API Marketplace

Solutions

Resources

Our Company

Book a Demo

← Back to Glossary

NYDFS Part 504 AML Rule

United States

2017

AML/CFT

Overview

The New York Department of Financial Services (NYDFS) Part 504 Rule, effective January 2017, sets out stringent requirements for transaction monitoring and sanctions filtering programs within financial institutions operating under NYDFS supervision. It is considered one of the most rigorous state-level AML regulations in the United States, going beyond federal BSA/AML requirements by mandating direct accountability of senior management for compliance effectiveness.

The rule applies to New York–licensed banks, branches and agencies of foreign banks, trust companies, money transmitters, and check cashers. It requires these institutions to design, implement, and annually certify their AML and sanctions screening systems, ensuring they are tailored to business models and risk profiles. This regulation is particularly critical for institutions with large cross-border operations, payment networks, and correspondent banking relationships.

Key Obligations

Maintain a robust, risk-based transaction monitoring program to detect suspicious activity
Implement a sanctions filtering system aligned with OFAC and other global watchlists
Conduct annual certification of compliance by the board or a senior officer (personal liability for false certification)

Calibrate systems based on institution-specific risks, products, services, and geographies
Document program design, model validation, governance, and tuning processes
Retain supporting records for examinations and audits

Stay ahead of risk with Signzy

Explore tools that help you onboard, monitor, and verify with confidence

AML Screening

Screen users against Politically Exposed Persons (PEP), watchlists, sanctions lists, adverse media, and more through one-time screening and advanced monitoring.

Transaction Monitoring

Monitor transactions in real-time and analyse past behaviour to identify suspicious activities and ensure regulatory compliance across the user journey.

One Touch KYC

Launch global KYC flows with built-in document OCR, liveness checks, deepfake detection, and AML, all through a single, customizable dashboard.

Related Regulations

Bank Secrecy Act AML Law

USA PATRIOT Act AML Provisions

OFAC Sanctions Compliance Programs

FAQ

Who must comply with Part 504?

All financial institutions regulated by NYDFS, including New York branches of foreign banks.

What makes this rule unique?

The annual certification requirement, which places accountability directly on boards and senior officers.

Does Part 504 replace federal AML rules?

No, it supplements federal AML laws by adding stricter state-level expectations.

What are the penalties for violations?

Enforcement actions may include civil monetary penalties, regulatory restrictions, and personal liability for certifying officers.