Skip to main content

FinCEN’s AML/CFT Priorities: A risk assessment perspective

Elissa Brewer, CAMS
February 15, 2023
Read Time: 0 min

Develop your risk assessment with the AML/CFT priorities in mind

Evaluating each FinCEN priority and addressing them in your financial institution's risk assessment is key to compliance.

You might also like this upcoming webinar, "BSA officer’s mindset: A comprehensive look at your AML/CFT program."

register now


Incorporating the AML/CFT priorities into a risk assessment

Not all risks to a financial institution are equal. When considering each of the eight AML/CFT priorities FinCEN identified in 2021, banks and credit unions must evaluate the risks and incorporate them into their policies and procedures to meet regulatory expectations. Since the AML/CFT priorities are still relatively new, the residual risk is most likely considered low to moderate when solid mitigating processes are in place. That means it’s essential to ensure that awareness of risk and coordination efforts to reduce risk are documented within your institution’s AML/CFT risk assessment.

When developing a risk assessment, institutions can treat the AML/CFT priorities as stand-alone risk factors or group them together. Any mitigation efforts you create for each priority’s risks should be detailed in the assessment. If your institution has additional mitigation procedures laid out in other documents, be sure to include those policies and procedures in your risk assessment.

It is important to note that each priority is meant to combat a method of generating illicit proceeds that can be laundered in the U.S. As such, money laundering is linked to all FinCEN priorities and is not explicitly identified as a separate concern. The AML/CFT priorities and financial institutions’ responsibilities surrounding each priority are listed below:

Corruption – Corruption undermines democratic institutions and underpins many global challenges, including human rights abuses. It occurs when government officials misuse public assets, laundering money and sometimes using bribery to obscure obscuring the proceeds of their crimes. Corruption and its effects have a disproportionate impact on the poor and vulnerable.

Financial institutions are responsible for looking for signs of corruption within their customer base and transaction activity. This requires robust know your customer (KYC) efforts and ongoing monitoring for red flags such as the suspicious movement of funds, unexplained spending, unknown sources of wealth, and other indicators of potential misappropriation. It is also important to note that while we may think of corruption as an international issue in other countries, such as Venezuela or Nicaragua, corruption can also happen within the United States.


Cybercrime – Cybercrime is any illegal activity involving a computer, another digital device, or a computer network. It often includes social engineering, software vulnerability exploits, and network attacks. Financial institutions are attractive targets for terrorists who use websites, network systems, and employees to steal credentials and proprietary information. Criminals use this information to disrupt the U.S. financial system, business functions, and democratic processes.

Financial institutions can mitigate these risks with strong information security protocols, including clear policies and cybercrime education training for every employee. Training should include red flags to identify common cyberattack vectors like phishing, business email compromise, ransomware, and extortion attempts. From a transaction-monitoring perspective, the risk and fraud departments should look for rapid transfers between accounts, money mule activity, and transactions with no reasonable explanation for action or source of funds. Institutions should also monitor virtual currency or cryptocurrency transactions for unusual activity.

FinCEN has provided several related to cybercrime and virtual currency activity. A coordinated approach between the institution’s risk and information security departments is essential to an effective cybercrime prevention program.


Foreign and domestic terrorist financing – Terrorists require financing to recruit and support members, fund logistics, and conduct operations. Preventing such financing is essential to counter the threat of terrorism. Existing obligations require financial institutions to monitor, identify, and report terrorist financing activity. This includes foreign and domestic terrorism by individuals and more complex networks of terrorist activity.

from the U.S. intelligence community clarify who is considered a domestic or foreign terrorist and provide activity patterns to add to banks’ monitoring systems and manual reviews of transactions. The most common type of terrorism in the U.S. involves individuals funding overseas terrorists through banks, money services businesses, and cash couriers. Domestic terrorists, known as domestic violent extremists (DVEs), operate primarily within the U.S. to further their ideological goals through force or violence.

One of the goals of a financial institution’s AML/CFT program is to detect and report terrorist financing to disrupt or prevent the transfer of funds to further the terrorist agenda, whether in the U.S. or internationally.


Fraud - Fraud is believed to be the largest generator of proceeds for criminals in the U.S. today. The most common types of fraud include bank fraud, consumer, health care, securities, and tax fraud. Common types of fraud impacting financial institutions include trending fraud schemes such as romance scams, synthetic identity fraud, check fraud, and point of sale (POS) or card-related fraud. Criminals launder proceeds from fraudulent activities through various methods, including offshore accounts, money mules, and even foreign entities.

