United States: Treasury Department Issues Comprehensive Assessment Of US Money Laundering And Terrorist Financing Risk

For the first time in a decade, the Treasury Department has released its own anti–money laundering (AML) and terrorist financing Risk Assessments, which may both set a strategic framework for future AML regulatory developments and establish a baseline expectation for financial institutions' own AML risk assessments.

Treasury published its National Money Laundering Risk Assessment (NMLRA) and National Terrorist Financing Risk Assessment (NTFRA) on June 12, 2015. Together, these Risk Assessments constitute the federal government's evaluation of the present state of the US AML and countering the financing of terrorism (CFT) system. The Risk Assessments summarize the threats posed to the United States by money laundering and terrorist financing. They also analyze the risks and vulnerabilities that money launderers and terrorists seek to exploit, the preventive measures taken to mitigate those vulnerabilities, and the residual risks facing the United States and the US financial system.

Treasury officials said they hope financial institutions will use these Risk Assessments to bolster their own understanding of AML/CFT risks when designing and implementing their risk-based AML programs. Thus financial institutions may wish to ensure that their own risk assessments consider the AML/CFT risks and vulnerabilities that Treasury has identified.  

The specific threats, vulnerabilities and risks identified by the Risk Assessments are mostly unchanged from the last comprehensive assessment, issued in 2005.  Instead, the Risk Assessments reflect technological and industry developments since 2005, such as those associated with Bitcoin and other digital currency. The AML and CFT risks identified are organized by threats, vulnerabilities and risks consistent with the Financial Action Task Force's (FATF) new risk assessment methodology, while the 2005 assessment was primarily organized by industry sector.

The Risk Assessments were prepared by the Treasury Department's Office of Terrorist Financing and Financial Crimes (TFFC), in consultation with multiple other offices and agencies across the federal government. TFFC leads the US delegation to the FATF and plays a critical role in setting policy and coordinating AML/CFT efforts across Treasury and the US government. Understanding TFFC's areas of focus, by reading the office's publications or through separate conversations with TFFC staff, can help financial institutions predict and prepare for future AML regulatory developments.

Preparation for FATF Review

The Risk Assessments should also be evaluated in light of an upcoming international peer review of the US AML/CFT framework by the FATF, the international body charged with setting AML/CFT standards and evaluating whether member countries meet those standards. Like the last AML/CFT risk assessment—the 2005 National Money Laundering Threat Assessment—these Risk Assessments were prepared in anticipation of the January 2016 international peer review of US AML/CFT standards by the FATF. 

The FATF's mutual evaluations influence US regulatory policy by identifying perceived deficiencies to be addressed through government action. The last mutual evaluation of the United States, in 2006, identified gaps US AML/CFT framework.  For example, the FATF said that US laws regarding beneficial ownership were "non-compliant" with FATF standards.  In its discussion of the Risk Assessments, Treasury officials acknowledged that the 2006 mutual evaluation led to regulatory efforts to strengthen beneficial ownership standards, as reflected in the proposed rule on CDD requirements.  Similarly, the FATF criticized the lack of US AML program requirements for investment advisors, and many expect the government will re-propose such requirements before the 2016 mutual evaluation begins.1 

The Risk Assessments may be viewed as an attempt to demonstrate that the US government has a strong grasp of relevant money laundering risks. For example, the NMLRA asserts that US "AML regulation, supervision, enforcement, and compliance . . . are generally successful in minimizing money laundering risks" and asserts that AML compliance deficiencies are  not a "systemic vulnerabilit[y] in the United States."2 Whether the Risk Assessments convince the FATF remains to be seen.  

Key Money Laundering Threats, Vulnerabilities and Risks

In its assessment of the threats facing the US financial system, the NMLRA estimates that $300 billion is generated through illicit activity annually in the United States.  The NMLRA lays out at a high level the predicate money laundering crimes that threaten the US financial industry, focusing on fraud, drug trafficking, human smuggling, organized crime and public corruption. It then examines key vulnerabilities that create opportunities for money laundering with respect to specific financial sectors or products, and states the overall risk.

