The Bank Secrecy Act of 1970 (or BSA, or otherwise known as the Currency and Foreign Transactions Reporting Act) requires financial institutions in the United States to assist U.S. government agencies to detect and prevent money laundering.

Specifically, the act requires financial institutions to keep records of cash purchases of negotiable instruments, and file reports of cash purchases of these negotiable instruments of more than $10,000 (daily aggregate amount), and to report suspicious activity that might signify money laundering, tax evasion, or other criminal activities. Many banks will no longer sell negotiable instruments when they are purchased with cash, requiring the purchase to be withdrawn from an account at that institution.

The BSA was originally passed by the Congress of the United States in 1970, and amended several times since then, including provisions in title III of the USA PATRIOT Act. (See 31 USC 5311-5330 and 31 CFR Chapter X.) The BSA is sometimes referred to as an "anti-money laundering" law ("AML") or jointly as “BSA/AML." (Source: Wikipedia - http://en.wikipedia.org/wiki/Bank_Secrecy_Act)

CIP rule requires financial institutions to develop a Customer Identification Program (CIP) appropriate to the size and type of its business. The CIP must be incorporated into the bank's Bank Secrecy Act/Anti-money laundering compliance program, which is subject to approval by the financial institution's board of directors.

The CIP is intended to enable the bank to form a reasonable belief that it knows the true identity of each customer. The CIP must include account opening procedures that specify the identifying information that will be obtained from each customer. It must also include reasonable and practical risk-based procedures for verifying the identity of each customer.

The CIP rule applies to a "customer." A customer is a "person" (an individual, a corporation, partnership, a trust, an estate, or any other entity recognized as a legal person) who opens a new account, an individual who opens a new account for another individual who lacks legal capacity, and an individual who opens a new account for an entity that is not a legal person (e.g., a civic club). (Source: FFIEC - http://www.ffiec.gov/bsa_aml_infobase/pages_manual/OLM_011.htm)

Due Diligence is a set of policies, procedures, and processes for all customers (and especially for those that present a higher risk for money laundering and terrorist financing) that enables a money-service organization to predict with relative certainty the types of transactions in which a customer is likely to engage.

Due Diligence begins with verifying the customer’s identity and assessing the risks associated with that customer. It also may lead to enhanced due diligence for higher-risk customers. Overall Due Diligence procedures should be commensurate with the organization’s risk profile; should establish clear sets of steps and responsibilities; should ensure the organization maintains adequate customer information; should provide guidance for how to resolve insufficient or inaccurate information; should include a tested risk assessment mechanism; and should be periodically reviewed and verified by outside information.  (Source: Bank Secrecy Act Anti-Money Laundering Examination Manual - http://www.ffiec.gov/bsa_aml_infobase/pages_manual/OLM_013.htm)

Enhanced Due Diligence (EDD) refers to a set of policies, procedures, and processes for higher-risk customers associated with a bank or money service business. Customers that pose higher money laundering or terrorist financing risks present increased exposure to banks; due diligence policies, procedures, and processes should be enhanced as a result.

EDD for higher-risk customers is especially critical in understanding their anticipated transactions and implementing a suspicious activity monitoring system that reduces the bank’s reputation, compliance, and transaction risks. Higher-risk customers and their transactions should be reviewed more closely at account opening and more frequently throughout the term of their relationship with the bank.  (Source: Bank Secrecy Act Anti-Money Laundering Examination Manual - http://www.ffiec.gov/bsa_aml_infobase/pages_manual/OLM_013.htm)

The Financial Crimes Enforcement Network (or FinCEN) is a bureau of the United States Department of the Treasury that collects and analyzes information about financial transactions in order to combat money laundering, terrorist financiers, and other financial crimes. As reflected in its name, the Financial Crimes Enforcement Network (FinCEN) is a network, a means of bringing people and information together to fight money laundering.

Since its creation in 1990, FinCEN has coordinated the sharing of information with law enforcement agencies and its other partners in the regulatory and financial communities. FinCEN uses cooperation and partnerships in a network approach to combat money laundering domestically and internationally. (Source: Wikipedia - http://en.wikipedia.org/wiki/Fincen)

Financial Intelligence Unit — the central, national agency responsible for receiving, analyzing, and disseminating SARs and other information for anti-money laundering/combating the financing of terrorism (AML/CFT) purposes.  In the Unites State, the FIU is the U.S. Department of the Treasury's FinCEN (Financial Crimes Enforcement Network).

The FCPA was enacted by the US Congress in 1998 after the United States and thirty-three other countries signed the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions.

The provisions of the FCPA make it unlawful for a U.S. person, and certain foreign issuers of securities, to make a corrupt payment to a foreign official for the purpose of obtaining or retaining business for or with, or directing business to, any person. The provisions also apply to foreign firms and persons who take any act in furtherance of such a corrupt payment while in the United States.

Sarbanes Oxley legislation also imposes requirements on firms to disclose instances of fraud as well as reporting annually on its systems of internal control, so compliance with FCPA helps ensure SOX compliance too. (source: World-Check)

IVTS refers to any system, mechanism, or network of people that receives money for the purpose of making the funds or an equivalent value payable to a third party in another geographic location, whether or not in the same form.

The transfers generally take place outside of the conventional banking system through non-bank financial institutions or other business entities whose primary business activity may not be the transmission of money.

