2025 SEC Examination Priorities & FINRA Annual Regulatory Oversight Report
KYC Red Flags in Account Opening and Closing
Basel AML Index and Corruption Perceptions Index
IRS Annual Dirty Dozen
Rockies AML
100

SEC stands for? and FINRA stands for? 

Securites Exchange Commission 

Financial Industry Regulatory Authority 

100

Sets global standards for combating money laundering and terrorist financing, including detailed KYC recommendations for member countries.

FATF

100

What is the Basel Index?

An independent, data-based ranking and risk assessment tool for money laundering and related financial crime risks around the world AND/OR Provides risk scores for countries and jurisdictions based on data from 17 publicly available sources

100

What is the Dirty Dozen 

12 most common tax scams and schemes reported by the IRS

100

Which three AML team members have birthdays in September 

Dennis, Ian, and Karachel

200

Prior to the SEC, securities trading was governed by 

Blue Sky Laws

200

Three (3) Best practices for KYC Compliance

EDD, Automation, Regular Reviews, Employee Training

200

Three (3) of the five (5) domains considered to contribute to a high money laundering risk

Quality of AML, CFT Framework, Corruption and Fraud Risks, Financial Transparency and Standards, Public Transparency and Accountability, Political and Legal Risk

200

Two (2) Dirty Dozen Scams include

Phishing and Smishing, Social Media Tax / Bad social Media Advice, Third-Party Online Account Scams, Fake Charities, False Fuel Tax Credit Claims, Improper Claims for Sick/Family Leave, Bogus-Self Employment Tax Credit, Improper Household Taxes, Overstated Withholding, Misleading Offers In Compromise Emails, Ghost Tax Return, New Client Spear Phishing Scams

200

He was a skater boy she said she ya later boy!

Yogi

300

Two (2) of the Six (6) divisions that make up the SEC are 

Corporate Finance, Trading and Markets, Investment Management, Enforcement, Economic and Risk Analysis, Examinations 

300

Three (3) red flags at account opening 

Incomplete or Inconsistent Information, Reluctance to Provide Required Documents, Unclear Source of Funds/Wealth, Unusual Business Structure (Complex Ownership), Politically Exposed Persons (PEPs) with Unexplained Wealth, Connections to High-Risk Countries, Adverse Media Linked to Client and Affiliates

300

Two (2) types of corruption reviewed by the Corruption Perception Index 

Bribery, Diversion of public funds, Access to information on public affairs/government activities, Laws ensuring that public officials must disclose their finances and potential conflicts of interest, Legal protection for people who report cases of bribery and corruption, Nepotistic appointments in the civil service, Ability of governments to contain corruption in the public sector 


300

Name (2) risks to the client and the firm resulting from Phishing and Smishing Attacks

Account takeovers, Business Email Compromise (BEC), Unauthorized transfers, Onboarding of synthetic identities, Regulatory scrutiny, Reputational risk

300

If Tiana was going to get a soda it would be?

Dr. Pepper

400

Two (2) SEC 2025 Priorities include

Artificial Intelligence (examine RIAs and Broker Dealers use of AI as well as their policies and procedures on its controls), Cyber Security (practices, data loss prevention, and responses), Cryptocurrency (standards of conduct, risk disclosures, operational resiliency, and compliance with relevant laws)

400

Three (3) Red Flags in Account closing 

Account closed immediately after a large transaction, Rapid movement of funds, Unexplained large withdrawals or transfers (especially to high-risk jurisdictions or unknown entities), Pushback on compliance inquiries when asked about transactions, Refusal to provide updated KYC documents before closure, Account closure request follows a KYC inquiry, Avoidance of questions about the reason for closure, Conflicting information provided by the client.



400

This domain has the largest impact on the risk assessment

Quality of AML/CFT/CPF Framework 

400

What are (2) key red flags for Fake Charities

No online presence, Large or repeat donation, High Risk Jurisdiction

400

Imo's favorite food (or what gets ordered the most) is 

Chipotle 

500

According to FINRA Two (2) Emerging Risks regarding the use of Generative AI include 

Investment club scams, New Account fraud and Account takeovers, Business Email Compromise, Ransomware Attacks, Imposter Scams, Market Manipulation 

500

CAP is ...

Customer Acceptance Policy - Outlines criteria for accepting customers, including risk assessment based on occupation, geographic location, and source of funds. 

500

How does Basel recommend managing risk? 

Internal Controls, Policies/Procedures, Due Diligence, Periodic Reviews, training, Audits, Risk Assessments, Risk-Based Approach, AML/KYC Fields in profiles 

500

What risk does Foreign Captive and Micro Captive Insurance pose to the Firm?

Payments to captive arrangements can be used to disguise transfers as insurance premiums, funnel money offshore, support foreign reinsurance layering schemes, or evade taxes.

Onboarding of bad actors through the misrepresentation of wealth and unclear beneficial ownership.


500

Four (4) honorable mentions to the AML Team - Little people or pets 

Cookie, Bella, Tito, Max, Molly, William Milo (Bubba for short), Zoya