What Banks Should Look For in AML and BSA Training That Stands Up to Examiner Scrutiny in 2026

The FFIEC BSA/AML Examination Manual identifies employee training as one of the five foundational elements examiners evaluate in every AML/CFT program review. Banks that treat training as an annual checkbox have learned what that omission costs, including repeat findings, matters requiring attention, and in the most serious cases, consent orders that restrict business activity and require costly third-party monitoring. The standard examiners apply today goes well beyond measuring whether staff completed an assigned module. 

AML compliance training that holds up under examination has specific characteristics that distinguish it from programs built primarily around completion rates. Those characteristics include demonstrated currency with regulatory updates, consistent delivery across branches and business lines, and documentation granular enough for examiners to reconstruct a training decision. Banks preparing for examination cycles in 2026 face a sharpened set of expectations shaped by the Anti-Money Laundering Act of 2020 and FinCEN’s April 2026 proposed rule reforming AML/CFT program requirements. 

The regulatory environment has moved toward evaluating program effectiveness alongside program existence, and that shift has changed what examiners look for when they open a bank’s training records. Programs that produce satisfactory examination results demonstrate those structural qualities through documentation granular enough to show who received training, when content was updated, and how delivery varied by role. 

The Current State of AML and BSA Training Examiner Expectations 

Examiner expectations for AML and BSA compliance training have grown more specific over the past decade, moving away from process-based checklists and toward outcome-based assessments. An examiner reviewing a bank’s training program in 2026 is focused on whether the evidence shows that staff in high-risk roles received content calibrated to the risks those roles carry. The FFIEC BSA/AML Examination Manual, which guides examiners from the OCC, FDIC, Federal Reserve, NCUA, and state regulators, frames training as an active safeguard within the broader AML/CFT program, with a documented audit trail examiners can review against the bank’s risk assessment. 

What Changed in How Examiners Assess Training Programs 

Before the AMLA 2020 and FinCEN’s subsequent rulemaking, examiner assessments of training programs focused primarily on whether a program existed, whether it was documented, and whether it had been delivered in the prior year. Those procedural questions remain on the examiner checklist, but they no longer define a satisfactory result. Examiners now consider whether training content was updated to reflect changes in the bank’s risk profile, whether the curriculum distinguished between roles with different BSA exposure levels, and whether the bank could show that training reached all relevant staff. That shift from procedure to substance is the central change banks face when preparing for examination. 

Why FinCEN, OCC, and FDIC Are Scrutinizing Training More Closely Now 

Several enforcement actions in the 2020s produced consent orders that included specific requirements for training program remediation, making it evident that regulators view inadequate training as a root cause of broader compliance failures. When a bank receives a Matters Requiring Attention citation related to BSA/AML compliance, examiners typically trace backward through the compliance framework to determine whether employees had adequate preparation for the decisions they were expected to make. Training gaps that contributed to missed suspicious activity or incomplete due diligence are treated as program failures, carrying regulatory consequences that extend well beyond the training function itself. 

What Is Driving the Higher Standard for AML and BSA Training 

Two forces have combined to raise the floor for BSA compliance training programs. Legislative change provided the regulatory authority, and a pattern of high-profile enforcement actions provided the operational context that made examiners more granular in their assessments. Banks that built their programs around the pre-AMLA standard are now operating below the threshold that produces satisfactory examination outcomes, often without recognizing the gap until an examination cycle makes it visible. 

The FFIEC BSA/AML Examination Manual requires that banks provide training to appropriate personnel covering, at a minimum, the legal requirements of the Bank Secrecy Act and the bank’s own internal AML/CFT policies and procedures. FinCEN’s April 2026 proposed rule, which expressly withdraws and supersedes the agency’s 2024 proposal, would require AML/CFT programs to be established and maintained around the institution’s specific risk profile, a standard that makes generic annual training insufficient for banks with diversified risk profiles. 

 The AMLA 2020 Regulatory Shift and Its Downstream Effects 

The Anti-Money Laundering Act of 2020, enacted as part of the National Defense Authorization Act for Fiscal Year 2021, amended the Bank Secrecy Act to require that AML/CFT programs be “effective” and “reasonably designed” to detect and prevent financial crime. That language had an immediate downstream effect on every element of the BSA program, including training. An effective program, by the AMLA 2020 definition, is one designed around a bank’s specific risk profile rather than a generic checklist. For training, that means content reflecting the actual risks a bank faces, delivered to the roles that carry those risks, with enough specificity to influence employee behavior in real transactions. 

Industry Pressure From Enforcement Actions and Consent Orders 

Enforcement actions across the banking sector have repeatedly identified training deficiencies as contributing factors in AML compliance failures. The pattern that emerges from public consent orders and formal agreements issued by the OCC and FDIC shows a consistent gap. Banks maintained training records demonstrating annual completion, but examiners found that the content did not reflect current regulatory expectations, did not differentiate by role, or had not been updated to reflect changes in the bank’s product mix or customer base. Those findings carry weight in subsequent examination cycles, because a bank that received an MRA related to training is expected to demonstrate structural improvement through program design, curriculum, and documentation rather than reissuing the same annual course. 

