Call Us
The AML Pillars

The Four (4) Pillars Of BSA/AML Compliance

Posted on: March 24th, 2016 by Julie

Compliance in accordance to anti-money laundering requirements and the Bank Secrecy Act (BSA).

(Update: FinCEN added a fifth pillar in 2018. Read more)


This is the pillar that is most likely the easiest to grasp and the one that seems the most self-explanatory.

However, it goes beyond simply designating someone in your organization to be the Compliance Officer because they hold many responsibilities.

The Compliance Officer is responsible for knowing and understanding the policies and procedures outlined in the AML program, relating to the money service business (MSB).

Designate someone capable of learning and understanding the policies and procedures written for your organization.

For example, one of our custom AML programs can be anywhere between 80 to 200 pages and it is the responsibility of the Compliance Officer to know and understand all the policies and procedures outlined within the document.

If needed, our consultants will take as much time as needed to walk any part of your compliance team through the AML program.

The Compliance Officer is also responsible for speaking intelligently to the bank and IRS regarding the MSBs processes of offering financial services.

It’s becoming more regular that banks want to speak directly with the Compliance Officer’s of the business rather than a third party who was hired to perform their independent review, training or written policies.

It is important for businesses to be able to speak to their processes and because of that, part of our training process covers how to speak to bankers.

In addition, part of the Compliance Officer’s responsibilities includes reviewing daily checklists, training logs and transaction reports.

It is up to the officer to verify the manager’s at each store are checking off their transactions on a daily basis, making sure to file currency transaction reports (CTRs) and suspicious activity reports (SARs) and fill out money order and money transfer logs when necessary.

While there is no specific guideline as to who can be the Compliance Officer, it is important to designate someone that will pass a background check with ease.

Based on our experience with the banks, they have been known to conduct a background investigation on the owners and the Compliance Officer’s within the company, due to the vital role they have within the organization.

You should appoint a Compliance Officer with no felonies and no criminal history. Banks can deny your account for what is called a character decline.


The development of internal policies, procedures, and controls is the “meat” of all the pillars.

The second pillar addresses:

  1. How you run the MSB
  2. How your MSB stays in compliance
  3. How you ensure that all the written policies and procedures are being implemented and upheld.

This pillar probably has the most variance amongst all the pillars because not all MSBs operate the same.

Each MSB may have different products, services, volumes and customer demographics. It is important that the policies and procedures of an AML program cater to how the specific MSB is being operated.


All employees must receive ongoing, relevant training as it pertains to the AML program.

It is recommended that an MSB train all employees upon initial employment as well as once per year thereafter.

Training must cover the basics of BSA/AML compliance and must be documented.


Independent testing and review, ensures that everything mentioned in the previous pillars are operating in an acceptable manner.

To be independent means that the person conducting the review cannot be the Compliance Officer or be someone that directly reports to the Compliance Officer.

One of the main purposes of independent testing and reviewing is to identify any deficiencies in a MSBs process. When deficiencies are found, recommendations can be made to alleviate any weaknesses the AML program may have.

The person preparing the independent review should also prepare a risk assessment to determine risk level; low medium or high.

While it is always encouraged to have your independent review conducted by a knowledgeable third party with experience working with MSBs, it is especially recommended to source an outside consultant to review your business if your business is identified as a medium or high risk.

In addition, your bank may even request a qualified third party perform a more extensive risk assessment.

The preferred qualified third party is a CAMS certified expert due to the rigorous testing each certified expert goes through.

Our CAMS certified experts have extensive experience working with business owners and Compliance Officers to identify deficiencies within the business and assisting in the preparation of risk assessments and plans to address deficiencies.


The Capital Compliance Experts team is CAMS certified and specializes in custom, written AML programs, third party independent reviews, online BSA/AML training and certification, general consulting, and annual compliance oversight.

Tags: , , , , , , , ,

About the Author

Kyle Oden, CAMS
Kyle Oden, CAMS
Head of Operations

Over 13 years of experience consulting medium to large clients on their individual compliance needs. Proficient in working with Financial Service Centers, Money Transmitters, Cryptocurrency-related businesses, Casinos, Tribal Entities, Banks and Lenders. In my free time I enjoy drawing, being active and spending time with my family.

You Might Also
Be Interested In...

Back to Top