Source of Funds and Source of Wealth Verification: US AML Compliance Guide

Source of funds (SOF) and source of wealth (SOW) verification are core components of Enhanced Due Diligence (EDD) under the US Bank Secrecy Act (BSA) framework. The FinCEN Customer Due Diligence (CDD) Rule (31 CFR § 1010.230), which took effect May 11, 2018, requires covered financial institutions to understand the nature and purpose of customer relationships and, for higher-risk customers, the source of funds used in transactions. The Anti-Money Laundering Act of 2020 (AMLA) strengthened BSA requirements and increased penalties for willful non-compliance.

For a broader overview of EDD obligations, see our Enhanced Due Diligence EDD compliance guide.

This article is provided for informational purposes only and does not constitute legal, financial, or regulatory advice. Regulatory references are accurate as of June 2, 2026. Consult qualified legal counsel for advice specific to your institution's circumstances.

How US SOF/SOW requirements differ from European frameworks

US AML law operates under a dual federal-state structure with distinctions that matter for practitioners familiar with EU frameworks.

Federal vs. state requirements — FinCEN's BSA rules set the federal floor. Individual states may impose additional AML requirements through their own financial supervisory agencies (e.g., New York DFS, California DBO/DFPI). New York's Part 504 AML Transaction Monitoring and Filtering Program Requirements are notably more prescriptive than federal minimums.

No unified EDD trigger list — Unlike EU frameworks with a codified list of EDD triggers, US law uses a risk-based approach. FinCEN's Guidance on Risk-Based Approach allows institutions to define their own risk factors, though certain categories (PEPs, high-risk geographies, cash-intensive businesses) are universally flagged.

SOF terminology — US regulators typically refer to "source of funds" rather than "source of wealth," though FFIEC examination manuals use both concepts when discussing EDD for high-risk customers.

When is SOF/SOW verification required under US law?

The BSA does not mandate SOF verification for every transaction. The requirement flows from a financial institution's risk-based CDD program under 31 CFR § 1010.210 and § 1010.230. Certain risk factors commonly trigger SOF inquiry:

High-risk categories requiring SOF documentation

Senior Foreign Political Figures (SFPFs) — Under 31 CFR § 1010.620, banks maintaining private banking accounts for non-US persons must identify SFPFs and apply EDD including SOF/SOW. The Patriot Act Section 312 and subsequent FinCEN guidance governs this.

OFAC-designated or high-risk geography clients — Clients with nexus to countries on the OFAC Specially Designated Nationals (SDN) list or FinCEN advisory jurisdictions trigger enhanced scrutiny of fund origins.

High-net-worth clients in private banking — The FFIEC BSA/AML Examination Manual identifies private banking clients with assets exceeding $1 million as requiring enhanced due diligence, with documented inquiry into source of funds.

Cash-intensive or high-risk businesses — Clients operating in sectors identified in FinCEN geographic targeting orders (GTOs) or advisories (real estate, money services, cryptocurrency) require documented SOF review.

Unusual transaction patterns — Any customer transaction that is inconsistent with the established risk profile, regardless of dollar amount, should prompt an SOF inquiry under the institution's risk-based program.

Corporate Transparency Act (CTA) beneficial ownership — The CTA (31 USC § 5336), effective January 1, 2024, requires reporting companies to disclose beneficial owners to FinCEN. For financial institutions, CTA data supplements but does not replace CDD obligations, including SOF assessment.

Required documents for SOF verification in the US

Documentation standards align with FFIEC examination expectations and FinCEN guidance. The principle: documents must independently corroborate the client's account of fund origins.

Common fund origins and required US documentation

Employment income or professional fees

• Recent pay stubs (two to three months)
• IRS Form W-2 (most recent year) or Form 1099 for self-employed clients
• CPA-prepared tax return (Form 1040) for high earners or self-employed

Real estate sale proceeds

• HUD-1 or Closing Disclosure showing net proceeds
• State deed recording (available through county recorder's office)
• Bank statement confirming receipt from title company or escrow

Business sale proceeds

• Asset purchase agreement or stock purchase agreement
• IRS Form 8594 (asset acquisitions) or Schedule D (stock sale)
• Bank or escrow statement confirming receipt

Inheritance

• Letters Testamentary issued by probate court
• Estate distribution accounting
• Bank statement confirming receipt from estate executor

Loan or mortgage proceeds

• Loan agreement from regulated lender
• HUD-1 or Closing Disclosure confirming disbursement
• Bank statement showing proceeds

Investment or dividend income

• Brokerage account statements (Fidelity, Schwab, etc.)
• IRS Form 1099-DIV or 1099-B
• Corporate board minutes authorizing dividend distribution

Required documents for SOW verification

SOW verification applies to high-risk customers (SFPFs, private banking clients, HNWIs). The FFIEC Examination Manual recommends a longitudinal assessment of wealth accumulation.

