Skip to content
  • There are no suggestions because the search field is empty.

FinCEN Compliance Checklist for Broker-Dealers

Bank Secrecy Act (BSA) & Anti-Money Laundering Compliance Checklist

The Financial Crimes Enforcement Network (FinCEN) is the United States financial intelligence unit responsible for administering and enforcing Anti-Money Laundering (AML) requirements under the Bank Secrecy Act (BSA). Broker-dealers registered with the SEC and subject to FINRA oversight are required to establish, maintain, and administer a risk-based AML compliance program designed to detect and prevent money laundering, terrorist financing, fraud, and other financial crimes.

This checklist is intended to help broker-dealers understand the core compliance requirements that may apply to their operations. Regulatory expectations vary based on business model (introducing vs. clearing), product lines, customer types (retail, institutional, prime brokerage), geographic footprint, and overall risk profile. All broker-dealers are expected to maintain an effective BSA/AML compliance framework and demonstrate ongoing compliance during regulatory examinations conducted by the SEC, FINRA, and other applicable agencies.

A broker-dealer is generally considered a financial institution subject to FinCEN regulations if it effects transactions in securities for the account of others (broker), buys or sells securities for its own account (dealer), holds customer funds or securities, extends margin credit, facilitates securities lending, processes wire transfers, or provides custody, clearing, or prime brokerage services. Broker-dealers that engage with customers trading tokenized or digital asset securities face additional emerging compliance obligations as regulatory frameworks continue to develop.

If your organization operates as a broker-dealer within the United States, it is important to ensure that your AML compliance program meets FinCEN requirements and aligns with regulatory expectations established by the SEC and FINRA. Failure to maintain an effective compliance program can result in regulatory enforcement actions, monetary penalties, reputational damage, trading suspensions, and increased scrutiny from examiners.

Required - Mandatory by regulation

Needs tool - Technology required

Emerging - New/digital asset obligation

 

BSA/AML Program Framework

  • Written BSA/AML compliance program approved by Board of Directors or senior management Required
  • Designated BSA Officer / AML Compliance Officer with authority and sufficient resources Required
  • Regular reporting of BSA/AML activities to Board and senior management Required
  • Enterprise-wide BSA/AML risk assessment documented, maintained, and updated periodically Required
  • AML/BSA policies and procedures tailored to broker-dealer business lines, products, and risk profile Required
  • Annual independent audit of BSA/AML program (internal or external) Required
  • Comprehensive AML training program for all employees (annual minimum) Required
  • Training for registered representatives, compliance personnel, and senior management on AML requirements Required

Customer Identification Program (CIP) & Due Diligence

  • Collect and verify identity of all customers at account opening Required Needs tool
  • Verify identity using documentary and/or non-documentary evidence Required
  • Compare customer identity against FinCEN Exclusion List, OFAC lists, and negative media Required Needs tool
  • Identify and verify beneficial owners (25%+ ownership) of all legal entity account holders Required
  • Understand the nature and purpose of each customer relationship including investment objectives and expected activity Required
  • Obtain information on source of funds/source of wealth for higher-risk customers Required
  • Enhanced due diligence (EDD) for higher-risk accounts (foreign PEPs, offshore entities, shell companies, etc.) Required Needs tool
  • Ongoing monitoring and periodic update of customer information and investment profiles Required Needs tool

Transaction Monitoring

  • Implement transaction monitoring system (automated + manual review) covering all account activity Required Needs tool
  • Monitor for suspicious patterns: unusual trade sizes, frequencies, counterparties, or securities Required Needs tool
  • Monitor for pump-and-dump schemes, wash trading, and layering activity Required Needs tool
  • Monitor for structuring/smurfing (multiple transactions to avoid reporting thresholds) Required Needs tool
  • Document investigation and escalation procedures for flagged activity Required
  • Escalate suspicious transactions to SAR review process within defined timeframe Required
  • Monitor for microcap fraud, unregistered securities offerings, and suspicious IPO allocations Required Needs tool

