Home
Insights
Industries
About
Training Portal Login
See Demo
Get Started
Done!
AML Program Documentation: Exactly What Examiners Want to See
Compliance Strategy

AML Program Documentation: Exactly What Examiners Want to See

Written by
SD

Sofia Delgado

Compliance Program Specialist

7 min read
ShareLinkedInXFacebook

Examiners don't just evaluate your AML program - they evaluate your documentation of it. Here's the specific documentation that examiners request in every BSA examination and how to organize it for maximum impact.

BSA examiners evaluate your compliance program through its documentation. A program that is well-designed and actively managed but poorly documented will generate findings. A program that is adequately designed and consistently documented will generally pass examination. Documentation is not a substitute for a good program - but it is the lens through which examiners evaluate your program, and it must be organized, complete, and current.

The standard examination document request includes: your written AML program and all policies and procedures; your most recent risk assessment with the date of last update; training records for the past 24 months, including content, dates, and attendee names; CTR and SAR filing records for the past 24 months; independent testing reports for the past 24 months; customer due diligence records for a sample of customers; and board or senior management approval of the AML program.

Organization matters as much as completeness. Examiners who receive a disorganized pile of documents spend more time searching for what they need - and the time they spend searching is time they spend forming impressions about your program's maturity. A well-organized documentation package - with a clear table of contents, tabbed sections for each program element, and a cover memo that summarizes the program - signals that your compliance function is professionally managed.

The most commonly missing documentation items are: board or senior management approval of the AML program (required but frequently absent), independent testing reports (required but frequently not conducted), and training records for all covered employees (frequently incomplete for part-time or seasonal staff). Review your documentation against this list before any examination and address gaps proactively.

Currency is as important as completeness. A risk assessment from 2020, a training record from 2021, and an independent testing report from 2019 tell an examiner that your program is not being actively maintained. Every document in your examination package should have a date, and those dates should reflect a program that is being managed on an ongoing basis. If your documentation is stale, update it before the examination - not after.

Tags

AML DocumentationExamination PrepBSA ProgramCompliance RecordsExaminer Requirements
ShareLinkedInXFacebook
SD
Sofia Delgado

Compliance Program Specialist · Soflo Consulting

20 more articles
Soflo Consulting

Sofia Delgado is a Compliance Program Specialist at Soflo Consulting with expertise in mortgage lender AML requirements, Florida-specific regulatory obligations, and small business compliance program design. She works with non-bank mortgage lenders, title companies, and real estate professionals to build practical, examiner-ready compliance programs.

Mortgage Lender AMLFlorida Regulatory ComplianceGeographic Targeting OrdersSmall Business Programs
View author profile & all articlesCompliance Strategy
In This Article

5 sections

Key Takeaways

  • 1Documentation is the lens through which examiners evaluate your program - organization and currency matter
  • 2Standard examination requests include written program, risk assessment, training records, filing history, and testing reports
  • 3Board or senior management approval of the AML program is required but frequently missing
  • 4Well-organized documentation packages signal professional compliance management to examiners
  • 5Stale documentation signals an unmanaged program - currency is as important as completeness

Need Expert Guidance?

Put these insights into action. Schedule a free consultation with a Soflo Consulting compliance specialist.

Stay Ahead of Compliance

Get FinCEN updates, BSA/AML guidance, and federal compliance news delivered to your inbox - no fluff.

No spam. Unsubscribe any time.

Compliance Guides

How to Build an AML Program
AML Compliance Checklist
FinCEN AML Requirements
BSA Risk Assessment Service
AML Training Certification

Category

Compliance Strategy
All insights
More from this Author

Sofia Delgado

Handpicked articles to deepen your compliance knowledge

All insights
What Is Customer Due Diligence (CDD)? The Plain-English Guide for 2026
AML Basics8 min read

What Is Customer Due Diligence (CDD)? The Plain-English Guide for 2026

AML Compliance Checklist for Small Businesses (2026)
AML Basics6 min read

AML Compliance Checklist for Small Businesses (2026)

AML Requirements for Mortgage Loan Originators (MLOs): The 2026 Breakdown
Mortgage7 min read

AML Requirements for Mortgage Loan Originators (MLOs): The 2026 Breakdown

AML Compliance Requirements in Florida: The 2026 Guide
FinCEN & Regulation8 min read

AML Compliance Requirements in Florida: The 2026 Guide

Compliance Guides

How to Build an AML Program

Who needs one, the 5 pillars, and 7 steps to get audit-ready.

AML Compliance Checklist

Interactive 24-item checklist. Find every gap before your exam.

FinCEN AML Requirements

BSA independent review and annual training requirements explained.

Continue Reading

You Might Also Like

Handpicked articles to deepen your compliance knowledge

Browse all insights
Why Getting an AML Policy Without a Risk Assessment First Is a Major Red Flag
Compliance Strategy
EV
Elena Vargas
8 min read

Why Getting an AML Policy Without a Risk Assessment First Is a Major Red Flag

If an AML firm hands you a finished compliance policy before they have spent serious time understanding your business, that is not a service - it is a liability. A policy built without a proper risk assessment is a template with your name on it, and it will not protect you when a regulator walks through the door.

May 12, 2026Read article
OFAC Sanctions Compliance Is No Longer Just for Banks: What Schools, Businesses, and Professional Services Can Learn from IMG Academy's $1.7M Settlement
Compliance Strategy
AG
Argenis Galez
10 min read

OFAC Sanctions Compliance Is No Longer Just for Banks: What Schools, Businesses, and Professional Services Can Learn from IMG Academy's $1.7M Settlement

Most businesses assume OFAC sanctions compliance is a bank problem. IMG Academy's $1.7 million settlement proves otherwise. When a world-renowned sports academy gets penalized for accepting tuition payments from sanctioned-country nationals, it signals that OFAC's enforcement reach has expanded far beyond financial institutions - and that any business accepting international payments needs to rethink its exposure.

May 15, 2026Read article
What Happens After a Bad AML Program Review: A Recovery Checklist
Compliance Strategy
EV
Elena Vargas
10 min read

What Happens After a Bad AML Program Review: A Recovery Checklist

You had a review. The report came back with findings - or you have since realized the review itself was inadequate. Either way, you are now in recovery mode. This is the step-by-step checklist for what to do next: how to assess the damage, prioritize the fixes, document the remediation, and rebuild a program that will hold up the next time someone looks at it.

May 12, 2026Read article

Explore the full Insights library

50+ articles on BSA/AML compliance, FinCEN requirements, and industry-specific guidance

View all articles