According to the Bank Secrecy Act (BSA), a financial institution or business must establish an anti-money laundering (AML) program that includes at least four elements: (a) a system of internal policies, procedures and controls to prevent, detect and report money laundering and other illicit activities; (b) a designated compliance officer who is responsible for overseeing the implementation and effectiveness of the AML program; © an ongoing employee training program that covers the legal and regulatory obligations, the risks and red flags of money laundering, and the roles and responsibilities of the staff in the AML program; and (d) an independent audit function that tests and evaluates the adequacy and compliance of the AML program12.

While the Office of Foreign Assets Control (OFAC) is a key agency that enforces economic and trade sanctions against targeted foreign countries, entities and individuals, it is not part of the BSA or the AML program requirements. However, financial institutions and businesses are expected to comply with OFAC regulations and screen their customers and transactions against the OFAC lists of sanctioned parties. Failure to do so may result in civil or criminal penalties34. Therefore, it is advisable for financial institutions and businesses to have an OFAC program that is integrated with their AML program, but it is not a mandatory element that they have to specifically address in their AML program.

1: Financial Crimes Enforcement Network (2020). Anti-Money Laundering Programs

2: ACAMS (2020). CAMS Certification Package (6th Edition)

3: Office of Foreign Assets Control (2023). Sanctions Programs and Country Information

4: Moses & Singer LLP (2023). Anti-Money Laundering, Bank Secrecy and OFAC Regulations