Section 3 Understanding Trading, Customer Accounts and Prohibited Activities

Anti-Money Laundering (AML)

20 min read · Lesson 6 of 10

About This Lesson

Anti-money-laundering rules are one of the SIE's heaviest regulatory topics, and this is a chapter where the specifics get tested: the dollar thresholds, the filing deadlines, and the exact terms. Memorize the numbers and a dense topic turns into reliable points.

What you'll cover

  • The three stages of laundering: placement, layering, and integration
  • The Bank Secrecy Act, the USA PATRIOT Act, and the four-pillar AML program
  • CIP and the CDD rule, including the 25% beneficial-ownership requirement
  • SAR and CTR filings, their thresholds and deadlines, and the rule against tipping off
  • Structuring red flags, OFAC screening, and enhanced due diligence for PEPs

Lock in two numbers cold: a SAR is filed for suspicious activity of $5,000 or more, and a CTR for cash transactions over $10,000. The exam loves to test them with structuring scenarios set just under the line.

In this chapter ~20 min · 6 concept checks
Section 1 of 4 ~5 min

The Money-Laundering Process

Money laundering is the work of taking money earned illegally and making it look like it came from a legitimate source. It almost always moves through three stages, and the SIE expects you to name them in order.

  1. Placement: the dirty cash first enters the financial system, for example as a bank deposit. This is the riskiest stage for the launderer, because raw cash is the easiest point to detect.
  2. Layering: the funds are moved through a web of transactions, transfers, trades, and shell entities, to break the trail back to the original crime.
  3. Integration: the now-"cleaned" money returns to the criminal in a form that looks legitimate, such as proceeds from a business or an investment sale.

A quick way to hold the order: the money is placed in, layered to hide it, then integrated back out.

🌎 Why This Matters
In 2012, HSBC paid $1.9 billion, at the time the largest bank fine in history, for systematic failures in its anti-money laundering controls. Investigators found the bank had processed hundreds of millions of dollars for drug cartels and sanctioned countries. AML compliance isn't a box-checking exercise, failures have real consequences, for firms and for the individuals responsible.
The Three Stages of Money Laundering
1
Most Detectable
Placement
  • Dirty money first enters the financial system
  • Cash from illegal activity is deposited
  • Examples: cash deposits, buying monetary instruments, casino chips
  • Structuring (smurfing) happens here
  • Most vulnerable stage, easiest to detect
2
Most Complex
Layering
  • Concealing the trail through complex transactions
  • Wire transfers across multiple accounts and jurisdictions
  • Converting cash to securities, real estate, luxury goods
  • Shell companies and offshore accounts used here
  • Creates distance between money and its source
3
Hardest to Detect
Integration
  • Laundered money re-enters the legitimate economy
  • Appears to be from legal sources (investments, business income)
  • Real estate purchases, luxury goods sold back to market
  • Once integrated, extremely difficult to trace
  • Goal achieved, money appears "clean"
PlacementLayeringIntegration
SIE exam tip: Questions describe a scenario, you identify the stage. Cash being deposited in small amounts = Placement (structuring). Money moving through multiple accounts or countries = Layering. Money used to buy a legitimate business or property = Integration.
🔍 Put It In Order: The Three Stages of Money Laundering
Put It In Order
Arrange the three stages of money laundering in the correct order. Then put the example activities under each stage in the right sequence.
💡 Desktop: drag to reorder. Mobile: tap two items to swap them.
    ✅ Correct Order
    The three stages. Placement → Layering → Integration: are one of the most frequently tested AML concepts on the SIE. Remember: placement is the most vulnerable stage for detection (the money is still "dirty"), which is why BSA reporting requirements like CTRs ($10,000+) and SARs ($5,000+ suspicious) focus heavily on the initial deposit stage.
    Section 2 of 4 ~6 min · 1 concept check

    The Legal Framework and AML Program

    AML duties trace back to two federal laws, and the exam likes to ask which one did what.

    Bank Secrecy Act (BSA), 1970

    The original framework. It requires financial institutions to help the government detect and prevent money laundering, and it established currency reporting (the CTR) and the recordkeeping rules.

    USA PATRIOT Act, 2001

    Passed after 9/11, it sharply expanded AML obligations. Four sections come up most:

    • Section 314(a): lets law enforcement ask financial institutions for information about specific people suspected of terrorism or money laundering.
    • Section 314(b): lets financial institutions voluntarily share information with each other to spot and report suspected laundering.
    • Section 326: requires a Customer Identification Program (CIP), verifying the identity of anyone opening an account.
    • Section 352: requires every broker-dealer to maintain a written AML compliance program.

