PliOS Resources
Compliance glossary
Plain-English definitions of the terms that come up across BSA/AML, sanctions, licensing, and risk — written by compliance practitioners.
BSA/AML
Bank Secrecy Act / Anti-Money Laundering
The US legal framework requiring financial institutions to detect, prevent, and report money laundering and other financial crime.
Read definitionKYC
Know Your Customer
The process of verifying a customer’s identity and assessing their risk before and during a business relationship.
Read definitionCIP
Customer Identification Program
The BSA rule requiring institutions to collect and verify identifying information before opening an account.
Read definitionCDD
Customer Due Diligence
Ongoing risk-based review of customers, including understanding the nature and purpose of the relationship and monitoring activity.
Read definitionOFAC Sanctions
Office of Foreign Assets Control
US Treasury–administered economic sanctions that prohibit dealings with designated persons, entities, and jurisdictions.
Read definitionFinCEN Travel Rule
A BSA requirement that financial institutions pass along originator and beneficiary information on qualifying funds transfers.
Read definitionMoney Transmitter License
MTL
A state license required to transmit money or convertible virtual currency on behalf of others.
Read definitionBitLicense
New York’s dedicated license for businesses conducting virtual currency activity (23 NYCRR Part 200).
Read definitionMoney Services Business
MSB
A FinCEN registration category covering money transmitters, currency dealers, and certain crypto businesses.
Read definitionSuspicious Activity Report
SAR
A confidential report filed with FinCEN when a transaction is suspected to involve illegal activity.
Read definitionCurrency Transaction Report
CTR
A report filed with FinCEN for cash transactions exceeding $10,000 in a single business day.
Read definitionBeneficial Ownership
The natural persons who ultimately own or control a legal-entity customer, which institutions must identify under the CDD Rule.
Read definitionInherent vs. Residual Risk
Inherent risk is exposure before controls; residual risk is what remains after controls are applied — the model regulators expect in a risk assessment.
Read definitionMRA / MRIA
Matter Requiring Attention / Matter Requiring Immediate Attention
Formal supervisory findings examiners issue to direct an institution to correct a deficiency.
Read definitionThird-Party Risk Management
TPRM
The lifecycle of identifying, assessing, and monitoring the risks vendors and partners introduce to your institution.
Read definitionSee how these apply to your program
Run a free, AI-guided gap assessment and find out which of these obligations apply to your institution — and where you stand. No credit card required.
Run My Free Assessment