At ACAMS Vegas this year, John K. Hurley, the Under Secretary for Terrorism and Financial Intelligence, signalled a serious rethink of America’s anti-money laundering playbook. His keynote wasn’t box-ticking rhetoric; it laid out an intelligence-first model, with law enforcement and national security agencies positioned as the true “customers” of the AML system.
Hurley’s critique was blunt: years of process-driven compliance have flooded the system with low-value SARs/CTRs and sprawling paperwork, while throttling the timely delivery of genuinely useful financial intelligence. The fix, he argued, is outcome-based supervision—measuring programmes by what they surface for investigators, not by how closely firms mirror an examiner’s checklist. If adopted, that would reset incentives across banks, fintechs and NBFIs, and align the regime with the Trump administration’s stated priorities on sanctions, terrorism and drug trafficking.
A new “customer” and a new metric: usefulness
Hurley’s first—and perhaps most radical—idea is to make law enforcement and national security agencies the true “customers” of the AML system. For decades, banks and other financial institutions have been told to file reports in vast quantities, with regulators measuring compliance by volume. That has left law enforcement drowning in “noise”—SARs and CTRs that are technically compliant but practically useless.
If Hurley’s vision takes hold, financial institutions will no longer be rewarded for box-checking but for producing high-value intelligence. That reframes AML not as a paperwork exercise but as an intelligence operation. For compliance officers, it could mean a major recalibration of priorities: spending fewer hours filing defensive SARs and more time building systems that capture activity tied to drug trafficking, sanctions evasion, terrorism, and fraud which are the Trump administration’s declared top threats.
Outcome-based examinations
A related shift would be in how financial institutions are evaluated. Hurley wants to move away from subjective, process-driven examinations and towards objective, outcome-based assessments. The effectiveness of a programme should be judged not by whether every i is dotted in an examiner’s checklist, but by whether suspicious activity is actually detected and reported.
If enacted, this would be a seismic change. It could free institutions from the suffocating burden of documenting non-SAR decisions and reduce the incentive to flood FinCEN with useless reports. But it also raises hard questions: what metrics will measure “effectiveness”? How will regulators define a “miss”? And will institutions risk harsher penalties if illicit activity slips through the cracks?
Technology as a force multiplier
Perhaps the most optimistic part of Hurley’s vision lies in technology. With a background in financial services and investment, he is bullish on the potential of AI, blockchain analytics, digital identity, and APIs to transform compliance. If a bank can demonstrate that an AI system reduces false positives and surfaces more valuable SARs, he argued, it should be “celebrated, not written up.”
This is a clear nod to financial institutions experimenting with machine learning to sift through vast transaction datasets more intelligently. It also suggests regulators may finally be willing to align rules with reality, updating outdated requirements that still assume 2003-era technology. The question is whether regulators will move quickly enough to keep pace with industry innovation.
Quick wins and burden relief
Hurley also pointed to immediate relief measures: allowing banks to obtain taxpayer identification numbers from third parties, reforming “continuing activity reviews,” and eliminating needless data collection on legitimate low-risk customers. For smaller institutions, this could mean a significant reduction in compliance costs.
But here too lies a balancing act. Regulators must ensure that simplification does not open new avenues for exploitation—especially at a time when adversaries are increasingly sophisticated in their financial manoeuvres.
Incentives, not just penalties
Perhaps the most nuanced element of Hurley’s remarks was his call for positive incentives. Too often, AML regulation has been about punishment: fines, sanctions, enforcement actions. Hurley argued that if compliance innovations save money, firms should be encouraged (or required) to reinvest those savings into stronger systems, not simply pocket them.
This speaks to a deeper cultural shift: treating compliance as a competitive advantage rather than a sunk cost. But it also raises the question of whether the Treasury has the tools to reward good behaviour, not just punish bad.
The expanding frontier: venture capital under AML supervision
Venture capital has long been a blind-spot in the perimeter. For years, critics have warned that VCs provided an unregulated gateway for illicit finance, particularly from foreign actors seeking influence in the tech sector. With sanctions on Russia, Iran, and China intensifying, and terrorist groups increasingly experimenting with crypto, the move to bring VCs under AML oversight reflects both geopolitical priorities and the Trump administration’s broader crackdown on drug trafficking, terrorism financing, and sanctions evasion.
Earlier guidance and industry commentary focused on a 1 January 2026 start for investment adviser–covered AML obligations, bringing VC into scope alongside other advisers. That timing has moved: FinCEN has proposed a two-year delay, pushing the effective date to 1 January 2028 for the Investment Adviser AML rule (covering RIAs and many ERAs that capture VC activity). Final timing is pending the rulemaking.
Even with the proposed delay, the direction of travel is clear. VC firms should start laying down the plumbing: proportionate CDD/KYC on investors and portfolio entities, sanctions screening aligned to current OFAC priorities, source-of-funds/source-of-wealth checks commensurate with risk, and SAR readiness (governance, escalation, drafting, and secure liaison paths to law enforcement). This aligns with Treasury’s threat-led posture and will shorten the runway once the final effective date lands.
Policy through the lens of current priorities: drugs, sanctions, terrorism
The administration’s enforcement drumbeat underscores where AML/CFT will bite. Recent Treasury/OFAC actions against Sinaloa-linked “Los Chapitos” and related fentanyl networks, and senior-level rhetoric about taking the fight to drug traffickers, show sanctions and terror-finance tools being trained on narcotics supply chains and cartel infrastructure. That reinforces the need for typology-aware monitoring across correspondent banking, trade finance, MSBs, and private capital flows.
What it all could mean in practice
If Hurley’s model lands, AML in the US looks leaner, faster and more targeted. Examinations become less about immaculate documentation and more about measurable contribution to national-security outcomes. Technology could become the default expectation, not an edge case. And incentives evolve so the smartest compliance teams aren’t punished for innovating—they’re benchmarked, copied and rewarded.
In short: less paper, more intelligence; fewer boxes, more results. If the Treasury can codify objective effectiveness metrics, keep quick-win relief coming, and stay aligned to the real threat set—sanctions evasion, terrorism, and drug trafficking—this could indeed be that once-in-a-generation reset.
