.svg)
55 Years of Financial Transparency: Revisiting the Bank Secrecy Act
On October 26, 1970, the U.S. Congress enacted the Bank Secrecy Act (BSA) - also known as the Currency and Foreign Transactions Reporting Act - marking a watershed moment in financial regulation. The goal: require financial institutions to assist law enforcement in detecting illicit money flows, to force banks to keep records of certain cash transactions and report when a customer’s activity raised red flags.
Over the past five and a half decades, the BSA has evolved considerably, shaped by globalization, technology, terrorism, and the rise of new financial instruments. This blog will revisit key milestones, then reflect on where U.S. and global anti-money-laundering (AML) and counter-financing-of-terrorism (CFT) regulation stands in 2025.
Key Milestones in the BSA Journey
1970 – Enactment. The BSA becomes law on 26 October 1970, giving regulatory teeth to the idea that banks must monitor and report large currency transactions and suspicious activities.
1974 and later – Constitutional test. The Supreme Court upheld the BSA’s constitutionality under Fourth Amendment search and seizure and Fifth Amendment due-process challenges.
1980s–1990s – Strengthening AML infrastructure. The BSA’s record-keeping and reporting obligations were extended, sanctions tightened, and training/exam procedures enhanced.
2001 – The turning point for terrorism risk. With USA PATRIOT Act amendments, the BSA framework was significantly expanded: financial institutions were required to implement AML programs (internal controls, compliance officers, training, audits), customer identification became stricter, and better information-sharing among agencies was needed.
2016-2018 - Beneficial owner / CDD rule. A new rule for customer due diligence (CDD): banks, brokers, mutual funds, futures merchants must identify and verify beneficial owners of legal-entity customers.
2020–2024 – Modern risk-based reform. The AML Act of 2020 strongly amended the BSA regime, mandating risk-based AML/CFT programs, elevating CFT to equal footing with AML, and setting the stage for further regulatory overhaul. In August 2024, Financial Crimes Enforcement Network (FinCEN) issued a final rule on residential real-estate reporting (select non-financed transfers) in the BSA/AML framework.
Where the US and Global AML/CFT Landscape Stands Today
2025 – Focus on modernization, thresholds and technology. In 2025 the key conversations are: outdated Currency Transaction Report (CTR) and Suspicious Activity Report (SAR) thresholds (e.g., $10,000 cash trigger set in 1970). Proposed rules emphasize effective, risk-based AML/CFT programs, mandatory risk assessments, and clarity across all types of financial institutions.
In the U.S., the BSA remains the foundation of AML/CFT regulation - but the regulatory architecture is shifting to reflect new threats, technologies and business models. Regulators are pushing (via rule-making) for a stronger risk-based approach that ties AML/CFT efforts to the highest-priority threats (such as ransomware, cybercrime, domestic terrorism) rather than broad checklist-compliance.
On the global front:
The international standard-setting body Financial Action Task Force (FATF) continues to drive convergence of AML/CFT rules. Many jurisdictions require CDD, beneficial -ownership transparency, SAR regimes, and risk-based supervision.
The rise of crypto-assets, decentralized finance (DeFi), cross-border peer-to-peer payments, and new payment technologies is forcing regulators and banks globally to adapt. For instance, U.S. regulators have begun emphasizing blockchain analytics, AI in transaction monitoring, and adapting regime thresholds and rules for new actors.
There is a mounting recognition that thresholds and legacy rules (e.g., the $10,000 cash trigger) may be outdated: inflation, digital finance, and global flows of money have changed the landscape. Many jurisdictions are reviewing reporting thresholds, cross-border transparency, and beneficial -ownership registries.
Yet, substantial challenges remain:
Data -overload: financial institutions and regulators struggle to filter meaningful intelligence from massive volumes of CTRs and SARs, and the value of filings can be diluted if thresholds trigger too many low-risk reports.
Enforcement remains heavy: in 2024, U.S. regulators announced almost four dozen (47) enforcement actions tied to BSA/AML failures.
Global coordination: while international norms exist, cross-border cooperation, information-sharing, safe-harbors and harmonized rules are still a work in progress.
Emerging technology and business models: legacy frameworks struggle to keep pace with new risks, hence the renewed focus on risk-based regulation and technology-enabled monitoring.
How is the BSA Expected to Change in the Next Few Years?
Over the next few years, U.S. regulators plan sweeping updates to the Bank Secrecy Act. FinCEN’s modernization rule will require effective, risk-based AML/CFT programs anchored in formal risk assessments.
BSA coverage is expanding to investment advisers, real estate professionals, and stablecoin issuers
Beneficial ownership reporting under the Corporate Transparency Act will tighten transparency
Regulators are reviewing CTR/SAR thresholds to reduce data overload and improve intelligence quality
Digital asset and fintech activity will face new AML obligations and guidance
Together, these reforms aim to shift compliance from box-ticking to dynamic, technology-driven financial-crime prevention across the broader financial ecosystem.
In Summary
The Bank Secrecy Act’s 55-year journey is one of evolution from paper-based cash-transaction reporting to a global, risk-based, technology-enabled AML/CFT regime. It began as a response to bag-loads of currency being deposited quietly, and has grown into a cornerstone of financial integrity, counter-terrorism, and financial crime prevention. The key pivot in recent years has been shifting from “how many filings did we make” to “how effective are our programs against priority risks”.
For those working in compliance or financial-crime prevention, the message is: keep your controls solid, update your risk-assessments often, make sure your data- feeds and analytics are sharp, and don’t treat AML/CFT as just a regulatory box-check. The threats adapt - the regulation must too.