What Is a Currency Transaction Report? A Compliance Guide
Oct 13, 2025
·
13 min read
Contents
A currency transaction report (CTR) is one of the most common filings financial institutions must make under US anti-money laundering laws. If your business handles cash, you are required to report certain large transactions to regulators, whether you are a traditional bank, a money services business, or a fintech company working with innovative payment models.
For fintech founders, lawyers, and compliance officers, CTRs often raise practical questions. What exactly triggers a filing? Who is responsible for submitting it? And how do you handle reporting when customers attempt to avoid the rules?
This guide breaks down the essentials of when CTRs apply, how they are filed, the regulators involved, and the compliance challenges fintech companies encounter. We’ll also highlight recent developments and best practices so your compliance program can address CTR requirements without unnecessary complexity.
InnReg is a global regulatory compliance and operations consulting team serving financial services companies since 2013. If you need assistance with compliance or fintech regulations, click here.
What Is a Currency Transaction Report (CTR)?
A currency transaction report is a mandatory filing under the US Bank Secrecy Act. Financial institutions must submit a CTR to the Financial Crimes Enforcement Network (FinCEN) whenever a customer conducts cash transactions of more than $10,000 in a single business day.
The report captures details about the:
Person conducting the transaction
Account owner (if different)
Amount and type of transaction
Institution handling it
The purpose is not to accuse customers of wrongdoing but to create a record of large cash movements that regulators and law enforcement can analyze for potential money laundering, tax evasion, or other financial crimes.
CTRs are routine filings. Banks, broker-dealers, money transmitters, and fintech companies that handle cash directly or through partners all encounter them. For fintechs, particularly, understanding how CTR obligations apply and how responsibilities are shared with partner banks or vendors is an integral part of building a credible compliance program.
Why CTRs Matter in Financial Compliance
Currency transaction reports play a central role in the US anti-money laundering framework. They give regulators visibility into large cash movements that could otherwise occur outside the recordkeeping systems of banks and fintechs.
For compliance teams, CTRs serve three main purposes:
Creating an audit trail: They document who moved the cash, when, how much, and through which institution. That trail can later help law enforcement verify sources of funds or investigate illicit activity.
Deterring evasion: Because customers know firms will report large cash transactions, CTRs reduce the likelihood of criminals trying to launder money through regulated channels.
Demonstrating compliance: Routine CTR filing shows regulators and banking partners that an institution is taking its obligations seriously. This can be especially important for fintech companies working with sponsor banks, where credibility is essential.
Most CTRs are filed on legitimate transactions, such as cash-intensive businesses depositing daily earnings. Still, each report contributes to a national database that agencies use to identify patterns of money laundering, structuring, or tax evasion. For fintechs entering regulated markets, handling CTRs properly is about building trust in the company’s compliance culture.
When a Currency Transaction Report Is Required
Financial institutions must file a currency transaction report whenever a customer’s cash activity exceeds the reporting threshold. The rule is straightforward in principle but raises practical issues in execution.
Transactions That Trigger a CTR
A CTR is required when:
A customer deposits or withdraws more than $10,000 in cash in one business day.
A customer exchanges currency (such as US dollars for euros), and the total exceeds $10,000.
A customer uses cash to purchase monetary instruments, like cashier’s checks or money orders, above the threshold.
The filing obligation applies regardless of whether the funds are from legitimate sources. A CTR is not a suspicion-based report; it is mandatory once the transaction crosses the dollar threshold.
Aggregation Rules for Multiple Transactions
Customers sometimes try to avoid reporting by breaking transactions into smaller amounts. The law requires institutions to aggregate multiple cash transactions by or on behalf of the same person in one business day.
For example:
Two $6,000 deposits to the same account on the same day equal $12,000 and trigger a CTR.
Firms must also aggregate cash deposits made at different branches by the same customer on the same day.
Because of these rules, fintechs and banks need monitoring systems capable of combining activity across locations, accounts, or channels. Missing an aggregated transaction can lead to regulatory findings.
What Counts as Currency (and What Doesn’t)
“Currency” refers to any form of physical money, including paper notes and coins of the United States or foreign countries. Transactions that involve cash deposits or withdrawals, currency exchanges, and cash payments on loans all qualify as transactions in currency.
By contrast, wires, ACH transfers, checks, or card payments do not count as currency. These may have separate monitoring requirements, but do not trigger a CTR.
Who Must File a Currency Transaction Report
The obligation to file a currency transaction report falls on a wide range of financial institutions. The definition under the Bank Secrecy Act extends well beyond traditional banks, which includes many fintechs.
See also:
Covered Financial Institutions
Institutions required to file CTRs include:
Banks, credit unions, and savings associations
Broker-dealers in securities and futures commission merchants
Money services businesses (MSBs), including money transmitters, currency exchangers, and check cashers
Casinos and card clubs above certain revenue thresholds
Each of these entities has to file a CTR whenever qualifying cash activity occurs, whether it takes place at a branch, through an agent, or at an affiliated location.
