The Evolution of AML Regulations: A Historical Perspective

TL;DR: The Evolution of AML Regulations

Anti-money laundering (AML) regulations have evolved from simple recordkeeping rules in the 1970s to a sophisticated global framework. Key milestones include the U.S. Bank Secrecy Act (1970), the founding of the Financial Action Task Force (FATF) in 1989, the USA PATRIOT Act, and the EU’s series of AML Directives. In recent years, AML rules have expanded to cover crypto exchanges and digital assets, with regulations like FATF’s Travel Rule and the EU’s Markets in Crypto-Assets Regulation (MiCA). The future of AML lies in global coordination, increased transparency, and adapting to digital finance—all while balancing privacy and innovation.

The Evolution of AML Regulations: A Historical Perspective

Money laundering—the process of making illegally-gained money appear legitimate—has long threatened global financial systems. It enables crime, terrorism, and corruption to flourish, and regulators worldwide have spent decades building a legal and operational framework to combat it. This post explores the evolution of anti-money laundering (AML) regulations across the globe, highlighting key laws, turning points, and the growing impact of digital finance and cryptocurrency.

The 1970s: The Birth of Modern AML Laws

The story of AML regulation begins with the U.S. Bank Secrecy Act (BSA) in 1970. It required financial institutions to keep detailed records and report large cash transactions, creating a paper trail for law enforcement. Over time, laws expanded to criminalize money laundering itself and to mandate more detailed reporting and oversight.

Although controversial at the time, especially for its impact on financial privacy, the BSA laid the groundwork for global AML efforts by recognizing financial institutions as key allies in detecting illicit money flows.

1980s–1990s: Going Global with FATF and the EU

As crime became more global, so did the money laundering threat. In 1989, the Financial Action Task Force (FATF) was created by the G7 nations to coordinate AML efforts worldwide. FATF introduced the “40 Recommendations”, which became the global benchmark for AML policy. Countries that failed to comply risked being “blacklisted” and shut out of the global banking system.

Meanwhile, the European Union launched its own coordinated AML response, beginning with the First AML Directive in 1991. Over the next three decades, the EU issued several directives that expanded AML responsibilities to more industries (like real estate and accounting), introduced risk-based approaches, and pushed for transparency around company ownership.

The War on Terror Financing

The September 11 attacks in 2001 brought a sharp new focus to AML - counter-terrorist financing (CTF). The U.S. responded swiftly with the USA PATRIOT Act, which mandated enhanced customer identity checks, widened the scope of AML obligations to nearly all financial institutions, and empowered law enforcement to track and freeze terrorist funds.

Globally, FATF and other nations followed suit by integrating CTF into their AML regimes. This period marked a turning point in how governments viewed financial surveillance—as not just a crime-fighting tool, but a matter of national security.

2010s–2020s: The Digital Frontier and Crypto Regulations

The rise of cryptocurrencies and digital payments introduced fresh challenges. Cryptocurrencies like Bitcoin enabled fast, pseudonymous, and borderless transactions—appealing to both innovators and bad actors.

In response, FATF updated its standards to include virtual asset service providers (VASPs) like crypto exchanges. A key rule, the “Travel Rule,” requires these providers to collect and transmit user information with each transaction, mirroring traditional bank wire rules.

The EU’s 5th AML Directive (2018) also brought crypto exchanges and wallets under AML regulations, while the MiCA regulation (2023) created a unified legal framework for crypto-assets across the EU. In the U.S., FinCEN clarified early on that crypto businesses must comply with AML rules, including customer due diligence and suspicious activity reporting.

Timeline of Key AML Milestones

  • 1970: U.S. Bank Secrecy Act introduces financial reporting.
  • 1989: FATF is established; global AML coordination begins.
  • 1991–2021: EU issues six AML Directives, expanding and modernizing AML rules.
  • 2001: 9/11 leads to the U.S. PATRIOT Act and global counter-terror finance efforts.
  • 2018–2023: AML laws extended to cryptocurrencies with FATF standards, EU MiCA, and national regulations.

Evolving Kraken’s Compliance Program

Led by seasoned professionals with extensive industry experience, Kraken’s Global Compliance Team provides 24/7 coverage across key jurisdictions. By combining expertise in regulation, law enforcement, and financial crime, we’ve ensured that since Kraken’s launch in 2011, our Compliance Program has continuously evolved and matured in step with the changing AML/CFT regulatory landscape.