Practical, vetted materials for anyone working in or around financial services, including compliance, risk, AML, audit, legal, leadership, and the advisors who work alongside them. A peer community is here too. No consulting overhead, just the resources and conversations the work actually needs.
Curated resources covering compliance, risk, AML, audit, regulatory developments, and the broader landscape of financial services. Templates, regulator guidance, and practical guides, added regularly as new things come across my desk.
BIS Financial Stability Institute Occasional Paper No. 27. Maps how crypto platforms have grown into multifunction intermediaries, the financial-stability risks involved, and policy approaches regulators are weighing. Useful background for any compliance program with crypto exposure.
Open PDF on bis.org →Treasury’s notice of proposed rulemaking under the GENIUS Act introduces a five-element OFAC program for Permitted Payment Stablecoin Issuers, extends compliance controls to secondary markets, and mandates blocking, freezing, and rejecting capabilities. Also flags open questions around DeFi and non-custodial arrangements the rule doesn’t fully resolve.
Open NPRM on federalregister.gov →The OCC’s twice-a-year read on credit, market, operational, and compliance risk across the federal banking system. Useful both as a planning input and as a benchmark for what supervisors are paying attention to right now.
Open publication on occ.gov →Bank of America Institute’s primer on the shift from digital-only AI to machines that sense, decide, and act in the physical world. Today’s advanced robots no longer just follow programmed rules, they run on a full AI stack covering vision, language, action, and an understanding of physical environments. Robotics drew $41B in funding in 2025. First of a three-part series.
Download PDF → Or read the LinkedIn commentary →A concise Congressional Research Service “In Focus” report (IF10613) explaining what an FTO designation actually means, how groups are added or removed from the list, and the policy implications. Timely context given the recent designation of Mexican, Haitian, and Ecuadorean groups as FTOs.
Open CRS Report on congress.gov →A three-part checklist from Sidley Austin covering new business and product opportunities, compliance to-dos that already apply, and emerging considerations on the horizon. Useful even for teams not currently active in digital assets — the forward-looking section is the standout.
Open checklist on sidley.com →FATF’s sixth targeted update on global implementation of AML/CFT measures for VAs and VASPs. Now covers ~98% of global VASP activity across 67 jurisdictions, flags persistent gaps in licensing and Travel Rule implementation, and addresses emerging stablecoin and DeFi risks. Industry estimates put illicit on-chain fraud and scams around $51 billion in 2024.
Open resource on fatf-gafi.org →NIST’s voluntary, sector-agnostic framework for managing AI risk, organized around four functions: Govern, Map, Measure, Manage. NIST has since released a Generative AI Profile (NIST AI 600-1) that adapts the framework for gen AI use cases.
Open framework on nist.gov →The Federal Financial Institutions Examination Council’s consolidated hub for cybersecurity assessment tools, joint statements, and supervisory guidance. A foundational bookmark for any financial-services compliance program.
Open resource →FinCEN’s official BOI reporting hub, FAQs, filing instructions, and small-entity compliance guides for the Corporate Transparency Act.
Open resource →The same playbook examiners use to assess BSA/AML programs at U.S. financial institutions. If your shelf only had one BSA/AML resource on it, this would be the one — and you can pull individual sections or build a custom procedure package.
Open manual on bsaaml.ffiec.gov →OFAC’s online portal for submitting voluntary self-disclosures of potential sanctions violations. Replaces the prior email-based process with faster acknowledgments, clearer status communication, and a more user-friendly submission flow.
Open portal on treas.gov →A consumer-complaint-based tracker hosted by the California Department of Financial Protection and Innovation. Searchable by company, scam type, or keyword — useful for compliance teams monitoring imposter websites and emerging scam patterns. DFPI updates it on an ongoing basis as new schemes surface.
Open tracker on dfpi.ca.gov →A curated set of explainers and policy commentary from the Avalanche Policy Coalition covering crypto basics, stablecoins, DeFi, and tokenization of real-world assets. Built for policymakers and non-specialists who need credible background quickly.
Open resource on owlexplains.com →A free, practical walkthrough of how to actually stand up an enterprise risk management program — a five-step roadmap, with templates for risk heat maps and risk management plans. Particularly useful for teams that understand ERM in concept but need help operationalizing it.
Open guide on smartsheet.com →A long-running trade publication covering the payments and merchant-services ecosystem. One of the easiest ways to stay current on ISO industry developments, regulatory shifts in the merchant space, and broader payments trends.
Open publication on greensheet.com →A free, country-by-country breakdown of sanctions compliance requirements across nearly every jurisdiction. Each country page covers the regime, reporting requirements, list requirements, and the relevant regulator. The most useful free reference of its kind I’ve come across.
Open guide on eversheds-sutherland.com →A bundled set of authoritative federal resources on how AI is being weaponized for financial crime: automated phishing, deepfake extortion, and advanced cyberattacks. The FBI IC3 Public Service Announcement is the primary entry point; the DOJ, DHS, and TRM Labs resources cover strategy, critical-infrastructure guidelines, and industry-side analysis.
FBI IC3 PSA — Criminals Use Generative AI to Facilitate Financial Fraud → Also: DOJ Artificial Intelligence → DHS Safety and Security Guidelines for AI in Critical Infrastructure → TRM Labs — AI-Enabled Crime →TRM Labs' 25-page report on how crypto compliance has evolved from proving technical controls exist to demonstrating those controls produce meaningful outcomes. Covers nested exchanges, cross-chain typologies, and the shift toward effectiveness-based risk assessment.
Open on trmlabs.com →The authoritative international AML/CFT and counter-proliferation standards. Recommendation 15 addresses virtual assets and VASPs and is the basis for the Travel Rule and licensing expectations in most jurisdictions.
Open on fatf-gafi.org →FinCEN exceptive relief that streamlines beneficial-ownership Customer Due Diligence requirements for covered financial institutions in specific limited circumstances. Useful for AML programs reassessing their CDD onboarding flows.
Open on fincen.gov →The Conference of State Bank Supervisors maintains a hub of state-regulator guidance, model frameworks, and consumer-protection resources for state-chartered institutions and money services businesses. Particularly useful for multi-state licensees.
Open on csbs.org →Elliptic's free crypto and blockchain education hub. Covers blockchain fundamentals, on-chain analytics concepts, and typology training designed for compliance professionals new to digital assets.
Open on elliptic.co →The Basel Institute on Governance's free, self-paced training platform. Skills-based courses with certificates covering AML investigations, asset recovery, financial intelligence, beneficial ownership, and anti-corruption.
Open on baselgovernance.org →More resources added regularly. Have one to share?
Suggest a resourceA Slack community for financial services professionals to swap notes, share what’s working, and trade questions. Not consulting, not regulator watch, just peers helping peers. The space is ready, and we’re keeping it close-knit, so joining is by referral. If someone already in the community can vouch for you, or if we’ve connected before, send a note and I’ll get you added.
Reach out to joinBigger pieces of the Hub that will launch once the library and community find their footing.
Roles across financial services, including compliance, risk, AML, audit, and legal, full-time, contract, and fractional, plus a curated matchmaker for fractional CCOs and interim officers.
A directory of regtech, compliance tech, and adjacent vendors, with community-driven ratings instead of marketing copy.
A staged rollout. Each phase builds on the traction of the last.
A growing library of curated resources, archived and searchable, with longer commentary added as it comes together.
A peer Slack workspace for financial services professionals, joined by referral, with virtual roundtables once there’s critical mass.
Open the job board and vendor directory once the community is established.
Questions, feedback, or a resource to suggest? Send a note and I’ll get back to you.