- Key insight: Current efforts to combat "debanking" largely ignore how anti-money-laundering requirements in the Bank Secrecy Act shape banks' risk-management decisions, putting banks and other financial institutions in a catch-22.
- What's at stake: Financial institutions are left scrambling to meet the expectations of the current administration while maintaining fidelity to underlying regulatory requirements and the potential for further changes in the future.
- Forward look: Clearer guidance is needed on what constitutes appropriate risk-based decision-making versus impermissible "debanking."
Although the principle is not enshrined in a specific law, it is well understood that banks and other financial institutions are generally free to determine which customers to serve, when and how. Of course, this freedom is constrained by constitutional principles of equal protection embodied in certain statutes and regulations aimed at prohibiting discrimination, as well as money laundering and other criminal laws that make it illegal to conduct transactions in known criminal proceeds or furtherance of illicit activity. Yet, current
The provision of financial services by banks and other financial institutions is governed in significant part by monitoring and reporting requirements contained in the Bank Secrecy Act and its regulations. Comprehensive anti-money-laundering programs that financial institutions establish under this regulatory regime play a role in informing decisions whether to open accounts, provide services or potentially suspend services. Further, these AML programs are supervised by state and federal regulators as part of a well-established and deeply entrenched oversight regime that punishes program failures with substantial financial penalties and even potential incarceration of executives and employees.
In this context, President Trump issued an executive order in August 2025 "
In implementing the debanking executive order, the OCC and other federal banking regulators have
It is noteworthy that the executive order did not make a single mention of the role of the Bank Secrecy Act or anti-money-laundering considerations. Of course, the federal AML/BSA regime, also broadly enforced by state regulators, positions financial institutions as key gatekeepers in important national security and law enforcement goals and maintaining the integrity of our financial system by aiding in the interception of criminal activity. Thus, any directive regarding how, when or to whom a bank should provide services should be considered in that context.
The megabank is cooperating with a government request for information related to how it decides which customers to bank. It is the second large U.S. bank — along with Bank of America — to disclose such a probe.
Taking the example of the cryptocurrency industry, it is certainly true that prior administrations' barriers to banks' engagement with the crypto and digital assets industry — including a
In this significant about-face from the government, the role and significance of anti-money-laundering considerations and Bank Secrecy Act compliance are barely mentioned, leaving financial institutions scrambling to meet the expectations of the current administration while maintaining fidelity to underlying regulatory requirements and the potential for further changes in the future. In fact, the only real mention of the BSA in federal regulators' recent directives is to instruct that the "BSA and anti-money laundering concerns" not be used "as a pretext for reputation risk."
Where that leaves the financial services industry is between a rock and a hard place. The BSA demands that financial institutions differentiate customer risks and account treatment by first identifying and then assessing high-risk customers and industry sectors. Quantifying risk in an environment where the typologies of illicit activity are subject to rapid change based on technological developments, societal changes and political volatility is already a high wire act. High-risk customers and industries do not just require enhanced due diligence — they need sustained monitoring, specialized compliance staff, and come with the constant fear that missed red flags could result in regulatory catastrophe and millions if not billions in penalties for BSA violations.
Regulators should acknowledge an uncomfortable truth: the Bank Secrecy Act, as it has been enforced for many years, has created powerful incentives for banks to err on the side of exclusion in the same way it has given rise to the filing of a multitude of "defensive" suspicious activity reports. Before holding financial institutions accountable for new regulatory expectations, clearer guidance is needed on what constitutes appropriate risk-based decision-making versus impermissible "debanking." Implementing certain safe harbors for good faith BSA-based decisions may be prudent. In any case, recognizing the important role of customer diligence and assessment, the Bank Secrecy Act should have a central role in the debanking discussion.
