April handed compliance teams two regulatory signals that point opposite ways.
On April 7, FinCEN proposed the first AML/CFT program overhaul in roughly 25 years. The headline shift is structural: the rule replaces a technical-compliance model with an effectiveness-based one. Buried inside is a direct incentive for AI deployment. When the FinCEN Director considers whether to pursue enforcement, one factor is whether the firm uses “innovative tools such as artificial intelligence” that “demonstrate the effectiveness” of its AML/CFT program. Firms that “responsibly experiment with innovative technologies” face no extra enforcement risk for doing so.
The day after, FinCEN and OFAC published a joint NPRM applying the GENIUS Act to permitted payment stablecoin issuers. The same posture carried over: “effective use of artificial intelligence, federated learning, and other advanced monitoring tools” was named as a factor regulators will weigh favorably.
Across the Atlantic, the FCA’s stance is outcomes-based and tech-neutral, but the practical bar runs the opposite direction. Industry-converged guidance, aligned with the EU AI Act, requires audit trails traceable to underlying data, human-in-the-loop oversight for high-risk calls, and explainability of every elevated-risk flag. The MLRO owns the answer.
For a multinational running AML out of London with US operations, the calculus is now: deploy AI fast enough that FinCEN credits effectiveness, but document every algorithmic call rigidly enough that FCA’s audit holds.
The FinCEN comment period closes June 9. That’s how long firms have to write a policy that covers both.