.svg)
The Bank Secrecy Act (BSA) has long been the cornerstone of the United States’ federal anti-money laundering (AML) framework. However, for many financial institutions and compliance professionals, the law has become a symbol of regulatory stagnation.
Despite the financial sector undergoing rapid change in recent decades, the BSA’s core reporting thresholds have remained unchanged since 1970.
With the introduction of the Streamlining Transaction Reporting and Ensuring AML Improvements for a New Era (STREAMLINE) Act in October 2025, this may be about to change.
The bill's sponsors argue that the BSA in its current form consists of requirements that “haven’t kept pace with modern risks”, and that modernising it will allow for targeting of “true financial crime instead of generating excessive paperwork”.
If enacted, the STREAMLINE Act would represent the first significant update to BSA reporting requirements in more than 50 years.
By raising currency transaction reporting (CTR) thresholds from US$10,000 to US$30,000, as well as reforming suspicious activity reporting (SAR) thresholds, the bill signals a fundamental pivot in federal philosophy: moving away from a "report everything" mandate toward a more surgical, risk-based approach.
The bigger picture
The STREAMLINE Act, which remains pending in the United States Senate, should be viewed in the context of a slew of recent efforts to simplify federal AML requirements.
The bill’s introduction comes amidst growing deregulatory momentum that began in 2025, with the Trump administration easing reporting burdens and removing other regulatory hurdles that it views as drags on economic efficiency.
Evidence of this shift can be seen in recent regulatory actions by the Financial Crimes Enforcement Network (FinCEN) and its parent agency, the Treasury Department.
In December 2025, FinCEN delayed the implementation of the investment adviser AML rule until 2028. The reporting-based rule – originally set to take effect in 2026 – addresses ongoing illicit finance risks, threats and vulnerabilities posed by criminals and foreign adversaries that exploit the financial system through investment advisers.
The delay follows a notice of proposed rulemaking that FinCEN issued in September 2025, as well as an exemptive relief order issued in August 2025. These moves signal an eagerness by FinCEN to provide the financial sector a reprieve from new oversight, moving away from expanding investment advisers’ regulatory perimeter towards streamlining existing AML reporting obligations.
Along these same lines, FinCEN in September 2025 launched a survey seeking input on the costs that financial institutions incur to comply with AML requirements.
The next month, it published a series of FAQs surrounding the filing of SARs, designed to ensure financial institutions are not “needlessly expending resources” on efforts that do not substantively help to combat criminal activity.
As it relates more directly to BSA reform proposed under the STREAMLINE Act, remarks of Deputy Secretary Michael Faulkender in June 2025 highlight the Treasury Department's guiding principles for future BSA amendments.
The remarks promote BSA alignment with national security and anti-financial crime priorities by:
- Emphasising a risk-based approach to allow financial institutions to allocate more resources toward high-risk activities.
- Tailoring regulations to reflect institution size, risk profile and business model.
- Streamlining reporting through form improvements.
- Harnessing technology and innovation for monitoring and detection tools.
The federal trend towards simplification of the BSA and broader AML framework is a direct response to reporting fatigue within the financial sector. For decades, financial institutions have engaged in defensive filing, flooding FinCEN with millions of low-value reports to avoid technical penalties.
The federal government’s current trajectory points to a philosophy that a system overwhelmed by data is one where true financial crime can more easily hide.
However, this recalibration introduces a critical tension. As financial crime grows in technological sophistication – leveraging AI-driven scams and complex digital laundering techniques — raising reporting thresholds creates potential vulnerabilities.
Why should you care?
Underscored by the STREAMLINE Act and related regulatory developments, the potential for wholesale reform to the federal AML framework in the months ahead is highly consequential. It would mark a pivotal shift for supervised financial institutions, where decades-old requirements are amended in pursuit of easing supervisory burdens and compliance costs.
However, AML modernisation could be a double-edged sword for these institutions. Although regulatory hurdles would ostensibly be lowered, they may be forced to make comprehensive adjustments to internal processes and systems, while also reckoning with the possibility of an emergent state-level patchwork of AML rules.
With federal regulators reducing their own supervision, it is possible that state-level counterparts will fill the supervisory void. This has the potential to create a patchwork of diverging AML requirements across the country.
This may unearth new compliance costs, such as disparate or duplicative examination regimes, monitoring expectations and reporting thresholds.
States such as New York already have especially stringent AML requirements. Title 3, Part 504 of the New York Codes, Rules and Regulations, for example, includes a mandate for senior officers to personally certify the effectiveness of transaction monitoring.