The main vulnerabilities that facilitate money laundering remain largely the same as those identified in the 2005 threat assessment.  They include:

  • use of cash and monetary instruments in amounts under regulatory recordkeeping and reporting thresholds (e.g., $10,000 for transactions in currency);
  • opening bank and brokerage accounts in the names of businesses and nominees to disguise the identity of the individuals who control the accounts (this risk may be addressed through the forthcoming CDD rules);
  • deficient compliance by financial institutions with AML regulations; and
  • merchants and financial institutions intentionally facilitating illicit activity.3 

The 2005 threat assessment recognized that the shift from paper to electronic forms of payment, the expansion of online banking (and corresponding decline of face-to-face account opening), and the development of digital currencies would present new opportunities for money launderers to exploit the US financial system.  The 2015 Risk Assessments confirm that these technological shifts have led to current vulnerabilities in the US financial system.  

The NMLRA also identifies other key vulnerabilities, methods of money laundering and the residual risks, including: 

Banking. Large banks are particularly at risk for criminal abuse, and this risk must be mitigated through strong AML reporting and customer due diligence. Banks with deficient AML controls can be gateways to money laundering through misuse of banking products and services such as structuring transactions, foreign correspondent banking and prepaid cards; misuse of customer relationships, such as the creation of funnel accounts; and AML compliance deficiencies.

Securities. Key money laundering risks arise from master/sub and omnibus account structures and services, intermediated relationships, microcap securities, structured products, private placements, direct market access, certain foreign bond transactions, and bank-type brokerage accounts. The NMLRA also highlights risks caused by a lack of beneficial ownership information for certain account structures, such as master/sub or omnibus accounts.

Money Transmission. The  NMLRA concludes that the money laundering risk of a typical $200-$400 remittance is low. Financial institutions or policymakers might use this finding to argue against reported efforts to broadly "de-bank" money services businesses due to perceived AML risk. Money transmission services are nevertheless susceptible to structuring transactions below recordkeeping thresholds, compliance deficiencies, and unlicensed and unregistered operations. 

Digital Currencies.  The NMLRA discusses digital currencies such as Bitcoin, and calls unregistered or unlicensed digital currency companies a "vulnerability" for banks and other money services businesses. It reasons that digital currencies cannot operate in the United States unless their exchanges (i.e., those that convert between US dollars or other legal tender and digital currency) can send and receive payments through the domestic financial system. The NMLRA mentions the related risk of virtual currency administrators and exchangers opening an account under a nominee, shell or front company to shield the true nature of transactions. Banks and other financial institutions thus play a gatekeeping role between digital currencies and traditional funds. The virtual currency vulnerability described in the NMLRA is slightly different from that discussed in the 2005 threat assessment. In 2005, the main vulnerability posed by digital currencies was the fact that they provide services across jurisdictions, making it difficult for law enforcement authorities to pursue legal action against them. This is likely still a vulnerability, but one that was not emphasized in the NMLRA.

Prepaid Access. The NMLRA states that anonymity is the greatest risk posed by open loop prepaid cards below the $1,000 threshold at which prepaid providers are required to collect customer information. It concludes that both open and closed loop prepaid access vehicles pose a risk of cross-border money laundering. 

Casinos. "The most significant money laundering vulnerability at US casinos is the potential for individuals to access foreign funds of questionable origin through US casinos, and to use the money for gambling and other personal or entertainment expenses, and then withdraw or transfer the remaining funds either in the United States or elsewhere," according to the NMLRA.4  The main risk is that casinos are primarily destinations for recreation and entertainment, rather than financial services. This may lead some casinos "to intentionally or inadvertently put customer service above BSA compliance," particularly by assisting patrons in evading reporting requirements.5 

The Risk Assessments identify risks but do not purport to instruct financial institutions as to how to combat them. Rather, Treasury officials warned that there is no "silver bullet" to improving AML and CFT efforts. While the Risk Assessments contain valuable information, financial institutions should draw from them to identify and manage their own risk.      

1 A 2003 proposed rule would have applied such requirements to investment advisors, but that rule has not been finalized.

2 NMLRA at 86.

3 NMLRA at 3.

4 NMLRA at 77.

5 Id.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Katrina Carroll
Similar Articles
Relevancy Powered by MondaqAI
In association with
Related Topics
Similar Articles
Relevancy Powered by MondaqAI
Related Articles
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Registration (you must scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions

Mondaq.com (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of www.mondaq.com

To Use Mondaq.com you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions