FinCEN AML Alert 2025: Cross-Border Funds Transfers Involving Illegal Aliens (FIN-2025-Alert003)

Regulation Name: FIN-2025-Alert003
Date Of Issue: 28 Nov 2025
Region: United States
Agency: FinCEN

FinCEN Alert FIN-2025-Alert003—Cross-Border Funds Transfers Involving Illegal Aliens

On November 28, 2025, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued Alert FIN-2025-Alert003, notifying Money Services Businesses (MSBs) and other financial institutions about emerging risks tied to cross-border funds transfers involving “illegal aliens” — persons without lawful status in the United States — who may use remittances and low-dollar transfers to move illicitly obtained funds across borders. This action underscores FinCEN’s focus on safeguarding the U.S. financial system and enhancing anti-money-laundering and counter-terrorist-financing (AML/CFT) vigilance among regulated entities.

Background & Purpose

FinCEN’s Alert communicates key threat information regarding cross-border funds transfers, especially where funds may derive from unlawful employment or other illicit conduct by individuals without legal U.S. status. The Alert aligns with Executive Order 14159 — Protecting the American People Against Invasion — emphasizing threats to national security and public safety from unlawful financial activity. Financial institutions are urged to monitor, identify, and report suspicious transactions consistent with Bank Secrecy Act (BSA) obligations.

What the Alert Requires

• Vigilance & Suspicious Activity Reporting: MSBs and other regulated entities must be alert for cross-border transfers that could be tied to illicit funds and file a Suspicious Activity Report (SAR) when appropriate. The SAR should reference “FIN-2025-Alert003” in SAR Field 2 and in the narrative to support FinCEN’s analysis of potential violations.
• Applicable Thresholds: MSBs are typically obligated to file a SAR for transactions of $2,000 or more that the institution knows, suspects, or has reason to suspect may involve illegal activity — this includes cross-border transfers that may involve illicit proceeds.

Why It Matters to Financial Institutions

• Strengthening AML/CFT Controls: Cross-border remittances are often benign — supporting families and communities abroad — but they can also be exploited for money laundering, narcotics trafficking, or financing extremist activity. FinCEN’s Alert highlights this duality, emphasizing the need for robust monitoring systems, effective customer due diligence, and prompt SAR filings.
• Enhanced Risk Awareness: Institutions should ensure AML/CFT monitoring systems are calibrated to detect atypical patterns, low-value transfers with unusual frequencies or counterparties, and other indicators of potential illicit flows.

Practical Measures for Compliance

To comply with the Alert, AML/CFT programs should incorporate:
• Enhanced transaction monitoring for cross-border flows, especially low-value recurring transfers from individuals lacking verification of legal status.
• Training & red-flag indicators for front-line staff to recognize and escalate suspicious activities.
• Accurate SAR reporting with proper key term usage (“FIN-2025-Alert003”) to facilitate FinCEN trend analysis and enforcement outreach.

By focusing on these risk areas, regulated entities can better align with the BSA’s AML/CFT requirements and support broader national efforts to disrupt illicit financial exploitation of cross-border payment systems.

Red-Flag Indicator Checklist (AML/CFT)

1. Customer Profile & Behaviour

• ❗ Customer provides inconsistent, false, or unverifiable information.
• ❗ Reluctance to provide KYC documents or unusually defensive behaviour.
• ❗ Frequent changes in identity details, addresses, or contact information.
• ❗ Customer uses complex ownership structures without legitimate purpose.
• ❗ Business activity does not match profile/occupation/income.

2. Transaction Pattern Red Flags

• ❗ Unusually large, frequent, or rapid movement of funds inconsistent with known profile.
• ❗ Structuring/smurfing deposits or withdrawals to evade reporting thresholds.
• ❗ Use of multiple accounts with no clear economic purpose.
• ❗ Sudden activity in an otherwise dormant or low-activity account.
• ❗ Immediate withdrawal of deposits, especially cash.
• ❗ Circular transactions among unrelated parties.

3. Geographic Red Flags

• ❗ Transactions involving high-risk jurisdictions, tax havens, or sanctioned countries.
• ❗ Funds routed through multiple foreign jurisdictions without clear reason.
• ❗ Frequent cross-border transfers with no underlying business justification.

4. Product / Service Misuse Indicators

• ❗ Use of products with high anonymity (prepaid cards, virtual assets, cash-intensive tools).
• ❗ Client insists on using products without face-to-face verification when alternatives exist.
• ❗ Multiple attempts to bypass onboarding controls or verification processes.
• ❗ Use of third-party accounts or intermediaries without valid explanation.

5. Funding Source Red Flags

• ❗ Unexplained or suspicious sources of funds (cash-heavy with no documentation).
• ❗ Frequent incoming transfers from unrelated individuals or shell companies.
• ❗ Mismatch between declared income and actual transaction volume.

6. Behavioural Red Flags During Digital Onboarding

• ❗ Live-photo/GPS mismatch or anomalies in liveness checks.
• ❗ Document tampering, deepfake indicators, or repeated failed verification attempts.
• ❗ Onboarding attempted from prohibited regions using VPN or spoofed IP.

7. Terrorist Financing Indicators

• ❗ Small but regular transfers that appear inconsequential but are pattern-driven.
• ❗ Donations to unknown NGOs or entities flagged for extremist links.
• ❗ Structuring funds to support travel, logistics, or recruitment.

8. Corporate / Business Account Red Flags

• ❗ Unusual shareholding patterns—nominee shareholders, complex layering.
• ❗ Business turnover inconsistent with financial statements.
• ❗ Payments for goods/services that are inconsistent with industry norms.
• ❗ Frequent transactions unrelated to stated business purpose.

Read about the full alert here.

Read about the product: Transact Comply

Empower your organization with ZIGRAM’s integrated RegTech solutions – Book a Demo