This glossary defines 80+ terms, acronyms, and regulatory concepts used in money transmitter licensing. Each definition is practical and includes context for how the term is used in real licensing and compliance situations.

1. Account Takeover (ATO): Fraud where an attacker gains unauthorized access to a customer's account and conducts unauthorized transactions. MTLs must implement controls to detect and prevent ATO.

2. Administrative Subpoena: Legal order issued by a regulator requiring production of specific records or information. Must be obeyed within specified timeframe.

3. AML (Anti-Money Laundering): Regulatory and operational framework designed to prevent, detect, and report financial activity that violates sanctions laws or facilitates illegal activity. Required component of MTL compliance.

4. Beneficial Ownership: The natural person(s) who ultimately own or control a business entity. Corporate structures (LLC, trust, corporation) obscure beneficial ownership, but AML compliance requires identifying true beneficial owners.

5. Beneficial Purpose: The legitimate reason a customer is using your service. For remittance: to send money to family. For exchange: to convert currency for business. AML compliance requires understanding and documenting beneficial purpose.

6. FinCEN (Financial Crimes Enforcement Network): Federal agency under Treasury responsible for AML enforcement. FinCEN registers MSBs, receives SARs and CTRs, and investigates AML violations.

7. BitLicense: Regulatory framework established by New York Department of Financial Services for cryptocurrency businesses. More stringent than money transmitter licensing in other states.

8. BSA (Bank Secrecy Act): Federal law (31 USC 5311 et seq.) requiring financial institutions to report suspicious activity, file currency transaction reports, and maintain customer identification. Foundation of all US AML regulation.

9. Beneficial Ownership Reporting (BOR): Company registration information disclosing true beneficial owners. Required in some jurisdictions for corporate formation. Different from BSA beneficial ownership definition.

10. Blue Chip Banks: Largest, most stable US banks that are least likely to have AML/sanctions issues. Examples: JPMorgan, Bank of America, Citibank, Wells Fargo.

11. Bulk Currency Transfer: Transfer of physical currency in large amounts across borders. Subject to reporting if over $10,000.

12. Bust-Out Fraud: Type of fraud where a person uses a service legitimately to build trust and make payment history, then conducts large unauthorized transaction and ceases contact.

13. CDD (Customer Due Diligence): Process of understanding customer's background, legitimate purpose, and source of funds. Required baseline for all customers under BSA.

14. Controlled Disbursement Account: Bank account where the bank controls timing of fund disbursement, allowing the account holder to manage daily cash flows. Some MSBs use this for settlement.

15. Correspondent Bank: Foreign financial institution that you rely on to deliver funds or provide services in a specific jurisdiction. Subject to specialized due diligence.

16. CTRS (Currency Transaction Reports): Reports filed for cash transactions over $10,000 to FinCEN. Filed by the financial institution that handled the cash, not by the customer. Distinct from SARs.

17. Cyber Risk: Risk of data breach, ransomware, or unauthorized access to customer information or transaction systems. Major regulatory focus for MSBs handling customer data.

18. De-Risking: When a financial institution declines to serve a customer or exits a market due to perceived compliance risk. Common in crypto and remittance spaces.

19. Diamond Rush: Pattern of many MSB applications filed simultaneously, often indicating investor interest in the corridor. Can trigger elevated regulatory scrutiny.

20. Digital Assets: Cryptocurrencies, stablecoins, and other blockchain-based assets. Regulatory treatment is evolving. Many states explicitly address digital asset licensing.

21. EDD (Enhanced Due Diligence): Deeper investigation triggered by risk factors such as high-risk customer, high-risk jurisdiction, or unusual transaction pattern. Proportionate to identified risk.

22. Emerging Risks: New vectors for AML violations that regulators are identifying. Examples: stablecoins, decentralized finance (DeFi), non-fungible tokens (NFTs).

23. Entity Sanctions: Sanctions against organizations, companies, or entities (rather than individuals). Critical for correspondent due diligence.

24. Escalation Authority: Specific person or level within organization authorized to approve high-risk transactions, deny applications, or file SARs.

25. ESG (Environmental, Social, and Governance): Investment and regulatory framework that incorporates environmental and social impact. Some banks are de-risking based on ESG concerns about certain industries (crypto, money transmission).

26. FATF (Financial Action Task Force): International body that sets standards for AML/CFT (counter-financing of terrorism). FATF recommendations are often incorporated into domestic regulation.

27. FCRA (Fair Credit Reporting Act): US federal law regulating use of consumer reports. Relevant for customer identification when using third-party background check services.

