act of 1970, as amended by the USA PATRIOT Act of 2001 and the Anti-Money Laundering Act of 2020, is the foundational federal anti-money laundering statute, administered by FinCEN; FINRA Rule 3310 requires all broker-dealers without exception to maintain a written AML programme approved by senior management, designate an AML compliance officer, conduct annual independent testing, provide ongoing training, establish a risk-based Customer Identification Programme, and implement ongoing Customer Due Diligence including beneficial ownership collection for legal entity customers; broker-dealers must file Suspicious Activity Reports with FinCEN for transactions involving five thousand dollars or more when there is knowledge, suspicion, or reason to suspect money laundering, terrorist financing, structuring, or other financial crime — with SAR filings absolutely confidential under the tipping-off prohibition; Currency Transaction Reports must be filed for all currency transactions exceeding ten thousand dollars in a single business day regardless of any suspicion; structuring — deliberately breaking cash transactions into smaller amounts to avoid CTR thresholds — is itself a federal crime; and the FinCEN 2024 final rule extending AML obligations to registered investment advisers and exempt reporting advisers currently has an effective date of January 1, 2028 following an extension published by FinCEN in January 2026.
