Bank of America has agreed to pay a $7.5 million settlement to the U.S. Securities and Exchange Commission to resolve allegations that its Merrill Lynch subsidiary failed to submit some required suspicious activity reports because of an oversight.
The SEC said that between April 8, 2020, and Sept. 10, 2024, Merrill Lynch did not file all the suspicious activity reports (SARs) with the U.S. Treasury Department’s Financial Crimes Enforcement Network that it was required to file, according to an administrative action filed June 29.

“We maintain rigorous anti-money laundering (AML) practices,” a Bank of America spokesperson told FinAi News. “We have been engaged with regulators on this matter and we continually review and enhance our AML systems to address evolving risks and report and detect suspicious activity.”
The oversight was apparently caused by Bank of America’s transaction-monitoring software system, Event Processor, which aggregates alerts for potentially suspicious events into event groups, according to the administrative action. From there, the system assigns risk scores to the event groups. Only event groups with risk scores of 20 or higher are investigated for potential SAR filings.
But according to the SEC, internal Bank of America analyses as far back as at least April 2020 showed that certain event groups with risk scores below 20 would have resulted in SAR filings had they been investigated, according to the SEC.
The agency said Bank of America corrected the oversight in December 2023. When FinAi News asked why the improper filings continued into September 2024, Bank of America did not respond.
Bank of America also did not confirm whether Event Processor uses AI, though it does not appear to as AI is not mentioned in any available information on it. However, Chief Executive Brian Moynihan said during the company’s April 15 earnings call that Bank of America planned to embed AI and agentic AI into additional client-facing platforms as its digital transformation advances.
Although neither the SEC nor Bank of America stated how many SARs should have been filed but were not, the suspicious activity in the relevant event groups “pertained to hundreds of millions of dollars in transactions,” according to the administrative action.
FIs should use AI to flag suspicious activity
As bad actors increasingly use AI for fraud and money laundering, banks need to implement AI solutions to stem the tide, Tracy Moore, director of thought leadership and regulatory affairs at fintech Fenergo, told FinAi News.
“What AI will do [is] improve your consistency, but it’s still going to have to operate within your strong governance, your validation and your human oversight.” — Tracy Moore, director of thought leadership and regulatory affairs, Fenergo
Regardless of the technology, FIs need to ensure they are taking an integrated approach to AML and risk analysis. Siloed systems need to be capable of communicating, Moore said.
“If that institution we’re talking about had stepped back, taking a holistic view of how they’re [flagging and categorizing suspicious activity] across the board and all of their business segments and then double click into each one of those business segments, do a gap analysis … perhaps they would have identified that gap sooner,” Moore said.
Register here for the FinAi Lending Summit, set for Oct. 7-8 in Las Vegas.