    Section 352's required AML program rests on four pillars, and every FINRA member firm must have all four.

    1. Written policies and procedures, tailored to the firm's size and business.
    2. A designated AML compliance officer, who must be a registered principal responsible for overseeing the program.
    3. Ongoing employee training, appropriate to each person's role.
    4. Independent testing, an audit by a party independent of the compliance function, whether internal audit or an outside firm.

    The newer CDD rule is sometimes called the "fifth pillar," and it is covered next.

    FinCEN's Customer Due Diligence (CDD) rule, effective 2018, sharpened what a firm must know about its customers. It has four core requirements:

    1. Identify and verify each customer's identity (the CIP step).
    2. Identify and verify the beneficial owners of a legal-entity customer.
    3. Understand the nature and purpose of the relationship to build a customer risk profile.
    4. Conduct ongoing monitoring to keep information current and report suspicious activity.

    Beneficial ownership

    When a legal entity (an LLC, corporation, partnership, or trust) opens an account, the firm must identify two things: each individual who owns 25% or more of the entity (the ownership prong), and one individual with significant managerial control (the control prong), which is required even when no single person owns 25%.

    OFAC screening

    Separately, firms must screen customers against the Office of Foreign Assets Control's Specially Designated Nationals (SDN) list. A match generally means the firm cannot do business with that person and must block the assets and report to OFAC, since these are sanctioned individuals and entities.

    Concept Check

    Under the FinCEN CDD Rule, when a corporation opens a brokerage account, the firm must identify each beneficial owner who holds what minimum percentage of the entity?

    The CDD Rule requires firms to identify and verify beneficial owners who hold 25% or more of a legal entity account. Additionally, at least one individual with significant managerial control must be identified, even if no one meets the 25% ownership threshold.
    Section 3 of 4 ~6 min · 4 concept checks

    Spotting and Reporting Suspicious Activity

    The SIE often hands you a scenario and asks whether it looks suspicious. The single most tested red flag is structuring.

    • Structuring (smurfing): breaking a large cash transaction into pieces each just under $10,000 to dodge a CTR filing. It is illegal on its own, even when the underlying money is perfectly legitimate.
    • A customer who is reluctant to provide required identification.
    • Transactions with no apparent business purpose or economic rationale.
    • Frequent wire transfers to or from high-risk jurisdictions.
    • An account used as a pass-through, where money flows in and right back out.
    • A customer unusually focused on the firm's reporting thresholds.
    • Third-party deposits with no clear connection to the account holder.

    When something fits one of these patterns, the firm investigates and, where warranted, files a SAR, without ever telling the customer.

    SAR vs. CTR, Complete Comparison:

    SARCTR
    Threshold$5,000+ suspicious activity$10,000+ cash transaction
    Filing deadline30 days after detection15 days after transaction
    Filed withFinCENFinCEN
    Customer notificationNEVER (tipping off is illegal)May be informed
    TriggerSuspicious behavior or patternAutomatic for cash over $10K
    Retention5 years from filing date5 years from filing date
    Critical Rule: When filing a Suspicious Activity Report (SAR), you must NEVER inform the customer that a report has been or will be filed. This is called "tipping off" and is a violation of federal law.
    🔍 Scenario: Suspicious Deposits
    Scenario Walkthrough
    👤 New Client: Robert Vance, 52, "Cash Business Owner"
    Robert opens a new brokerage account on Friday and immediately deposits $9,500 in cash. The following Monday, he deposits another $9,800 in cash. On Tuesday, he deposits $9,200 in cash. He says he runs a car wash and prefers dealing in cash. You're the compliance officer reviewing these transactions.
    Step 1 of 4
    ✅ Scenario Complete
    • CTR threshold: $10,000+ in cash in a single business day. Filed automatically with FinCEN, no suspicion required.
    • Structuring = breaking up transactions to avoid the $10,000 threshold. It's a federal crime even if the money is legal.
    • SAR threshold: $5,000+ when suspicious activity is detected. Filed with FinCEN within 30 days.
    • SAR confidentiality is absolute. Tipping off the client about a SAR filing is a federal crime.
    Concept Check

    A broker-dealer must file a Suspicious Activity Report (SAR) with FinCEN within how many days?

