By 
As the new year unfolds, the Office of the Comptroller of the Currency (OCC) is set to heighten scrutiny on larger financial institutions (FIs), focusing on compliance, operational resilience, and risk management. While the Federal Reserve and the Consumer Financial Protection Bureau (CFPB) dominate financial headlines with their rulemaking, the OCC is quietly steering impactful regulatory measures, particularly targeting anti-money laundering (AML) and operational risks.
AML Compliance Under Tight Review
The OCC, an independent bureau under the U.S. Treasury Department, oversees national banks and federal savings associations. In recent developments, the regulator has ramped up enforcement actions to address deficiencies in AML and Bank Secrecy Act (BSA) compliance among major banks.
In December, the OCC issued a cease-and-desist order against Bank of America, citing lapses in filing suspicious activity reports (SARs) and deficiencies in sanctions compliance. The bank has been directed to implement enhanced internal controls to mitigate risks associated with money laundering, terrorist financing, and sanctions violations. These controls must include robust sanctions screening systems, subjected to periodic independent validation.
Similarly, USAA Federal Savings Bank faced a revised cease-and-desist order, replacing earlier directives issued in 2019 and 2022. The OCC identified shortcomings in USAA’s internal audit processes and SARs reporting, mandating the institution to evaluate compliance and operational risks before introducing new products, services, or expanding its membership criteria.
These enforcement actions are part of a broader crackdown that includes penalties for other banks, such as a $450 million fine levied on the U.S. operations of TD Bank for BSA/AML program failures.
Navigating a Complex Risk Landscape
In its recent Semiannual Risk Perspective, the OCC underscored the importance of dynamic, risk-based compliance frameworks to address evolving threats. The report highlighted elevated operational risks, including cyber threats and third-party vulnerabilities, that necessitate robust risk management and operational resilience.
Banks are urged to enhance fraud investigations and unauthorized transaction dispute processes while maintaining strong third-party risk management protocols. The OCC’s findings align with broader trends in the financial services sector, where artificial intelligence (AI) and machine learning are increasingly deployed for anti-fraud initiatives. According to PYMNTS Intelligence and Hawk AI, 70% of FIs now utilize AI in their fraud detection efforts.
A Strategic Roadmap for FY 2025
The OCC’s supervision operating plan for fiscal year 2025 outlines a strategic focus on intelligence analysis, threat detection, and robust access controls, including multifactor authentication. Key priorities include monitoring third-party relationships, particularly with financial technology companies (FinTechs) that provide banking products and services.
Acting Comptroller of the Currency Michael J. Hsu has expressed support for federal payments regulations and a chartering framework for nonbank entities, signaling a continued effort to modernize oversight mechanisms in a rapidly evolving financial landscape.
The Path Forward
As the OCC sharpens its regulatory focus, financial institutions must proactively adapt to these intensified scrutiny measures. Strengthening compliance frameworks, addressing operational risks, and leveraging advanced technologies like AI will be critical for navigating the OCC’s evolving oversight priorities.
Comments