When Under Secretary for Terrorism and Financial Intelligence John Hurley addressed industry leaders this month, his remarks resonated with both regulators
and financial institutions. He acknowledged a truth that compliance officers, investigators, and executives know all too well: the Bank Secrecy Act (BSA) is supposed to help law enforcement and national security, but too often it produces noise instead of
intelligence.

Hurley’s agenda is ambitious but clear. He outlined a once-in-a-generation opportunity to reform AML/CFT so that it becomes an intelligence engine rather
than a compliance exercise. His message: focus on outcomes, measure effectiveness, and allow innovation to flourish.

The Operational Friction

Compliance teams have been living with the same pain points for years. The scale and complexity of financial crime continue to grow — from human trafficking
and narcotics to sophisticated sanctions evasion and cybercrime. Yet the regulatory framework governing financial institutions has not evolved at the same pace.

• SARs and CTRs remain the primary mechanisms for reporting. While useful, the volume-driven nature of filings means law enforcement
  often receives more noise than signal.

• Complexity is overwhelming. The instructions for completing a SAR are over 170 pages. That complexity creates room for error and consumes
  significant staff resources.

• Documentation burden has ballooned. Institutions are expected to justify decisions not to file SARs, even when no rule requires it.
  The result is hours spent documenting inaction instead of investigating crime.

• Examinations often prioritize process over outcomes. Institutions are measured on adherence to checklists rather than the value of
  intelligence delivered.

Hurley was blunt about the tradeoff: “Every hour spent documenting a non-SAR is an hour not spent protecting Americans. That trade-off is unacceptable.”

The frustration is real. And it explains why his message — turn frustration into reform — has struck a chord.

The Reform Agenda

Hurley’s roadmap for reform can be summarized in three principles:

1. Refocus on the customer. For AML/CFT, the customer is law enforcement and national security. Programs must be judged on how well
   they deliver useful intelligence to those end-users.

2. Measure effectiveness, not process. Success is not the number of SARs filed or the volume of alerts generated. Success is whether
   institutions identify activity aligned with known typologies, escalate it quickly, and rarely miss what matters.

3. Enable innovation. Institutions that deploy new approaches — whether AI to cut false positives, APIs to speed identity verification,
   or blockchain analytics to trace illicit flows — should be recognized and supported, not penalized because their new methods diverge from legacy expectations.

This is not a small adjustment. It is a fundamental shift in how regulators and institutions interact. For decades, compliance has been about proving adherence
to rules. Hurley is suggesting it should be about proving impact.

Technology as the Force Multiplier

The modernization Hurley described cannot happen without technology. The traditional model of manual reviews, static rules, and siloed systems simply cannot
scale to meet today’s threats. The good news is that advanced technology already exists to deliver the outcomes he called for.

1. Smarter Detection and Reduced False Positives

False positives are the most persistent operational challenge in AML and fraud detection. Analysts spend time chasing alerts that have no intelligence
value, creating fatigue and wasting resources.

Apply machine learning to transaction monitoring across multiple channels, reducing false positives while uncovering complex patterns of structuring, terrorist
financing, and human trafficking. Combine supervised and unsupervised ML models to cut alert volumes by up to 60% while increasing true positive rates.

By focusing resources on the alerts that matter, institutions can deliver higher-value intelligence with the same or fewer resources — exactly the kind
of efficiency Hurley emphasized.

2. High-Risk Customer Management

Understanding customer risk is central to effective AML/CFT. Manual onboarding and static CDD snapshots leave gaps. Technology now enables perpetual risk
assessment.

Use AI and to continuously score customers, identify hidden risks, and adjust surveillance as behaviors change.

Apply real-time device intelligence and behavioral biometrics to identify risks at onboarding and throughout the customer lifecycle. This approach helps
institutions know their customers dynamically, not just at account opening.

The benefit is twofold: fewer missed high-risk customers at onboarding, and stronger monitoring across the lifecycle.

3. Modern Sanctions Screening

Sanctions enforcement has become one of the most critical components of AML/CFT. But high false positive rates in sanctions screening consume vast resources.

Sanctions screening solution should use
advanced name-matching, demographic enrichment, and geolocation intelligence to reduce false positives and highlight
true risks. Deploy AI-driven fuzzy matching to account for cultural and linguistic variations, dramatically reducing irrelevant alerts.

By improving accuracy, institutions can reallocate staff time away from clearing false hits and toward investigating legitimate threats.

4. Unified Fraud and AML (FRAML)

Hurley spoke about rewarding innovation — for example, celebrating when AI reduces false positives rather than punishing institutions for deviating from
legacy manual methods. FRAML platforms embody this philosophy.

Unify fraud and AML operations, creating a shared evidence lake across both functions. By combining AI and generative AI, it automatically triages alerts,
summarizes narratives, and streamlines SAR filing. Analysts spend less time on paperwork and more time on investigation.

This type of platform also breaks down silos between fraud and AML teams, aligning with Hurley’s vision of focusing on outcomes for law enforcement rather
than internal process structures.

5. Real-Time Intelligence Sharing

One of Hurley’s sharpest critiques was the delay between institutions detecting suspicious activity and law enforcement receiving it. Technology can shorten
that gap dramatically.

Consortium approaches provide cross-institutional visibility that no single bank can achieve. These shared insights allow earlier detection of mule accounts,
structuring, and fraud rings, ensuring law enforcement receives timely, contextual intelligence.

Incentivizing Innovation

Hurley rightly pointed out a tension: financial institutions face pressure to cut costs, and innovations that reduce workload can lead to savings being
pocketed rather than reinvested. The solution is aligning incentives.

• Regulatory clarity: Institutions need assurance that adopting AI or novel methods will not result in examiner criticism. Clear guidance
  around outcome-based measures is key.

• Positive incentives: Institutions that demonstrate measurable improvements in intelligence quality could receive recognition or reduced
  examination burdens.

• Cultural alignment: Leadership must understand that financial crime is not only a compliance risk but a strategic and reputational
  one. As Hurley put it, “Corrupt money corrupts your institution.”

Technology providers also play a role. By offering transparent performance metrics — reductions in false positives, improvements in SAR quality, faster
investigation times — they enable institutions to demonstrate effectiveness objectively.

The Path Forward

Hurley closed his remarks with a simple north star: when in doubt, ask whether your work serves law enforcement and national security. That test reframes
compliance as mission-critical, not box-checking.

Technology makes it possible to consistently answer “yes.” By reducing false positives, automating repetitive tasks, surfacing hidden risks, and enabling
faster intelligence sharing, modern platforms align institutional operations with the outcomes regulators and law enforcement need.

The modernization agenda is not hypothetical. The tools exist. Platforms like Sardine are already demonstrating that AI, machine learning, and real-time
intelligence can deliver better outcomes with fewer resources.

The challenge now is alignment: regulators must measure effectiveness by outcomes, and institutions must invest in innovation rather than settling for
compliance minimalism.

Conclusion

John Hurley’s speech was not just a call to modernize the BSA. It was a challenge to rethink the role of compliance altogether. Instead of paperwork and
process, AML/CFT must become a for

ward-looking, technology-enabled intelligence engine.

Financial institutions should see this as both a responsibility and an opportunity. By embracing advanced analytics, unified fraud and AML platforms, and
real-time intelligence sharing, they can deliver more value to law enforcement, reduce operational drag, and strengthen their own resilience against financial crime.

The moment is urgent, but the opportunity is real. With regulators, institutions, and technology aligned, frustration can indeed be turned into reform.