Anti-Money Laundering (AML) Regulatory Reform: A Call for First Principles Thinking

As we approach the 25th anniversary of modern Anti-Money Laundering (AML) compliance, it's time to evaluate its effectiveness and determine whether these regulations achieve their intended goals. Established to combat financial crime, AML regulation has grown into a complex, costly, and unwieldy system. Yet, after decades of implementation, industry stakeholders, regulators, lawmakers, and the public still grapple with a fundamental question: Are these regulations making a positive impact?
Defining what constitutes a "positive impact" in the context of AML remains elusive. Without clear, measurable benchmarks, everyone questions the value and purpose of numerous AML processes. The lack of consensus on the most basic definition of effectiveness undermines trust in the system, making it an easy target for criticism from frustrated lawmakers, citizens, and AML compliance professionals. This raises significant questions about its future.
In his campaign, Donald Trump stressed the need for regulatory reform, pointing out inefficiencies and promoting the overhaul of outdated approaches. This message struck a chord with voters who saw the need for a new approach to complex regulatory systems. In the opening months of the new Administration, it’s clear this was a campaign promise the President intends to fulfill.
It is time to revitalize and invigorate the bloated and calcified systems that fail to impede bad actors. Our current AML system has a debilitating impact on individuals who pursue careers aimed at protecting our nation’s institutions and fellow citizens. It's time to apply First Principles Thinking to how we regulate AML.
AML's First Principles
First Principles Thinking is a problem-solving approach that breaks complex issues down to their fundamental elements. It helps overcome assumptions and rebuild ideas from the ground up. AML's foundational principle is straightforward: identifying, investigating, and reporting suspicious activity. This principle is designed to prevent and detect financial crimes such as money laundering, terrorist financing, and corruption.
However, the growth of AML regulations over the past two decades has added numerous costly and time-consuming processes, including enhanced due diligence requirements, model validation, and risk assessments, to name just a few. While these additions are well-intended, little to no analysis has been conducted to determine whether they have had a net positive impact on achieving AML's fundamental purpose.
The absence of transparent, evidence-based evaluation leads to a system prioritizing lots of activity and box-ticking over actual outcomes. This inefficiency drains resources and burdens financial institutions and their customers.
No Defined Metrics for Success
The most significant challenge confronting AML regulation is the absence of clearly defined success metrics. Has anyone ever reached a consensus on what qualifies as a "positive impact" in combating financial crime?
This lack of clarity drives financial institutions and regulators to prioritize checklist compliance over achieving meaningful outcomes. For instance, filing many SARs may demonstrate activity, but it does not necessarily produce actionable intelligence for law enforcement. Spending millions of dollars to “validate” models sounds useful, but is there any evidence it is? Is there a clear line between a comprehensive AML Risk Assessment and higher-quality Suspicious Activity Reports? A regulatory system that lacks performance measurements leads to unchecked growth, massive inefficiency, and widespread frustration.
Proposed Approach for AML Regulatory Overhaul Review
To address these challenges, a comprehensive review of AML regulations is essential. Here is a proposal:
In 2025, a collaborative team comprising Congressional policy staff, AML examiners from the OCC, Federal Reserve, FDIC, representatives of FinCEN, federal law enforcement, and AML personnel from at least 15 financial services firms (representing a variety of asset sizes, risk profiles, and locations) should conduct a series of studies aimed at defining and determining the following:
Transparent, repeatable methods to measure the benefits or drawbacks of all the supporting AML compliance processes added in the past quarter century. These should include, at a minimum:
- Customer Risk Rating
- Ultimate Beneficial Ownership Programs
- AML System Model Validation
- AML Risk Assessments
The results of these studies should be compiled into publicly available reports, complete with supporting data. These reports would provide a foundation for lawmakers, regulators, and the industry to modify AML laws and regulations, ensuring that financial institutions are only required to comply with clear, measurable, and demonstrably effective rules that uphold AML's First Principle – identifying, investigating, and reporting suspicious activity.
To guard against confirmation bias and what may be a tendency for existing government employees and industry AML staff to favor regulations, these study teams should also include representatives from the new Department of Government Efficiency (DOGE) and consider adding representatives from civil liberties groups.
These study teams should also consider creating pilot programs that temporarily suspend specific existing regulations and practices to assess their impact on identifying, investigating, and reporting suspicious activities. For example, banks with strong AML compliance programs might pause Model Validation or Customer Risk Rating tasks for one year as part of this evaluation process to determine whether their absence has any significance.
Let's use Customer Risk Rating (CRR) as an example for a study team. First, the team agrees on a specific essential question: "Are customers classified as 'High Risk' by an institution’s policy more likely to engage in suspicious activity?“ If the study team finds that this is the case, what are the documented and supported reasons? If they find it is not, is it a failure of bank policy that, if changed, would enhance the relevance of CRR, or is there no evidence to validate CRR as a definitive indicator of an increased likelihood of suspicious activity? Concrete evidence is necessary to justify the decision to maintain CRR. The same applies to all other processes, such as risk assessments and model risk management. Without tangible and transparent supporting evidence, it should be removed from regulation.
During this time, it is essential to halt the issuance of new AML regulations, including any pending regulations from the AML Act of 2020 that have not yet been finalized. This moratorium would provide stakeholders the necessary breathing room to focus on reform and ensure that future regulations are grounded in evidence.
Conclusion
After 25 years and countless billions spent on AML compliance, it’s time to deliver what taxpayers and citizens expect: a financial system that is protected from criminal abuse, upholds constitutional rights, and is committed to eliminating wasteful spending on ineffective measures. By embracing First Principles Thinking, setting clear success metrics, and conducting a comprehensive regulatory review, we can establish a system that identifies, investigates, and reports suspicious activity while keeping costs low and earning the public’s trust.
Principal Author: David Caruso, Co-Chair ExCo
Review and Editorial Process: 16 Members of ExCo
What is ExCo, by i3strategies®?
ExCo is an Executive Council comprised of members who have held the board-appointed BSA Officer (or equivalent title) designation and are active contributors in the financial crime risk and compliance space.