28. Federal Exemptions: Specific transactions or entities exempt from certain regulatory requirements under federal law. Example: Transactions by certain government agencies are exempt from CTR filing.

29. Federal Reserve: The Federal Reserve System acts as banker to the US government and major US banks. Relevant because some MSBs maintain accounts with regional Federal Reserve banks.

30. GLBA (Gramm-Leach-Bliley Act): Federal law establishing privacy and security requirements for financial information. All MSBs handling customer information must comply.

31. Gross Transaction Volume: Total dollar amount of all transactions processed in a period. Used to determine licensing requirements and compliance intensity in some states.

32. Group Account: Shared account or account controlled by multiple users. Relevant for compliance because transaction responsibility may be unclear.

33. Hawala: Informal value transfer system used historically in Middle East and South Asia. Operates outside banking system through broker networks. Subject to MTL requirements if operating in US.

34. High-Risk Customers: Customers presenting elevated AML risk due to profession, background, or transaction patterns. Subject to EDD. Examples: casinos, lawyers, money lenders.

35. High-Risk Geographies: Countries or regions presenting elevated AML risk due to weak regulation, corruption, or sanctions. Examples: Syria, North Korea, Iran, Yemen, Venezuela, certain African countries.

36. Hot Wallet: Cryptocurrency wallet connected to internet, used for active transactions. Contrasts with cold storage (offline, more secure but less liquid).

37. IATF (International Advisory Task Force): Task force established by FinCEN post-9/11 to coordinate AML efforts across agencies and internationally.

38. Identity Verification: Process of confirming customer is who they claim to be. Methods include government-issued ID check, third-party database verification, and in-person verification.

39. IVT (Informal Value Transfer System): Generic term for value transfer systems operating outside banking system. Hawala is an example. Subject to MTL requirements if in US.

40. Jurisdiction Shopping: Selecting a permissive jurisdiction for licensing to avoid strict requirements elsewhere. While legal, can trigger regulatory scrutiny if used to evade requirements.

41. KYC (Know Your Customer): Process of identifying and verifying customer identity before accepting a transaction. Required baseline under BSA.

42. KYCC (Know Your Customers' Customers): Extended due diligence requiring understanding of customer's customers. Less common but required in high-risk relationships.

43. MLRO (Money Laundering Reporting Officer): Compliance role (common in UK/EU) responsible for AML compliance. Not standard title in US but equivalent to Compliance Officer.

44. Mitigation Control: Specific procedure or system designed to reduce identified risk. Example: Real-time OFAC screening to mitigate sanctions evasion risk.

45. MTL (Money Transmitter License): State-level license authorizing operation of money transmission business. Required in most states to operate legally.

46. MSB (Money Services Business): Federal definition for any person engaged in money transmission, check cashing, currency exchange, or similar activity. Subject to FinCEN registration.

47. Negative News Screening: Process of checking customer and beneficiary names against news sources to identify adverse information. Part of AML due diligence.

48. Net Settlement: System where multiple parties settle their obligations with each other by offsetting amounts owed rather than making individual transfers.

49. NYDFS (New York Department of Financial Services): New York's financial regulator. Known as most stringent regulator of MSBs and crypto businesses.

50. Ongoing Customer Monitoring: Process of continuously reviewing customer transactions and customer profile for changes in risk or new suspicious indicators. Distinct from one-time CDD.

51. OFAC (Office of Foreign Assets Control): Federal agency administering economic sanctions. Maintains SDN list and other sanctions lists. All financial institutions must screen against OFAC.

52. ODNI (Office of the Director of National Intelligence): Federal agency that compiles certain intelligence-based lists. Some MSBs screen against ODNI lists.

53. OCC (Office of the Comptroller of the Currency): Federal regulator of national banks. Relevant for MSBs seeking banking charters or certain partnerships.

54. Omnibus Account: Aggregated account held in the name of the MSB but on behalf of multiple beneficial owners (customers). Creates commingling risks.

55. OTOA (Office of Terrorist and Other Acronyms): Not a real acronym, but illustrates how regulatory language is acronym-heavy. Stay current with actual acronyms used in regulation.

56. PEP (Politically Exposed Person): Current or former high-ranking government official, family member, or associate. Subject to enhanced due diligence due to corruption risk.

57. PayPal Founders Problem: Early challenge that payments companies faced: operating before regulation was clear, then having to retrofit compliance. Modern startups should license proactively.

