top of page
Search

April 2026 | Compliance & Risk Newsletter | Volume 2

  • dmwadvisoryllc
  • May 22
  • 3 min read

As we navigate the second quarter of 2026, the regulatory landscape continues to shift toward increased accountability, technology integration, and enforcement. Below is a summary of developments impacting financial institutions and professional service providers.


1. FinCEN Proposes Rule to Reform AML Programs

In April 2026, FinCEN proposed a rule to reform how financial institutions design and maintain their AML/CFT programs. The goal is to move toward a more, risk-based system that aligns with national priorities.

  • Key Takeaways: Institutions will be required to conduct a formal, documented Risk Assessment Process that considers FinCEN’s national priorities to ensure programs are effective, rather than just compliant.

  • Introduces a uniform, risk-based AML program standard across institutions.

  • Expands expectations for data quality, governance, and model documentation.

See Key Changes here


2. The GENIUS Act: Enhancing Governance and Tech Integrity

In April 2026, the FDIC issued a Notice of Proposed Rulemaking to establish the GENIUS Act (Guiding and Establishing Nation Innovation for U.S. Stablecoins Act) which focuses on governance, enterprise risk, and innovation standards for insured institutions. The proposal outlines expectations for risk management, model oversight, and operational resilience.

Key Takeaways: Senior leadership must demonstrate oversight of the bank’s digital infrastructure, with a focus on the resilience of electronic networks against systemic failures.

·      Establishes new governance and internal control standards for FDIC supervised institutions.

·      Emphasizes model risk management, data integrity, and validation.

·      Requires enhanced board oversight of risk and technology functions.

·      Aligns with broader regulatory focus on operational resilience and emerging risks.

 

3. Revised Model Risk Management (MRM) Guidance

In April 2026, the FDIC released revised guidance on Model Risk Management, reflecting the increased use of AI and machine learning in banking operations.

  • Key Takeaways: The guidance emphasizes that as models become more complex (e.g., Generative AI), the validation process must be more rigorous, including a clear understanding of data inputs and outcomes.

  • Strengthens expectations for model validation, documentation, and governance.

  • Addresses risks associated with AI, machine learning, and automated decisioning.

  • Emphasizes board and senior management oversight.

  • Encourages institutions to modernize MRM frameworks to reflect new technologies.

 

4. Rapid Response: Interdicting Cyber Fraud

On April 15, 2026, FinCEN’s Rapid Response Program (RRP) reported interdicting nearly $2 billion in stolen funds on behalf of U.S. cybercrime victims.

  • Key Takeaway: This highlights the critical importance of the 314(b) information-sharing process. Reinforces FinCEN’s focus on cyber‑enabled financial crime as a top priority.

  • Timely reporting of suspicious cyber activity is now directly linked to the successful recovery of assets. This is a time to consider whether the fraud, cyber and AML departments are closely aligned to act quickly to detect such threats and protect our customers and the financial system.


5. Targeted Enforcement: CIBanco S.A. Special Measures (Amendment)

On April 16, 2026, under Section 311 of the USA PATRIOT Act, a special measure has been amending for prohibiting certain transmittals of funds involving CIBanco S.A. and its subsidiaries. Effective April 16, 2026, transmittals of funds prohibited by the order, that are necessary for the Government of Mexico to liquidate CIBanco, are authorized, provided that (1) the Government of Mexico's appointed liquidator has determined that such transmittal of funds is necessary to liquidate CIBanco, and (2) the transmittal of funds is not otherwise prohibited by law.

  • Key Takeaways: Order remains in effect; Compliance officers should review their correspondent banking portals and payment filters to ensure all transactions involving this entity are identified and blocked in accordance with the federal register mandate. 

  • Continues to prohibit U.S. financial institutions from processing correspondent or payable‑through transactions involving CIBanco.

  • Continue to require sanctions filters and correspondent banking controls.


6. Minnesota Fraud Geographic Targeting Order (GTO)

On April 9, 2026, FinCEN issued an update to GTO and subsequent FAQs focusing on fraudulent real estate transactions in Minnesota. The primary elements updated or clarified on April 9, 2026, include:

  • Bank Exemptions Incorporation: The FAQs were revised to reflect the February 24, 2026, order that exempted covered banks from recording or reporting international funds transfers if the originator falls into certain specific categories.

  • Suspicious Activity Report (SAR) Filing Instructions (FAQ 7): Clarified language surrounding data entry for related filings. When a Covered Business files a SAR tied to a transaction under this mandate, FinCEN instructs them to input "Minnesota Fraud GTO" into Field 2 (Filing Institution Note to FinCEN) as well as within the narrative section of the report.

  • Handling Missing Biographical Template Information (FAQ 8): Addressed procedures for instances where required beneficiary data fields (such as a beneficiary’s date of birth, phone number, or email address) are blank or unavailable within the standard transactional templates.

  • Temporary Grace Period Deadlines: Maintained and clarified the operational timeline regarding the collection of data elements not strictly required under standard BSA rules (31 CFR 1020.410(a)) for transactions occurring before May 13, 2026, for account-holder originators.


7. FinCEN Releases Year‑in‑Review

In April 2026, FinCEN published its annual Year‑in‑Review, summarizing enforcement actions, regulatory initiatives, and intelligence priorities.

 

 
 
 

Comments

bottom of page