Red flags in SOW — The FinCEN SAR Activity Review consistently flags: wealth inconsistent with known occupation, large cash deposits without documented source, rapid movement through multiple accounts, unexplained foreign wire transfers.

US legal and regulatory framework

Bank Secrecy Act (BSA) — The BSA (31 USC §§ 5311–5336) is the primary federal AML statute. 31 CFR § 1010.210 requires all covered institutions to establish AML programs that include customer due diligence procedures. Willful violations carry criminal penalties up to $250,000 per violation and 5 years imprisonment.

FinCEN CDD Rule (31 CFR § 1010.230) — The CDD Rule requires covered financial institutions to establish and maintain written procedures for identifying and verifying beneficial owners of legal entity customers. For high-risk customers, enhanced procedures including SOF documentation are expected.

Anti-Money Laundering Act of 2020 (AMLA) — The AMLA 2020 updated the BSA, adding whistleblower protections, increased penalties, and directed FinCEN to improve data analytics capacity. Maximum civil penalties increased to $1 million per violation.

OFAC compliance — Parallel to FinCEN BSA obligations, OFAC regulations prohibit transactions with SDN-listed individuals or entities. OFAC enforcement actions for AML failures have included civil penalties exceeding $1 billion for major financial institutions.

FFIEC BSA/AML Examination Manual — The FFIEC Manual is the practical reference for bank examiners. It specifies what constitutes adequate EDD, including SOF documentation, and is the standard against which examiners assess bank compliance.

Automating SOF/SOW verification with CheckFile

Manual SOF/SOW verification creates bottlenecks in account opening and transaction approval workflows, with compliance teams spending significant time on document review and cross-validation.

CheckFile automates the critical steps:

• Document authenticity verification across 3,200+ document types in 32 jurisdictions, including US IRS forms, bank statements, court documents, and corporate records
• Structured data extraction to populate CDD/EDD case management systems without manual re-entry
• Cross-document consistency checks — validating that names, SSNs, amounts, and dates are consistent across W-2s, bank statements, and closing disclosures in the same EDD file
• Compliant archiving with full audit trail for the five-year BSA record retention requirement under 31 CFR § 1010.430

The platform integrates via API with OFAC/PEP screening systems and existing case management or core banking platforms. Learn more about our security approach and pricing, or visit CheckFile.ai.

For a complete overview of AML compliance requirements, see our anti-money laundering compliance guide.

Frequently Asked Questions

Does the BSA require SOF verification for every transaction?

No. The BSA uses a risk-based approach: SOF documentation is required when a customer's risk profile warrants it, not for every transaction. The institution's written CDD program, approved by senior management and board, defines the triggers. Examiners evaluate whether the program is appropriately calibrated to the institution's risk profile.

What is the difference between a US SAR and an EU suspicious transaction report?

Both are mandatory filings when suspicious activity is detected. The US SAR is filed with FinCEN via BSA e-Filing (fincen.gov) and triggers no obligation to notify the subject. The EU equivalent is filed with the national FIU (e.g., Tracfin in France, SOCA/NCA in UK). Both prohibit tipping off the customer. A key US distinction: SARs filed in good faith provide complete immunity from civil liability under 31 USC § 5318(g)(3).

Does the CTA eliminate the need for SOF verification?

No. The Corporate Transparency Act beneficial ownership data (submitted to FinCEN) supplements but does not replace bank CDD obligations. Financial institutions must still conduct their own CDD, including SOF inquiries for high-risk customers. CTA data helps corroborate beneficial ownership declarations but is not a substitute for SOF documentation.

Are foreign documents acceptable for US SOF purposes?

Yes, with appropriate authentication. For countries party to the Hague Apostille Convention, an apostille confirms official document authenticity. For others, consular certification may be required. The institution must assess whether the document provides equivalent corroborative value to a comparable US document. Translation by a certified translator is required for non-English documents.

What are the penalties for inadequate SOF documentation in the US?

FinCEN can impose civil money penalties up to $1 million per day for willful violations under AMLA 2020. Negligent violations carry penalties up to $500 per transaction (minimum $25,000 aggregate). Regulatory agencies can also require costly remediation programs and impose consent orders. Criminal referrals for willful violations can result in prosecution under 18 USC § 1956 (money laundering).