What Does a BSA/AML Analyst Do? — Complete Guide for Banking Compliance Hiring

Introduction

Compliance hiring managers at banks, FinTechs, and credit unions face mounting pressure to fill BSA/AML analyst seats quickly—but many struggle with vague job descriptions, unfocused interviews, and mis-hires that carry real regulatory consequences. When FinCEN assessed $3.4 billion against Binance and $3.5 million against Paxful for BSA violations, those penalties traced back to program failures—failures that begin with the people running them.

That's why getting the hire right starts before the job post goes live. This guide covers the role's regulatory foundation, daily responsibilities, must-have skills, how it differs across institution types, and what to probe for when interviewing candidates.

TLDR

  • A BSA/AML analyst monitors transactions, investigates suspicious activity, files SARs, and ensures BSA compliance with FinCEN regulations
  • Success in the role demands both technical platform knowledge and the investigative judgment to separate real risk from false positives
  • Core skills: regulatory knowledge, transaction monitoring proficiency, SAR writing, and KYC/CDD experience
  • Scope varies widely—community bank analysts wear multiple hats; large banks and FinTechs hire specialists
  • Finding qualified candidates requires evaluating real investigative experience, not just résumé keyword-matching

What Is a BSA/AML Analyst?

A BSA/AML analyst is a compliance professional responsible for preventing financial crime: money laundering, terrorist financing, and fraud. They do this by fulfilling an institution's obligations under the Bank Secrecy Act (BSA) and related anti-money laundering (AML) regulations enforced by FinCEN, federal banking regulators, and the FFIEC.

Regulatory Foundation: BSA and AML Compliance

The Bank Secrecy Act was enacted in 1970 (codified at 31 U.S.C. 5311-5336) and requires financial institutions to maintain records and file reports that help detect and deter financial crime. AML refers to the broader regulatory framework — laws, regulations, and procedures — designed to prevent money laundering. In practice, the two systems are inseparable.

FinCEN (the Financial Crimes Enforcement Network) serves as the designated administrator of the BSA and enforces compliance through examinations, guidance, and enforcement actions.

The Five Pillars of BSA/AML Compliance

Federal regulation 31 CFR 1020.210 mandates that banks maintain five minimum BSA/AML program elements:

  1. Internal Controls — policies, procedures, and systems to ensure ongoing compliance
  2. Independent Testing — audits conducted by internal staff or third parties
  3. Designated BSA Compliance Officer — an individual coordinating and monitoring daily compliance
  4. Training — ongoing education for appropriate personnel
  5. Customer Due Diligence (CDD) — risk-based procedures for conducting ongoing customer due diligence, including customer risk profiles and transaction monitoring (added 2018)

Five pillars of BSA AML compliance program requirements infographic

BSA/AML analysts operate within this structure but are not the BSA Officer. Their work is execution: reviewing alerts, investigating suspicious patterns, filing reports, and supporting audits.

Common Title Variations

Hiring managers encounter numerous related titles that overlap significantly but carry distinct scopes:

  • AML Analyst — focuses primarily on anti-money laundering transaction monitoring and investigations
  • BSA Specialist — emphasizes Bank Secrecy Act reporting and recordkeeping (CTRs, SARs, $3,000 rule)
  • Financial Crime Analyst — broader scope covering AML, fraud detection, and sanctions screening
  • KYC Analyst — concentrates on Know Your Customer due diligence and account opening reviews
  • SAR Investigator — specializes in Suspicious Activity Report writing and case investigation
  • Compliance Examiner — typically a more senior role involving audit, examination support, or regulatory liaison

Entry-level roles typically carry titles like AML Analyst, BSA Specialist, or KYC Analyst. Senior roles include SAR Investigator, Financial Crime Analyst, or Compliance Examiner.

Where the Role Sits Organizationally

BSA/AML analysts typically work within the compliance department or a dedicated financial crimes unit, reporting to a BSA Officer, Chief Compliance Officer, or Director of Financial Crimes. According to the Bureau of Labor Statistics, financial examiners — a proxy category for compliance-adjacent roles — show 19% projected growth from 2024 to 2034, much faster than average, with a median annual wage of $90,400.

Core Day-to-Day Responsibilities of a BSA/AML Analyst

Transaction Monitoring and Alert Triage

Analysts use automated monitoring systems—platforms like NICE Actimize, Verafin, Oracle FCCM, or SAS—to review flagged alerts for unusual activity:

  • Large cash deposits or withdrawals
  • Rapid fund movements inconsistent with customer profile
  • Structuring patterns (multiple transactions just below reporting thresholds)
  • Transactions with high-risk jurisdictions or sanctioned entities

The analyst's job is to triage alerts: clear false positives with documented rationale, escalate genuine risk, and maintain defensible audit trails. Examiners scrutinize how analysts disposition alerts, so the quality of reasoning behind each decision is as important as the decision itself.