What Tighter Scrutiny Means for Bank Training Programs 

BSA compliance training programs that were adequate three years ago may now fall short of what examiners consider a minimum standard. Banks with programs built around a single annual training event, delivered identically to all staff, face the highest exposure under current examiner standards, because the program architecture itself fails to demonstrate risk differentiation. Closing that gap requires structural changes to how training is designed, delivered, and documented rather than incremental additions of content to an existing course. 

Where Most Programs Fall Short of Current Examiner Expectations 

The most common deficiency examiners identify in AML and BSA training programs is a mismatch between the content delivered and the risk profile the bank is required to address. A bank that offers mortgages, commercial real estate lending, and correspondent banking services faces materially different BSA risk exposures across those business lines, and examiners expect training to reflect that differentiation. Programs that address those risks through a single uniform module applied to all employees fail to demonstrate the risk-based approach that the AMLA 2020 effectiveness standard requires. The second most common deficiency involves documentation. Banks often have records showing that training was completed, but those records do not link specific employees to the specific version of the content they received, making it difficult for examiners to verify that training kept pace with regulatory changes. 

The Branch-Consistency Problem That Creates Systematic Risk 

Banks operating across multiple branches face a particular challenge that examiners have flagged repeatedly in multi-site reviews. Training delivered at the head office level frequently does not reach branch staff with the same frequency, depth, or documentation as training delivered to the compliance team. When examiners sample training records across branches during a BSA examination, inconsistency across locations is treated as a systemic program gap rather than an isolated administrative oversight. A branch where teller staff have not received current BSA training represents a control failure that affects the bank’s overall compliance rating, regardless of how thoroughly the compliance department is trained. 

What AML and BSA Compliance Training That Passes Examination Contains 

AML compliance training that consistently produces satisfactory examination outcomes shares a set of observable characteristics that distinguish it from programs built primarily around annual completion rates. Those characteristics operate across two distinct layers, spanning both the quality of the content itself and the structural features of the program that houses that content. Examiners assess both layers during a BSA examination, and a program that excels on one dimension while falling short on the other produces mixed results that can still generate findings. 

Content Quality Indicators Examiners Validate 

Examiners reviewing BSA compliance training content look for indicators that the material reflects current regulatory expectations and the bank’s specific risk environment. The FFIEC BSA/AML Examination Manual describes training content that addresses money laundering typologies, red flags specific to the bank’s products and customer segments, and the bank’s own internal policies and procedures. Content that was accurate 24 months ago but has not been updated to reflect subsequent regulatory guidance or changes in the bank’s risk profile fails that standard, even if employees completed it within the required window. Examiners can and do compare the version date of training materials against the dates of significant regulatory guidance to identify content currency gaps. 

The following elements appear consistently in AML and BSA training programs that receive satisfactory examiner assessments: 

• Money laundering typologies and red flags specific to the bank’s products, services, and customer types 
• Role-differentiated content that reflects the BSA exposure level of each job function 
• Scenario-based exercises that require employees to apply BSA concepts to realistic transaction situations 
• Current regulatory requirements, including the CDD Rule’s beneficial ownership provisions and AMLA 2020 updates 
• Internal procedures for escalating suspicious activity, with sufficient detail for employees to act correctly 
• Documentation of each training event, including the content version, delivery date, and employee name and role 

Structural Features That Signal Program Depth 

Beyond content quality, examiners assess whether the program architecture supports consistent, role-differentiated delivery across the full employee population. A structurally sound BSA training program assigns different training tracks to different role categories, schedules refresh training when significant regulatory changes occur rather than waiting for the annual cycle, and maintains documentation that allows examiners to reconstruct the training history of any employee in any branch at any point in the examination period. The technology platform supporting the program becomes visible in ways that affect outcomes under examination. Programs managed through spreadsheets or email confirmations rarely produce the granular, auditable documentation that multi-site examinations require. 

What the Next Six Months Require From Compliance and Training Teams 

Compliance and training teams preparing for examination cycles within the next two quarters face a concrete planning question about whether the bank’s current training program reflects the standards that FinCEN and FFIEC examiners are applying today. That question is answered by comparing the content and structure of the training program against the FFIEC BSA/AML Examination Manual’s current training guidance and the risk profile documented in the bank’s most recent BSA/AML risk assessment. Gaps between what the risk assessment identifies and what the training program addresses are the findings that examiners are most likely to surface. 

How a Maintained Learning Library Removes the Currency Burden 

One of the most time-consuming burdens for compliance teams responsible for AML BSA training requirements is maintaining content currency. A training module that was accurate when developed loses accuracy as regulatory guidance shifts, as FinCEN issues advisories, and as the bank’s own risk profile changes through new products or customer segments. Teams that manage content internally spend significant staff hours reviewing, revising, and reissuing training materials each year, time that could otherwise go to program oversight and documentation improvement. A maintained learning library from a provider that tracks regulatory changes on behalf of the institution removes that recurring burden and replaces it with a version-controlled library where compliance teams select and assign content rather than develop and update it. 

