Crypto & Virtual
Assets
"FinCEN's 2019 VASP guidance is still widely misunderstood"
Regulatory Body
FinCEN, State Money Transmitter Regulators, SEC (for securities-related tokens), CFTC
Examiner
IRS BSA Examiners, State Banking Departments
Training Frequency
Annual minimum; semi-annual recommended given rapid regulatory evolution
Regulatory Landscape
Virtual Asset Service Providers operating in the United States are subject to BSA requirements as money transmitters. FinCEN's 2019 guidance clarified that businesses engaged in exchanging, transferring, or administering virtual currencies are MSBs and must comply with all applicable BSA obligations. Despite this clarity, many crypto businesses are still operating without adequate AML programs and FinCEN enforcement actions in this space are increasing.
BSA/AML Obligations
The following obligations apply to Crypto & Virtual Assets under the Bank Secrecy Act and applicable FinCEN guidance.
MSB Registration
Register with FinCEN as a money services business before commencing operations.
BSA/AML Program
A written, risk-based AML program tailored to the VASP's specific products, customer base, and transaction types.
Customer Identification Program (CIP)
Verify customer identity at onboarding using government-issued identification and maintain records.
SAR Filing
File SARs for transactions of $2,000 or more involving suspected money laundering or other financial crimes.
Travel Rule Compliance
Transmit required customer information with virtual currency transfers above $3,000.
Sanctions Screening
Screen customers and transactions against OFAC sanctions lists and block prohibited transactions.
Risk Indicators
Red Flags to Watch For
- Customer uses privacy coins or mixing services to obscure transaction trails
- Transactions to or from wallets associated with darknet markets or sanctioned entities
- Customer provides minimal information and resists enhanced due diligence
- Rapid conversion of virtual currency to fiat with no apparent business purpose
- Transaction patterns consistent with layering across multiple wallets
- Customer account activity inconsistent with stated business purpose
- Use of peer-to-peer platforms to avoid exchange-level monitoring
- Transactions structured just below SAR filing threshold
Curriculum
Training Topics Covered
- FinCEN's 2019 VASP guidance and MSB classification
- BSA/AML requirements for cryptocurrency exchanges
- Customer identification in digital asset onboarding
- Blockchain analytics and transaction monitoring
- Travel Rule compliance for virtual currency transfers
- OFAC sanctions screening for crypto transactions
- SAR filing for virtual asset suspicious activity
- FinCEN enforcement actions against crypto businesses
Common Examination Findings
These are the most frequently cited deficiencies in Crypto & Virtual Assets AML programs. Addressing them proactively is the difference between a clean examination and a finding.
Failure to register with FinCEN as an MSB
No written AML program or program not tailored to crypto operations
Customer identification procedures inadequate for digital onboarding
Travel Rule compliance not implemented
Sanctions screening not applied to wallet addresses
Get Crypto & Virtual Assets AML Training
Industry-specific, NAMLC-verified training through Soflo Consulting and AML Training Center.