Find Out If Your Business Needs AML/BSA Compliance
Answer 6 quick questions and get an instant, personalized assessment of your AML/BSA compliance obligations, plus a free action plan sent to your inbox.
What best describes your business?
Select the option that most closely matches your primary business activity.
Why This Assessment?
Based on FinCEN's actual regulatory coverage rules
Built by BSA compliance experts with 15+ years experience
Your answers are private, never sold or shared
Nationwide coverage
The Cost of Non-Compliance
FinCEN civil penalties range from $25,000 to $1,000,000+ per violation. Criminal prosecution is possible for willful violations.
Get ProtectedWhich Businesses Need AML/BSA Compliance?
The Bank Secrecy Act covers a wide range of financial institutions. Here's a quick reference guide to who is currently required to maintain a written AML compliance program.
Money Services Businesses
RequiredMortgage Lenders & Originators
RequiredFintech & Payment Apps
RequiredCryptocurrency Businesses
RequiredBanks & Credit Unions
RequiredCasinos & Gaming
RequiredInsurance Companies
RequiredReal Estate Professionals
LikelyJewelry & Luxury Goods
LikelyAuto Dealers
LikelyThe 4 Pillars of AML/BSA Compliance
If your business is covered, FinCEN requires a written AML program with four core elements, often called the "four pillars." Missing any one of them is a regulatory finding.
Written Policies & Procedures
A formal AML policy manual covering your products, services, SAR/CTR procedures, and recordkeeping requirements. Must be updated annually.
Designated BSA Compliance Officer
A named individual responsible for day-to-day program management. Cannot be outsourced, but can be supported by external consultants.
Annual Employee Training
All relevant employees must complete role-specific AML training annually, with documented completion certificates retained for 5 years.
Independent Program Review
An annual review by a qualified, independent party. The BSA officer cannot review their own program. This is the #1 audit finding.
Common Questions About AML Compliance Requirements
Does my business need an AML compliance program?
Your business needs an AML/BSA compliance program if it is a "financial institution" under the Bank Secrecy Act. This includes money services businesses (MSBs), mortgage lenders and brokers, banks and credit unions, fintech companies, casinos, insurance companies, and certain real estate professionals. Use our free self-assessment above to find out if your specific business is covered.
What is a Money Services Business (MSB)?
A Money Services Business (MSB) is any business that provides money transmission, currency exchange, check cashing, money orders, prepaid access, or virtual currency services. MSBs must register with FinCEN and maintain a written AML compliance program. Common examples include wire transfer services, check cashers, currency exchangers, and cryptocurrency businesses.
Do mortgage brokers need AML compliance?
Mortgage lenders and originators are required to maintain a written AML/BSA compliance program under 31 CFR § 1029.210. This includes annual employee training, a designated BSA compliance officer, a written risk assessment, and an independent program review. Mortgage brokers who are not lenders are not currently covered, but this is subject to change.
What happens if my business does not have an AML program?
Operating a covered business without an adequate AML program can result in civil money penalties from $25,000 to $1,000,000 or more per violation, cease and desist orders, loss of operating licenses, and in serious cases, criminal prosecution. FinCEN has assessed penalties against businesses of all sizes for inadequate AML programs.
How much does AML compliance cost for a small business?
Traditional AML compliance consulting can cost $5,000–$50,000+ per year in hourly fees. Soflo offers a fixed-price annual compliance program that includes written policies, risk assessment, annual training with certificates, and independent review, starting at a fraction of traditional consulting costs. Use our self-assessment to get a personalized quote.
What is the difference between AML and BSA compliance?
BSA (Bank Secrecy Act) is the U.S. law that requires financial institutions to maintain records and file reports to help detect and prevent money laundering. AML (Anti-Money Laundering) refers to the broader set of policies, procedures, and controls that businesses implement to comply with the BSA and related regulations. In practice, "AML compliance" and "BSA compliance" are used interchangeably.
Ready to Get Compliant?
Soflo delivers everything FinCEN requires: written policies, annual training, risk assessment, and independent review, at a fixed annual price. No consultants. No hourly billing.