The Decision to Make Before the Next Examination Cycle 

Banks that have received examination findings related to training in the last three years, or that have not conducted a structured review of their training program since the AMLA 2020 became effective, face a decision that will affect their next examination outcome. Continuing to run a program built for pre-AMLA compliance standards creates the conditions for repeat findings. Building a program around the current FFIEC training guidance, with role-specific tracks, documented refresh cycles, and auditable completion records, positions the bank to demonstrate the effectiveness that examiners are now required to assess. That transition is most practical when made before an examination cycle begins, because remediation under examiner oversight is costlier and slower than proactive program improvement. 

How Banks Will Approach AML and BSA Training Scrutiny in 2026 

Banks that approach AML and BSA compliance training as an operational function rather than a documentation exercise will find examination cycles measurably less disruptive. The distinction is consequential because documentation exercises produce records of activity, while operational functions produce trained staff, and examiners can distinguish between the two by reviewing whether training decisions correlate with the bank’s risk assessment, whether role assignments reflect actual job functions, and whether completion records show the granularity that a genuinely administered program generates. Banks that build those correlations into their training infrastructure are the ones that produce satisfactory outcomes across repeated examination cycles. 

The forward-looking question for compliance and training leaders in 2026 is whether their program is structured to absorb regulatory change without requiring a full redesign. FinCEN has signaled that its April 2026 proposed rule, once finalized, will become the interpretive lens through which examiners assess training adequacy, replacing the 2024 proposal the agency has formally withdrawn. Banks need a training infrastructure that can incorporate regulatory updates as they occur, assign refreshed content to affected roles, and generate documentation of that response without requiring significant manual coordination. Programs dependent on annual development cycles and spreadsheet-based tracking cannot produce that response pattern reliably under examination-ready conditions. 

The structural investment that produces long-term examination readiness is a training program designed from the risk assessment outward, identifying the roles that carry the highest BSA exposure and assigning training content calibrated to those roles. Compliance teams that take that approach will find that examination findings related to training become less frequent and less severe over successive cycles, an outcome achievable through the combination of current, role-specific content and a platform capable of distributing it consistently across every branch in the institution. 

Frequently Asked Questions 

1. What is the minimum AML and BSA training frequency that banks are required to maintain? 

The FFIEC BSA/AML Examination Manual requires that banks provide training to appropriate personnel on at least an annual basis. That annual minimum is the procedural floor, not the full standard. Examiners also expect that banks deliver supplemental training when significant regulatory changes occur, when the bank’s risk profile changes through new products or customer segments, or when examination findings identify a training gap requiring remediation outside the annual cycle. Meeting the annual frequency requirement while failing to address those triggering events can still produce examination findings related to training program adequacy. 

2. What does role-specific AML training mean in practice, and which roles require the deepest training? 

Role-specific AML training means that the content employees receive reflects the actual BSA risk exposure of their job function rather than a single curriculum applied uniformly across the institution. Front-line employees in customer-facing roles, such as tellers and account relationship managers, require training on red flags relevant to customer transactions. Employees in commercial lending, wire transfer processing, or correspondent banking carry higher BSA risk and require more detailed content covering the typologies most common in those areas. Board members and senior management require training calibrated to their oversight responsibilities, focused on program governance and the regulatory obligations they are accountable for. Compliance officers require the deepest training, covering the full scope of BSA requirements, examination expectations, and internal escalation procedures. 

3. How do examiners assess whether AML and BSA training content is sufficiently current? 

Examiners assess content currency by comparing the version dates on training materials against the dates of significant regulatory guidance, FinCEN advisories, and changes to the FFIEC BSA/AML Examination Manual. A bank whose training content predates a material regulatory change, and whose records do not show that employees received updated training following that change, faces a finding related to program currency. Examiners may also review whether training addresses typologies that have become more prominent in recent FinCEN advisories, such as cryptocurrency-related money laundering or third-party payment processor risk, as evidence that content reflects current threat patterns. 

4. What documentation does a bank need to demonstrate BSA training compliance during an examination? 

Examiners reviewing BSA training documentation expect records that link each employee to the specific training content they completed, the date of completion, the version of the content in use at that time, and the employee’s role at the time of training. Aggregate completion reports showing that a percentage of employees finished a course are insufficient for examination purposes. Examiners need to verify that specific individuals in specific roles received training appropriate to those roles during the examination period. Banks that manage training through a learning management system with automatic record generation are better positioned to produce that documentation on examiner request than banks relying on manual spreadsheets or email acknowledgments. 

References 

Federal Financial Institutions Examination Council. BSA/AML Examination Manual. 

Financial Crimes Enforcement Network. Bank Secrecy Act. U.S. Department of the Treasury. 

Financial Crimes Enforcement Network. Anti-Money Laundering and Countering the Financing of Terrorism Programs, Notice of Proposed Rulemaking. 91 Fed. Reg. 18304 (Apr. 10, 2026). 

Financial Crimes Enforcement Network. Customer Due Diligence Requirements for Financial Institutions. 81 Fed. Reg. 29397 (2016). 

Office of the Comptroller of the Currency. Enforcement Actions. 

Financial Crimes Enforcement Network. Statutes and Regulations. U.S. Department of the Treasury.