SAR Investigation and Filing

When a flagged transaction or pattern rises above threshold suspicion, the analyst:

  1. Conducts an investigation—reviewing transaction history, account documentation, and public records
  2. Gathers supporting evidence
  3. Drafts a Suspicious Activity Report (SAR) for FinCEN

SAR thresholds (per 31 CFR 1020.320 and 12 CFR 21.11):

  • $5,000 or more when the institution knows or suspects illegal activity or BSA evasion
  • $25,000 or more regardless of whether a suspect has been identified
  • Any amount for insider abuse involving directors, officers, employees, or agents

Filing deadline: Within 30 calendar days of detection (up to 60 days if no suspect identified).

In 2024, approximately 3.8 million SARs were filed, with the top 10 filers accounting for 45% of volume. SAR writing quality directly reflects an institution's compliance posture and is a core skill examiners evaluate.

SAR filing thresholds deadlines and 2024 volume statistics summary infographic

KYC/CDD and Enhanced Due Diligence (EDD)

Analysts conduct or review Customer Due Diligence (CDD) at account opening and periodically thereafter. For high-risk customers—politically exposed persons (PEPs), high-volume cash businesses, money services businesses (MSBs)—they escalate to Enhanced Due Diligence (EDD).

EDD typically requires documentation of:

  • Source of funds and wealth
  • Business purpose and expected transaction activity
  • Beneficial ownership structure
  • Adverse media and sanctions screening results

Regulatory Recordkeeping and CTR Filing

While SARs address suspicion, Currency Transaction Reports (CTRs) are a separate, volume-driven obligation—filed automatically when cash transactions cross a threshold, regardless of whether anything looks suspicious. Analysts ensure:

  • File CTRs for cash transactions exceeding $10,000 (31 CFR 1010.311)
  • File within 15 calendar days of the transaction
  • Maintain records for funds transfers of $3,000 or more (the "$3,000 rule" under 31 CFR 1010.410)

Internal Reporting and Audit Support

Analyst work doesn't end with filing—it feeds directly into the institution's broader oversight structure. They prepare documentation for:

  • Internal compliance reviews
  • BSA/AML audits and independent testing
  • Regulatory examinations
  • Management reporting and board presentations

When examiners arrive, it's the analyst's documentation trail—alert dispositions, SAR narratives, CDD records—that determines whether the program holds up to scrutiny.

Skills and Qualifications Hiring Managers Should Look For

Regulatory Knowledge

Candidates must understand the Bank Secrecy Act, USA PATRIOT Act, OFAC sanctions, FinCEN guidance, and their institution's specific risk profile. Don't accept name-dropping—ask candidates to explain how regulations translate into their daily workflow.

Sample interview question: "Walk me through how you would decide whether a flagged transaction meets the threshold for SAR filing under 31 CFR 1020.320."

Transaction Monitoring and Case Management Tools

Prior hands-on experience with industry-standard platforms matters. Commonly cited tools in BSA/AML job postings include:

  • NICE Actimize
  • Verafin (widely used by community banks and credit unions)
  • Oracle FCCM
  • SAS AML
  • FIS platforms
  • Mantas

When interviewing, go beyond platform name recognition. Ask which alerts candidates reviewed, how they configured monitoring rules, and what volume they managed — that's where genuine hands-on experience shows.

BSA AML transaction monitoring platforms comparison used in banking and FinTech

Analytical and Investigative Judgment

The ability to distinguish genuine red flags from false positives—using financial data, customer history, and open-source research—is the core cognitive skill of this role.

Look for candidates who can narrate a past case:

  • How they identified a pattern
  • What they investigated
  • How they decided to escalate or clear
  • How they documented their rationale

Written Communication — Specifically SAR Quality

SAR narratives are reviewed by FinCEN and regulators. Weak SARs trigger examiner criticism.

Ask for a writing sample or run a scenario-based exercise during interviews. What you're evaluating: can the candidate document findings without ambiguity, in plain language, under time pressure?

Certifications Worth Screening For

CAMS (Certified Anti-Money Laundering Specialist) from ACAMS is the gold standard. ACAMS reports more than 120,000 members across 200+ countries, a scale that reflects how consistently the market treats CAMS as the baseline credential for serious AML professionals.

Other respected certifications:

  • CFE (Certified Fraud Examiner) from ACFE—more than 95,000 members globally
  • CFCS (Certified Financial Crime Specialist) from ACFCS

For analyst-level hires, treat CAMS as a strong differentiator rather than a hard requirement. At the senior or specialized level, it's a reasonable expectation — and candidates without it should be able to explain a clear path toward certification.