58. Prepaid Card: Card that has cash loaded on it and can be spent like a debit card. Issuer of prepaid card is typically an MSB.

59. Primary Source Documents: Original government-issued documents used for identity verification. Examples: passport, national ID, driver's license.

60. Private Beneficial Ownership: Concept that individual natural persons' beneficial ownership information should remain confidential in certain contexts. Not always honored in regulatory context.

61. Proof of Beneficial Ownership: Documentation establishing who actually owns or controls a business entity. Collected as part of CDD for business customers.

62. Proof of Address: Document establishing customer's residential address. Required in customer identification. Examples: utility bill, lease, bank statement.

63. Pull Money: System where customer initiates transaction and pulls money from their own account (debit, ACH). Contrasts with push money (payment initiated by entity with account access).

64. Receiver Risk: Risk that the receiving institution (beneficiary's bank) is located in high-risk jurisdiction or has poor AML controls.

65. Refresh Rate: How often customer information is re-verified. AML regulations recommend periodic re-verification, especially for high-risk customers.

66. Regulatory Stress Testing: Process where regulators examine an MSB's ability to maintain compliance and service customers under stress conditions. Some larger MSBs are subject to this.

67. Reputable Bank Reference: When opening corporate account, some banks require reference from another reputable financial institution. Can be challenging for startups.

68. Regulatory Capital: Capital requirements set by regulators to ensure financial stability. MTL statutes often set net worth requirements as substitute for regulatory capital requirements.

69. SAR (Suspicious Activity Report): Report filed with FinCEN when financial institution detects suspicious activity. Must be filed within 30 days. Confidential—cannot disclose to customer.

70. Sanctions Evasion: Using financial system to circumvent economic sanctions. Major AML enforcement focus. Violations carry severe penalties.

71. Secondary Source Documents: Government-issued or official documents used to corroborate customer information. Examples: business registration, tax ID, professional license.

72. Sectoral Sanctions: Sanctions targeting specific economic sectors of a country rather than entire country. Example: Iranian oil sector sanctions.

73. SDN (Specially Designated National): Individual or entity on FinCEN's Specially Designated Nationals List. Transactions with SDNs are prohibited.

74. Section 314(a): Section of Patriot Act allowing law enforcement to request information from financial institutions about specific customers. MSBs must be able to quickly respond to Section 314(a) requests.

75. Section 314(b): Section of Patriot Act allowing financial institutions to share information about suspected suspicious activity with each other.

76. Settlements: Transfer of funds between an agent/partner and the MSB to account for transactions processed. Daily, weekly, or monthly depending on agreement.

77. Seismic Shift: Major regulatory change that affects industry broadly. Example: Post-9/11 implementation of BSA, or recent crypto regulatory expansion.

78. Severe Risk Jurisdiction: Jurisdiction deemed by regulators as presenting extreme AML or terrorist financing risk. Example: Syria, North Korea, Iran.

79. Shell Company: Corporate entity with no actual business operations, used to disguise beneficial ownership. Major AML red flag.

80. SOAR (Sanctions, Obligations, Audit, Reporting): Not a standard acronym, but describes the full cycle of sanctions compliance work.

81. Spread: The profit margin between buy and sell rates in currency exchange. Disclosed to customer as part of transparency.

82. Structuring: Deliberately breaking a large transaction into multiple smaller transactions to avoid reporting thresholds. Is illegal and a specific AML violation.

83. Subpoena Responses: When regulators or law enforcement issue subpoenas, MSBs must respond within specified timeframe (typically 15-30 days).

84. Sunset Provision: Regulatory provision that expires after a specified period unless renewed. Some state licenses have sunset provisions requiring renewal.

85. Suspicious Pattern Analysis: Ongoing monitoring looking for patterns across transactions even if individual transactions are not unusual. Example: Customer deposits daily in amounts just below $10,000.

86. Thrifts: Savings and loan institutions, regulated federally. Some MSBs consider converting to thrift to simplify regulation.

87. Third-Party Verification: Using external vendor (not your institution) to verify customer identity. Common for remote onboarding.

88. Tipping Off: Prohibited practice of informing customer that you've filed a SAR or are investigating them. Violating confidentiality of SAR.

89. Transaction Corridor: Specific route for funds (example: US to Mexico remittance corridor). Some corridors are high-risk due to destination jurisdiction or competitor dynamics.

90. Trust Account: Segregated bank account where customer funds are held on behalf of customers, not for the MSB's benefit. Required by state law for most MSBs.

APPENDICES (CONTINUED)