    A SAR must be filed with FinCEN within 30 days of the date the suspicious activity is detected. The customer must NOT be notified of the filing.
    Concept Check

    A customer makes three separate cash deposits of $4,000 each on the same day. This pattern is known as:

    Structuring (also called "smurfing") is the practice of breaking cash transactions into amounts below $10,000 to avoid Currency Transaction Report (CTR) filing requirements. Structuring is illegal even if the underlying funds are legitimate. The firm should file a SAR in this situation.
    Concept Check

    A broker-dealer files a SAR on a customer. Under AML regulations, the broker-dealer:

    Notifying a customer that a SAR has been filed, known as "tipping off", is strictly prohibited and is itself a criminal offense. The SAR process is confidential. The firm continues to service the account normally while FinCEN and law enforcement investigate. The 30-day filing deadline applies after the firm detects the suspicious activity.
    Concept Check

    Which of the following transactions automatically requires a Currency Transaction Report (CTR)?

    CTRs are required for cash transactions exceeding $10,000, meaning $10,001 and above. The $11,000 cash transaction triggers the requirement automatically. Wire transfers are not cash transactions for CTR purposes. A $9,500 cash deposit does not require a CTR (though structuring deposits to stay under $10,000 is itself illegal). Checks are not cash.
    Section 4 of 4 ~3 min · 1 concept check

    Politically Exposed Persons

    When a customer is, or is closely tied to, a senior foreign political figure, the account carries an elevated risk of holding the proceeds of bribery or corruption. Under Section 312 of the USA PATRIOT Act, firms must apply enhanced due diligence to these relationships, going beyond the standard CIP and CDD.

    Who counts as a PEP

    A Politically Exposed Person (also called a senior foreign political figure) covers three groups:

    • The official: a current or former senior official of a foreign government, a major foreign political party, or a foreign government-owned enterprise, plus senior executives of international organizations.
    • Immediate family: spouses, parents, siblings, children, and in-laws of the official.
    • Close associates: known advisors, financial managers, or business partners publicly tied to the official.

    The rule targets foreign figures; domestic U.S. officials are generally not treated as PEPs under it, though a firm may add scrutiny based on its own risk assessment.

    What enhanced due diligence adds

    EDD layers extra steps onto a normal account: senior management approval before opening (a compliance analyst alone is not enough), extra verification of the customer's source of funds and source of wealth, and more sensitive, more frequent monitoring. Crucially, PEPs are not prohibited customers; the rule imposes scrutiny, not a ban. On the exam, a customer connected to a foreign official by family or business almost always means EDD applies, not that the account must be refused.

    Summary Recap & exam traps

    Chapter Essentials

    Money laundering runs through three stages, placement, layering, and integration, and the rules to stop it come from the Bank Secrecy Act (which created the CTR) and the USA PATRIOT Act (which requires a CIP and a written AML program). Every firm's program rests on four pillars: written procedures, a designated AML officer who is a registered principal, ongoing training, and independent testing. The CDD rule adds identifying any 25% beneficial owner of a legal entity plus one person with managerial control, and firms also screen customers against OFAC's SDN list.

    Two filings carry the numbers worth memorizing: a SAR goes to FinCEN within 30 days for suspicious activity of $5,000 or more, and you may never tell the customer (tipping off is a crime). A CTR goes to FinCEN within 15 days for cash transactions over $10,000. Breaking transactions to stay under that line is structuring, illegal by itself, and a customer tied to a senior foreign official is a PEP requiring enhanced due diligence, not a ban.

    Interactive: Key Numbers Cheat Sheet

    SAR and CTR thresholds, filing deadlines, and every other key number for the SIE.

    Open Tool →
    Exam Traps to Watch

    The reliable gotchas in this chapter:

    SAR is $5,000 in 30 days; CTR is $10,000 in 15 days. Both go to FinCEN. Mixing up the two thresholds or the two deadlines is the single most common AML trap.

    A CTR is about cash, and it is automatic. Cash over $10,000 triggers it with no judgment call. A wire transfer or a check is not cash, so a $10,000 securities purchase by check does not trigger one.

    Structuring is illegal even with clean money. Splitting deposits to stay under $10,000 is the crime by itself, regardless of where the funds came from, and it should prompt a SAR.

    Never tip off the customer. Telling someone a report has been or will be filed is itself a federal crime. The firm keeps servicing the account normally while the filing stays confidential.

    The CDD threshold is 25%. For a legal entity, identify every owner of 25% or more plus one person with managerial control; the control-prong person is required even if nobody hits 25%.

    PEPs get enhanced due diligence, not a ban. PEP status reaches family members and close associates of a senior foreign official, and the answer is EDD (senior-management approval, source-of-wealth checks), not closing or refusing the account.
    Previous Next
    Practice what you just learned

    Test yourself with exam-style questions on this topic.

    Practice Questions