How the BSA/AML Role Varies by Institution Type

Community Banks and Credit Unions

Analysts at smaller institutions operate as generalists, handling:

  • Transaction monitoring
  • CDD and EDD reviews
  • CTR filing
  • SAR writing
  • OFAC screening

Often without a large team underneath them. The FFIEC BSA/AML Examination Manual explicitly states that program sophistication must vary based on bank size and complexity.

Hiring managers at smaller institutions should prioritize:

  • Breadth of BSA/AML knowledge
  • Comfort with limited tooling or manual processes
  • Ability to work independently with minimal supervision

Large Banks and FinTechs

At scale, BSA/AML roles tend to be specialized. Rather than one analyst covering everything, work is divided by function:

  • One analyst focuses exclusively on transaction monitoring alerts
  • Another handles SAR investigation and writing
  • Another conducts KYC/EDD reviews

FinTechs often blur these lines further, blending BSA/AML work with fraud operations or regulatory roles. Analysts at these companies typically need comfort with:

  • API-driven monitoring platforms
  • Data querying tools like SQL
  • Fast-paced, evolving compliance environments

BSA AML analyst role comparison across community banks large banks and FinTechs

Crypto Companies and Payments FinTechs

Crypto and payments companies sit at the highest end of the BSA/AML risk spectrum. These institutions face distinct challenges:

  • Blockchain transaction tracing
  • Unhosted wallet exposure
  • High-velocity payment flows
  • Cross-border remittances

Recent enforcement makes the stakes clear: the $3.4 billion Binance settlement (November 2023) and the $3.5 million Paxful penalty both signal that FinCEN is actively escalating BSA enforcement against crypto platforms.

Hiring managers in these spaces should look for analysts who:

  • Understand blockchain analytics tools such as Chainalysis or TRM Labs
  • Have experience applying BSA requirements in non-bank financial institutions (NBFIs) or money services businesses (MSBs)
  • Can navigate the risk profiles specific to virtual currency transactions

What Separates a Strong BSA/AML Hire from a Mediocre One

Strong Candidates Show Their Reasoning, Not Just Their Experience

In interviews, press beyond job titles and résumé bullet points. Ask candidates to walk through a real investigation:

  • How they scoped it
  • What data sources they used
  • How they wrote the SAR narrative
  • How the case was resolved

Surface-level familiarity with process doesn't translate to strong regulatory performance.

Red Flags in Candidate Evaluation

Watch for candidates who:

  • Can't explain the difference between a CTR and a SAR
  • Haven't filed or reviewed SARs directly
  • Describe their experience only in terms of the tools they used (rather than the judgments they exercised)
  • Have never faced a regulatory examination in their prior role
  • Can't articulate a specific example of how they distinguished a false positive from genuine suspicious activity

Red flags checklist for evaluating weak BSA AML analyst candidates during interviews

Why This Role Requires a Specialized Recruiter

Hiring for BSA/AML analyst positions requires more than keyword-matching a LinkedIn search. You need a recruiter who knows the compliance talent market personally—someone who understands what regulators expect, what peer institutions are hiring for, and where experienced financial crime professionals actually sit.

Wayoh places BSA/AML and financial crime compliance professionals across banking, FinTech, and crypto institutions, with over a decade of direct relationships in this market. For a role where a mis-hire carries real regulatory consequence, that distinction matters: Wayoh goes to personal networks before posting anything, so you see candidates with genuine investigative track records—not just polished LinkedIn profiles.

Frequently Asked Questions

What does a BSA AML analyst do?

A BSA/AML analyst monitors financial transactions, investigates suspicious activity, files SARs with FinCEN, conducts KYC/CDD reviews, ensures CTR compliance, and supports regulatory examinations—fulfilling the institution's obligations under the Bank Secrecy Act and anti-money laundering regulations.

What skills do you need to be a BSA analyst?

Core skills include BSA/AML regulatory knowledge, transaction monitoring platform proficiency (Verafin, NICE Actimize, Oracle FCCM), investigative judgment, and strong SAR narrative writing. A CAMS certification or equivalent credential is a significant advantage.

What is BSA and AML compliance?

The Bank Secrecy Act (BSA) requires financial institutions to file reports and maintain records that help detect financial crime. Anti-Money Laundering (AML) is the broader regulatory framework built on top of it—BSA provides the statutory foundation, AML defines the compliance procedures institutions implement to meet it.

What are the 4 pillars of BSA AML?

The FFIEC defines five pillars (updated in 2018): (1) internal controls, (2) independent testing, (3) a designated BSA compliance officer, (4) ongoing BSA/AML training, and (5) customer due diligence (CDD). A BSA/AML analyst supports all five pillars through their daily work.

What is the $3,000 rule for BSA?

The $3,000 rule (31 CFR 1010.410) covers BSA recordkeeping: financial institutions must collect and retain records for funds transfers and purchases of monetary instruments at or above $3,000, even when no FinCEN report is required.