As a type of Money Services Business (MSB) and specifically, as a type of money transmitter, IVTS may legally operate in the United States, so long as they abide by applicable state and federal laws.

This includes registering with FinCEN and complying with anti-money laundering and counter-terrorist financing provisions of the Bank Secrecy Act (BSA) applicable to all money transmitters and to certain other MSBs.

A more sophisticated form of IVTS operating in the United States often interacts with other financial institutions in storing currency, clearing checks, remitting and receiving funds, and obtaining other routine financial services, rather than acting independently of the formal financial system.(Source: http://www.fincen.gov/statutes_regs/guidance/html/FIN-2010-A011.html)

Know Your Customer (KYC) refers to due diligence activities that financial institutions and other regulated companies must perform to ascertain relevant information from their clients for the purpose of doing business with them. The term also refers to the bank regulation which governs these activities. Know your customer policies are becoming increasingly important globally to prevent identity theft, financial fraud, money laundering and terrorist financing. (Source: Wikipedia - http://en.wikipedia.org/wiki/Know_your_customer)

Politically exposed person (PEP) is a term that describes a person who has been entrusted with a prominent public function, or an individual who is closely related to such a person. By virtue of their position and the influence that they may hold, a PEP generally presents a higher risk for potential involvement in bribery and corruption. Most financial institutions view such clients as potential compliance risks and perform enhanced monitoring of accounts that fall within this category.  (Source: Wikipedia - http://en.wikipedia.org/wiki/Politically_exposed_person)

Red Flags are potentially suspicious activities may help banks and examiners recognize possible money laundering and terrorist financing schemes.

Management’s primary focus should be on reporting suspicious activities, rather than on determining whether the transactions are in fact linked to money laundering, terrorist financing, or a particular crime.  Many activities or patterns of activity are unusual and potentially suspicious, and are used as indicators or Red Flags of potential money laundering or terrorist financing.

Red Flags, when encountered, may warrant additional scrutiny. The mere presence of a red flag is not by itself evidence of criminal activity. Closer scrutiny should help to determine whether the activity is suspicious or one for which there does not appear to be a reasonable business or legal purpose. (source: APPENDIX F: MONEY LAUNDERING AND TERRORIST FINANCING "RED FLAGS" - FFIEC - Federal Financial Institutions Examination Counsel)

Smurfs - A popular method used to launder cash in the placement stage. This technique involves the use of many individuals (the"smurfs") who exchange illicit funds (in smaller, less conspicuous amounts) for highly liquid items such as traveller cheques, bank drafts, or deposited directly into savings accounts. These instruments are then given to the launderer who then begins the layering stage.

For example, ten smurfs could "place" $1 million into financial institutions using this technique in less than two weeks.

(source: About Business Crimes Solutions  I.c. https://www.moneylaundering.ca/public/law/3_stages_ML.php)

When a financial institution is processing a transaction for a customer and has concerns that the funds may be derived from crime or that the beneficiary is linked to crime, the firm is obliged to submit a SAR to the FIU (Financial Intelligence Units). In larger financial institutions, particularly those with a large Retail customer base, automatic systems are used to monitor account activity and to issue an "alert" to an operator when activity is different from that expected or historic activity.

The information which must be reported in the SAR is basically anything which would help the FIU to further its investigations and also, importantly, link the SAR to other SARs and other investigations if they can. Therefore, what is often reported includes name of the customer, bank branch and account details, the transaction itself (and others where relevant) and the beneficiary. A firm will often have ongoing dialogue with the FIU as the investigation continues and more information is requested.

Threat finance encompasses the means and methods used by organizations to finance operations and activities that pose a threat to U.S. national security.  A range of actors – foreign terrorist organizations (FTOs), narco- and human traffickers, transnational organized crime (TOC), and cyber criminals – engage in an assortment of financial activities to ensure the reliability of cash flows and protect them from disruption. 

Modi operandi are equally diverse: shell organizations, donations from complicit and unwitting sources, extortion, kidnapping, counterfeiting, and fraud, are all common means.  An emerging threat is that of a sophisticated set of actors who engage in market-based commodities or securities schemes, or cyber crime.

The practice underpinning all of these activities is money laundering, or the process by which illicitly-gained funds are concealed and made to appear legitimately sourced.  Consequently, it is money laundering that governments and International Financial Institutions (IFIs) endeavor to curtail through anti-money laundering (AML) policy and practices.  (source: American Security Project - Threat Finance and Financial Intelligence)

The USA PATRIOT Act (commonly known as the Patriot Act) is an Act of the U.S. Congress that was signed into law by President George W. Bush on October 26, 2001. The title of the act is a ten letter acronym (USA PATRIOT) that stands for Uniting (and) Strengthening America (by) Providing Appropriate Tools Required (to) Intercept (and) Obstruct Terrorism Act of 2001.The act, as a response to the terrorist attacks of September 11th, significantly reduced restrictions in law enforcement agencies' gathering of intelligence within the United States; expanded the Secretary of the Treasury’s authority to regulate financial transactions, particularly those involving foreign individuals and entities; and broadened the discretion of law enforcement and immigration authorities in detaining and deporting immigrants suspected of terrorism-related acts. The act also expanded the definition of terrorism to include domestic terrorism, thus enlarging the number of activities to which the USA PATRIOT Act’s expanded law enforcement powers can be applied. (Source: Wikipedia - http://en.wikipedia.org/wiki/Patriot_Act)