Suspicious activity Reporting (SARs)

  • File Suspicious Activity Reports (SARs) for suspicious transactions Required
  • File SARs within 30 calendar days of detection of suspicious activity Required
  • Establish internal SAR procedures including investigation, documentation and escalation Required
  • Designate individuals responsible for SAR review and filing Required
  • Train staff on recognizing suspicious activity in securities trading and escalation procedures Required
  • Maintain confidentiality regarding SAR filings (tipping-off prohibition) Required

Currency Transaction Reporting

  • File Currency Transaction Reports (CTRs) for cash transactions exceeding $10,000 Required
  • Implement systems to aggregate transactions to detect structuring or smurfing Required Needs tool
  • Train operations and compliance staff on CTR requirements Required

OFAC Sanctions Compliance

  • Screen all customers against OFAC SDN List at account opening and at transaction initiation Required Needs tool
  • Implement ongoing OFAC screening procedures on list updates and new sanctions designations Required Needs tool
  • Freeze or block accounts and transactions of customers matching OFAC designations Required
  • Report blocked transactions to OFAC within 10 business days Required
  • Maintain records of OFAC compliance actions and blocked transactions Required
  • Document OFAC sanctions policies and procedures Required

Customer Due Diligence (CDD) - Beneficial Ownership

  • Identify all beneficial owners of legal entity customers and issuer clients (persons owning 25%+ of entity) Required
  • Verify beneficial owner identity through government ID or other reliable means Required Needs tool
  • Maintain and periodically update records of beneficial owners Required
  • Understand the purpose of the customer relationship and anticipated trading activity Required
  • Implement ongoing monitoring of customer and beneficial owner information Required Needs tool

Correspondent & Institutional Account Risk

  • Conduct due diligence on all correspondent and prime brokerage relationships Required
  • Enhanced due diligence on institutional accounts in high-risk jurisdictions Required
  • Obtain certifications regarding beneficial ownership of correspondent and institutional clients Required
  • Ongoing monitoring of correspondent and institutional account activity Required
  • Document vendor and third-party risk management procedures Required

Tokenized and Digital Asset Securities (Emerging)

  • Assess whether broker-dealer activities in digital asset securities trigger expanded FinCEN/SEC obligations Required Emerging
  • Apply Travel Rule compliance for transfers of digital asset securities meeting applicable thresholds Required Emerging
  • Integrate blockchain analytics into transaction monitoring for digital asset security activity Needs tool Emerging
  • Perform enhanced KYC/KYB for customers transacting in tokenized or digital asset securities Required Emerging
  • Monitor wallet addresses and on-chain activity associated with customer accounts Needs tool Emerging
  • Assess broker-dealer registration obligations under SEC guidance on digital asset securities Required Emerging
  • Establish procedures to block or freeze digital asset positions upon OFAC or sanctions match Required Emerging
  • Document policies for handling digital asset forks, airdrops, and novel instrument types in AML context Emerging

Record-keeping & Documentation

  • Retain all CIP documentation for minimum 5 years after account closure or relationship termination Required
  • Maintain CDD and beneficial ownership records for 5+ years Required
  • Maintain records of all SARs and CTRs filed and related documentation Required
  • Document all SAR investigations and decisions Required
  • Maintain transaction records and monitoring activity logs Required
  • Keep audit trail of all AML system modifications and compliance reviews Required
  • Maintain training records and employee certifications Required
  • Retain order records, trade confirmations, and account statements per SEC Rule 17a-4 Required

Regulatory Compliance & Examination Readiness

  • Prepare for periodic SEC, FINRA, and FinCEN BSA/AML examinations Required
  • Document policies and procedures in audit-ready format Required
  • Maintain evidence of compliance testing and controls effectiveness Required
  • Address any prior examination findings and regulatory requests Required
  • Maintain FINRA Rule 3310 AML compliance program documentation Required


Need help with your FinCEN compliance program? Click here to schedule a call with one of our experts.