Financial institutions should coordinate efforts among the operations department, frontline staff, fraud teams, and risk management to educate employees on common fraud trends and patterns. A robust fraud prevention program is essential to identifying and reporting known fraud to the proper authorities. Additionally, institutions should review FinCEN advisories related to new and featured fraud trends to refresh their staff as needed.


Transnational criminal organization activity – Transnational criminal organizations (TCOs) are organized crime groups that operate across international borders. These groups engage in a wide range of illegal activities, including cybercrime, drug trafficking, fraud, wildlife trafficking, human smuggling, human trafficking, intellectual property theft, weapons trafficking, and corruption. Many TCOs currently operate in the U.S., but most are based in Mexico, Russia, Africa, and Asia.

Due to the widespread impact of TCOs in many types of fraud, crime, and money laundering activities, institutions should maintain a strong customer due diligence (CDD) program to identify potential participants.


Drug trafficking organization activity – Illicit drugs continue to generate significant proceeds for drug trafficking organizations (DTOs). The drugs themselves and the drug trade profits are considered an essential public health emergency. Drug cartels from Mexico, Colombia, and China are prevalent throughout the U.S. and pose significant risks.

Institutions should continue to strengthen their suspicious activity monitoring programs to identify potential drug trafficking activity. This includes known activity patterns related to trade-based money laundering and currency exchanges between China, Mexico, and U.S. The 2019 FinCEN advisory extensively discusses typologies, case studies, and red flags for DTO activity.


Human trafficking and human smugglingHuman trafficking and human smuggling intersect with financial institutions throughout the trafficking or smuggling process. While human trafficking and human smuggling are different crimes with different behaviors, both involve exploiting individual people for profit and show similar red flags. Networks move funds through cash smuggling, professional money laundering networks, and criminal organizations. Many traffickers and smugglers use shell companies to hide the true nature of their business activities.

FinCEN has published multiple advisories on the human trafficking and human smuggling crisis in the United States. These include typologies and behaviors for financial institutions to look out for during transaction monitoring.


Proliferation financing – Proliferation financing refers to providing funds or financial services used for manufacturing or using nuclear, chemical, or biological weapons in breach of national laws or international obligations. The principal threat of money laundering arises from the proliferation of support networks. These networks exploit the U.S. financial system to move funds that will be used for weapons against the United States or the United Nations countries. The most significant areas of risk include global correspondent banking and cross-border trade.

Financial institutions should monitor for any transfer of funds through gatekeepers, front or shell companies, exchange houses, or illegal exploitation of international trade. FinCEN has issued several counterproliferation advisories related to this activity identifying high-risk countries, including Iran, North Korea, and Syria. Compliance with existing sanctions programs and a strong customer due diligence program are critical to mitigating risk.  

Be ready for AMLA-related changes. This checklist can help.

Keep me informed Download


Managing AML/CFT priorities

Some priorities are managed by risk management, some by AML/CFT programs, and others by the compliance department. Awareness and coordination of efforts to mitigate risk should be documented within your institution’s AML/CFT risk assessment. As the AML/CFT priorities are still new in their regulatory framework, the residual risk is most likely considered low to moderate if strong mitigating processes are in place.


Stay up to date on AML/CFT and fraud trends with more professional development.


We can help you navigate changing AML/CFT and fraud regulations. Abrigo's BSA and AML software can help you manage customer or member relationships and stay compliant. Talk to a specialist to learn more.
About the Author

Elissa Brewer, CAMS

Risk Management Consultant
Elissa Brewer is a Risk Management Consultant with Abrigo in the Advisory Services Group. She has over 17 years’ experience working in the financial institution and software industry. Prior to joining Abrigo, Elissa worked for multiple financial institutions and built their BSA/AML/OFAC, fraud, and risk management programs from the ground

Full Bio

About Abrigo

Abrigo enables U.S. financial institutions to support their communities through technology that fights financial crime, grows loans and deposits, and optimizes risk. Abrigo's platform centralizes the institution's data, creates a digital user experience, ensures compliance, and delivers efficiency for scale and profitable growth.

Make Big Things Happen.


DiCOM is now part of Abrigo

Best-in-class solutions to manage the life of a loan and protect asset quality in the face of growing pressure on borrowers. Read the press release.

Valuant is now part of Abrigo

Our portfolio risk solutions and services are more robust than ever. No matter the challenge, we help you face it head on. Read the press release.