As 2022 quickly approaches there are a few key things that risk and compliance officers should be on the lookout for:


One of the most important things to pay attention to in 2022 is how the Bank Secrecy Act (BSA) and AML/CTF (Anti-Money Laundering and Counter-Terrorist Financing) regulations will impact businesses. New legislation will require firms to reveal beneficial ownership information to the federal government in the form of the Corporate Transparency Act. The Corporate Transparency Act is one of the most profound efforts made by the U.S. to tackle money laundering and provides FinCEN with significant powers to adopt regulations and update provisions with the CTA. Per Section 6211 of the AML Act of 2020, the Department of the Treasury will host a global anti-money laundering and financial crime symposium focused on how technology can be used more effectively to combat illicit activities. This symposium will allow multinational firms to learn about new AML technologies and enhance BSA/AML efforts to keep Americans and our financial system safe from harm. Not only will all of these updates target financial crimes and nefarious behavior but it will also make it more difficult for bad actors to conceal a source of funds. 

FinCEN also specified in the AML Act of 2020 instructions for firms when filing Suspicious Activity Reports (SARs) related to the trade of antiquities and art. For decades art has been used by firms and individuals as a tool to mask money laundering and other criminal activities. To combat this, the AML Act now requires the Secretary of the Treasury, the Director of the Federal Bureau of Investigation, the Attorney General, and the Secretary of Homeland Security to formally investigate the facilitation of money laundering and the financing of terrorism through art trading. There will be a focus on high-value trades and an emphasis on identifying the actual purchasers of high-value pieces, in addition to identifying everyone that took part in the trade.


As Cryptocurrency gains more momentum expect crypto-specific and other digital asset regulation to increase. Due to its decentralized structure, cryptocurrency has been seen as a means to get away with criminal activity. Catching those that have “illegally” acquired significant gains through crypto-currency has been difficult for regulators, though public transaction structures for crypto assets do provide strong mechanisms for monitoring and information gathering. Know-Your-Customer (“KYC”) and Customer Identification Procedures (“CIP”) requirements are becoming increasingly more critical for businesses in this sector. Earlier this year, the federal government successfully pursued criminals and hackers who have acquired BitCoin through theft or have tried to mix clean and tainted cryptocurrency by tracing the source of digital assets. Although the government has seen success with tracing, the process requires highly trained individuals and is thus very expensive. At the moment, 32 states have pending legislation that directly impacts cryptocurrency. States are establishing new crypto-specific subcommittees, updating legislation to be more inclusive of digital currency, and are clarifying their control on virtual currency. More specifically, states such as Hawaii, Arkansas, Louisiana, and Kentucky have all made efforts to consider digital currency as an asset and are becoming increasingly aware of how digital currency can impact businesses and state affairs. These newly sparked conversations surrounding cryptocurrency will surely set the stage for what is to come in the near future regarding its regulation, and it will be interesting to see how the legislation from the state and federal level will impact the future of digital currency in the U.S. 

Data Privacy

Data privacy has been a contentious topic in the United States for years, and more states are making legislative strides to provide even more protection for consumer data. This new legislation will provide more protection for consumers against unfair practices in the marketplace and specified parameters as to how businesses should handle and protect sensitive personal information provided by customers. Lawmakers in Connecticut and New Jersey are currently following in the steps of states like New York, California, Nevada, and Maine, who’ve been able to successfully propose bills instead of waiting on the federal government to act. The California Privacy Rights Act (CPRA), the Colorado Privacy Act (CPA), and The Virginia Consumer Data Protection Act (VCDPA) are currently being set to be operative starting in 2023. These three acts have the potential to set a precedent for what is to come in the near future regarding consumer privacy, and financial institutions specifically should be looking for ways that they can effectively operate while meeting these new game-changing compliance requirements.