The comment window on FinCEN’s effectiveness rule closes June 9. What the industry put on the record tells you more about the final rule than the proposal itself — and why waiting for it is the wrong move.

The fault line runs through the preamble, not the rule

On April 7, FinCEN proposed the most consequential rewrite of the Bank Secrecy Act’s program rules in a generation. Sixty days later, on June 9, the comment window closes. The proposal drew wall-to-wall coverage when it landed. The comment record — what banks, trade groups, and the rest of the regulated world actually argued for — has drawn almost none. That’s a mistake, because the comments are where the shape of the final rule becomes visible.

Start with what is not in dispute. The industry is not fighting the direction. The shift from “check the box” to “prove it works” has broad support; the largest bank trade associations publicly welcomed the proposal, including FinCEN’s expanded supervisory role. The contest — to the extent there is one — is about precision. And precision is exactly what decides whether the effectiveness standard becomes a genuine modernization or simply a new and larger surface for examiner discretion.

The single most important structural feature of the proposal is also its biggest vulnerability: many of its most consequential expectations live in the preamble, not in the binding regulatory text. The factors that define what makes a program “effective” — risk-based prioritization, adoption of innovative technology, participation in information-sharing — are described in the explanatory commentary rather than codified in the rule.

Preamble language does not constrain examiners the way regulatory text does. Expect the comment record to push hard on one demand: move the effectiveness factors into the rule itself. If FinCEN does, the final rule has teeth. If it does not, “effectiveness” becomes whatever the examiner in the room decides it is — the opposite of the certainty the reform promises.

“Effective” is still defined in a circle

As drafted, a program is “effective” if it is established and maintained in accordance with the final rule. Read that twice. It is close to circular: effective means compliant, and compliant means effective. The proposal does more work than that in practice. The two-pronged framework that separates a program’s establishment (its design) from its implementation (its day-to-day operation) is a real and useful distinction, and the threshold limiting enforcement to “significant or systemic” failures gives sound programs meaningful breathing room.

But commenters flagged the obvious risk in earlier rounds of this rulemaking: institutions cannot allocate resources with confidence when the standard is ambiguous and examiner expectations are inconsistent. Watch the final rule to sharpen the establishment-versus-implementation line and to put boundaries around what “significant or systemic” actually means.

The Federal Reserve’s empty chair

One detail almost no one is discussing: the Federal Reserve did not join. The companion banking-agency rule that aligns supervision with FinCEN’s framework was issued by the FDIC, the OCC, and the NCUA. The Fed is expected to follow, but as of the comment deadline it had not. For a reform whose entire premise is consistency across regulators, a missing prudential supervisor is a genuine crack. A Fed-supervised bank could, in principle, face one effectiveness standard from FinCEN’s rule and a differently calibrated posture from its primary examiner.

The proposed 30-day consultation requirement — under which a banking supervisor must give FinCEN’s Director advance written notice before a significant AML/CFT action — is built to close exactly this gap. But as drafted it applies to banks, and not to other categories of institution or to state supervisors. Expect non-bank commenters — money services businesses, broker-dealers, and the registered-adviser sector — to argue that consistency and fairness require the same gate for everyone.

The one signal that’s already locked

Strip away the open questions and one thing is settled: the direction will not reverse. This proposal is the second attempt to implement the Anti-Money Laundering Act of 2020. The 2024 version was withdrawn for failing to deliver on the Act’s goals; this one keeps its core and adds the supervisory machinery the earlier draft lacked. Whatever the final text says, the regime is moving — permanently — from measuring inputs to measuring outcomes. And the proposal is explicit that adopting innovative technology and source-verified data is itself evidence of an effective program. That is not a hint. It is an invitation.

What to do before the ink dries

You do not need the final text to start. Three moves are robust to whatever the wording turns out to be:

1. Build to the preamble, document to the text. Design your program to the effectiveness factors FinCEN described — risk-based prioritization, innovative technology, information sharing — and document each decision against the specific risk it addresses, so the audit trail survives whichever way the final language lands.
2. Draw your own establishment / implementation line. Do not wait for an examiner to draw it for you. Separate your design rationale (why the program is built this way) from your operating evidence (how it actually performs), so an isolated operational miss is never argued as a design failure.
3. Make effectiveness measurable now. Outcome-based supervision needs outcome-based metrics — detection rate, investigation yield, false-positive cost, risk coverage. If you cannot show the numbers, you cannot prove effectiveness, regardless of how the rule reads.