U.S. banking regulators have taken a significant step to bolster defenses against financial crimes. On April 7, 2026, the Federal Deposit Insurance Corporation (FDIC) Board approved a joint Notice of Proposed Rulemaking (NPR) on Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) program requirements. This move aligns with efforts by the Office of the Comptroller of the Currency (OCC), National Credit Union Administration (NCUA), and Financial Crimes Enforcement Network (FinCEN) to modernize compliance frameworks.
The proposal responds to evolving threats like illicit finance, cybercrime, and terrorism funding. It builds on the Anti-Money Laundering Act of 2020 (AML Act), aiming for more effective, risk-based programs across supervised institutions. Public comments will be accepted for 60 days after Federal Register publication.
Key Elements of the Proposed Rule
The NPR outlines mandatory components for banks’ AML/CFT programs to ensure they identify, assess, and mitigate risks. Core requirements include:
- Risk-based policies, procedures, and controls: Institutions must tailor efforts to their specific risk profiles, prioritizing higher-risk areas over low-risk ones.
- Independent testing: Regular audits to verify program effectiveness.
- U.S.-based compliance officer: A designated individual accessible to regulators for oversight.
- Employee training: Ongoing education to support implementation.
Programs are deemed “effective” if properly established and materially implemented. This shifts from prior “should have” language to explicit mandates.
Alignment with FinCEN and AML Act Changes
FinCEN concurrently issued its NPR, amending Bank Secrecy Act (BSA) rules for broader financial institutions. The joint agency proposal mirrors this by incorporating:
- National AML/CFT priorities into risk assessments (per 31 U.S.C. 5318(h)(4)).
- Ongoing customer due diligence (CDD), including beneficial ownership.
- Flexibility for board approval or senior management equivalent.
These updates codify supervisory expectations, promoting consistency. They encourage innovation, like AI-driven monitoring, while avoiding de-risking of low-risk customers.
Background and Regulatory Context
This NPR follows earlier 2024 efforts, including FinCEN’s June proposal and interagency statements. The AML Act of 2020 empowered Treasury to issue priorities, prompting these revisions. Past rules focused on BSA compliance; the new ones emphasize outcomes like national security protection.
Regulators note rising threats: fentanyl trafficking, ransomware, and domestic extremism exploit financial systems. Effective programs provide actionable intelligence to law enforcement. The proposal avoids one-size-fits-all approaches, aligning resources with institution-specific risks.
Implications for Banks and Financial Institutions
All FDIC-supervised banks, including community institutions, face these changes. Compliance costs may rise initially for risk assessments and officer roles, but risk-based design could optimize efforts. Supervisory processes evolve: enhanced FinCEN coordination and clearer enforcement triggers.
Institutions must review priorities, integrate CDD, and document assessments. Non-compliance risks escalate under BSA pillars. Experts anticipate a final rule similar to the NPR, urging early preparation.
Public Comment Period and Next Steps
The NPR publishes soon in the Federal Register, triggering a 60-day comment window. Feedback on feasibility, costs, and innovations is invited. Agencies will review inputs before finalizing, potentially by late 2026.
This rulemaking underscores U.S. commitment to FATF standards amid global AML challenges. For compliance professionals, it signals a proactive shift toward threat-focused regulation.