New York’s Department of Financial Services (DFS) has also demonstrated a willingness to flex its enforcement muscle, as evidenced by a US$37m consent order against Gemini Trust in 2024 for AML compliance failures.
At the same time, for financial institutions, anticipated reforms would recalibrate compliance programs toward risk-driven monitoring rather than volume-driven reporting.
Higher thresholds and clarified expectations could reduce low-value filings, ease operational pressures and costs and allow compliance teams to reallocate resources towards innovative practices: conducting complex investigations, employing data-intensive analytics and concentrating on emerging typologies of financial crime.
However, financial institutions moving from a checkbox compliance model to a more risk-based approach may face transitional challenges, through updating systems, retraining staff and re-evaluating risk assessments to align with revised regulatory expectations.
As the federal government steps back from granular reporting requirements, the burden of identifying genuine criminal activity transitions more heavily onto the institution itself, thereby necessitating these internal adjustments.
With compliance teams no longer being able to rely on automated US$10,000 CTR triggers, they will also need to employ advanced behavioral analytics to identify patterns that bypass the new, higher thresholds.
These are rarely overnight changes; instead, they represent multi-year, transformational efforts that demand significant capital expenditure for technology procurement and integration.
Such changes require intensive, cross-functional coordination, requiring compliance teams to work in lockstep with product and engineering teams to embed risk-based triggers into the core architecture of financial offerings.
Furthermore, the delay of regulations like the investment adviser AML rule, alongside broader deregulatory measures, creates a temporary grey zone for financial institutions.
Compliance teams operating across multi-service institutions may find themselves navigating a fragmented landscape, where some service lines are under more heightened scrutiny than others. Failure to balance internal controls accordingly could lead to significant liabilities if the regulatory pendulum swings back under future federal administrations.
Fragmentation poses acute operational risks, most notably inconsistent monitoring and reporting policies across service lines, as well as corresponding frictions for internal audits. It creates siloed data environments, where a high-risk pattern detected within one service line may not be flagged in a less-scrutinised service line, leaving the broader institution exposed to blind spots.
This forces compliance teams to choose between the cost of over-complying across all services lines and the operational complexity of managing disparate, service-specific risk tolerances.
The scale of potential liabilities for non-compliance is evidenced by recent federal enforcement actions.
In 2024, FinCEN issued a US$1.3bn fine against TD Bank for systemic failures in reporting trillions of dollars in transactions. Similarly, FinCEN's US$3.4bn consent order with Binance in 2023 highlights severe consequences for virtual asset service providers (VASPs) that fail to maintain effective AML programs and reporting protocols.
Actions such as these demonstrate that, even as the federal AML framework evolves toward simplification, the cost of oversight gaps remains steep.
Next steps
As the STREAMLINE Act moves through the US Congress and the federal AML agenda takes shape, compliance teams should move from a reactive posture towards proactive, strategic alignment.
To manage this transition, financial institutions should consider the following steps:
- Monitor federal legislative and regulatory activity. Follow developments as they relate to the STREAMLINE Act, as well as rulemaking and guidance from FinCEN, the Treasury Department and other financial regulators. Create a working group to conduct a comprehensive internal impact assessment of pending or imminent policy changes.
- Enhance multi-jurisdictional governance. As federal deregulation picks up in pace, prepare to adapt to new state-level AML expectations. Adjust examination preparations, escalation procedures and reporting lines accordingly.
- Audit current filing protocols. Review current CTR and SAR filing triggers, anticipating a switch from rigid threshold-based reporting to more nuanced, risk-based analysis. Assess filing and other protocols that rely on third-party vendors.
- Assess internal gaps in monitoring and technology. Strengthen data-driven processes and systems, including through advanced analytics, to support more targeted AML detection. Forecast necessary budgetary and staffing implications.
- Re-evaluate high-risk client segments. Update risk profiles and due diligence procedures to ensure alignment with evolving definitions of "high-risk" under new federal expectations. Ensure documentation supports independent, defensible and risk-based judgments in the absence of granular federal thresholds.
- Begin scenario-planning for reporting threshold changes. Model the internal impact of potential shifts in reporting volumes to ensure operational stability during the transition. Conduct corresponding stress tests.
- Prepare for risk-based enforcement scrutiny. Shift internal oversight frameworks to prioritise the effectiveness of suspicious activity detection over mere technical compliance. Ensure that institutional judgments prioritise risk level and identify specific typologies (e.g., terrorist financing, drug trafficking) that remain high-priority for federal law enforcement.