Need help with money transmitter compliance?
Fill out the form below and our experts will get back to you.
Special Considerations for Fintech Companies and MSBs
Many fintechs fall into the MSB category. Examples include:
A digital wallet service that allows customers to load cash at retail locations
A crypto ATM operator accepting cash for virtual currency
A money transfer app that facilitates cash deposits or withdrawals
FinCEN has clarified that it treats virtual currency exchangers and crypto ATM operators as money transmitters under the BSA. That means they carry the same CTR filing obligations as traditional MSBs when transactions involve cash over $10,000. Enforcement cases have shown that failing to file in these contexts can result in significant penalties.
In fintech partnerships, responsibility for filing depends on who is considered the financial institution of record. Often, a sponsor bank files CTRs for transactions processed through its accounts. Still, regulators expect fintechs to keep oversight.
Tip: Even if the bank partner is filing CTRs, the fintech should maintain oversight. Regulators may hold both parties accountable if filings are missed.
Common CTR Exemptions and Their Limits
Not every large cash transaction requires a report. Federal regulations allow certain exemptions, such as:
Transactions between US banks
Cash deposits by federal, state, or local government entities
Deposits from publicly traded companies listed on major US exchanges
Banks may also exempt established business customers who routinely deposit cash, provided they meet specific criteria and the bank documents the exemption. However, in practice, most banks use these exemptions sparingly because the administrative burden and risk often outweigh the benefits.
For MSBs and fintechs, exemptions generally do not apply. It is safer to assume that any cash transaction above the threshold will require a CTR unless a clear exemption has been properly established.
Information Required in a Currency Transaction Report
When filing a currency transaction report, institutions must provide detailed information about the transaction and the people involved. FinCEN’s electronic form (Form 112) is structured to capture specific data points that allow regulators to track cash movements consistently across institutions.
The core information includes:
Person conducting the transaction: Full name, address, date of birth, Social Security number (or other taxpayer ID), and an official identification number from a government-issued document such as a driver’s license or passport.
Account owner (if different): If the transaction is done on behalf of another individual or business, their identifying details must also be included.
Transaction details: Date, total amount, whether the transaction was cash in or cash out, and the type of activity (deposit, withdrawal, currency exchange, loan payment, purchase of monetary instruments).
Financial institution information: Name, address, tax identification number, and details of the employee who prepared the report.
Institutions must also note whether the CTR represents multiple transactions aggregated to exceed the $10,000 threshold. Accuracy is essential; incomplete or incorrect information can lead to compliance findings or rejected filings.
For fintechs, the practical challenge often lies in collecting reliable information from customers who may not interact directly with a branch employee. Clear processes for ID verification and integration with partner systems are necessary to make sure required fields are captured without gaps.
How to File a Currency Transaction Report
Filing a CTR is a structured process that follows FinCEN’s reporting requirements. Most institutions use automated systems to flag eligible transactions, but the steps remain the same regardless of size or technology.
Filing Timelines
Firms must file a CTR within 15 calendar days of the transaction. Many institutions aim to file sooner to reduce the backlog and avoid late submissions. Missing the deadline can itself be considered a violation, even if the firm files the report later.
Using the FinCEN BSA E-Filing System
Since 2012, firms must file all CTRs electronically using the BSA E-Filing system. The form requires entering the information described earlier, such as customer details, transaction type, and institution identifiers.
Institutions with higher transaction volumes often integrate their AML software directly with FinCEN’s system to streamline submissions and reduce manual data entry. Smaller fintechs or MSBs may file reports manually through the online portal.
Recordkeeping Requirements
After submission, institutions are required to:
Retain a copy of each CTR for at least five years.
Keep supporting documentation, such as transaction receipts or identification records, linked to the report.
Make records available promptly if requested during an examination or investigation.
For fintechs, coordinating record retention across internal systems and bank partners is critical. Whether managed in-house or through an outsourced compliance team, a clear workflow helps track transactions from detection through filing and storage.
Common Compliance Challenges with CTRs
While the rule itself is simply to report cash transactions over $10,000, the execution presents several challenges for compliance teams.
Structuring and Evasion Tactics
Some customers attempt to avoid CTR filings by splitting cash transactions into smaller amounts, known as structuring. For example, a person might make two $9,500 deposits on the same day or spread deposits across different branches.
Structuring is illegal, and institutions that fail to detect it risk both regulatory penalties and reputational damage. Compliance teams need processes that can identify patterns, aggregate activity, and escalate suspicious behavior for review.
See also:
Data Quality and Transaction Aggregation
Errors in customer information, missing identification numbers, or incomplete transaction details can lead to rejected filings. Institutions must also aggregate multiple cash transactions by or on behalf of the same customer within a single business day.
Gaps in monitoring, especially for fintechs operating across multiple platforms or vendors, can result in missed reports. Automated alerts and regular data validation checks are often necessary to keep information accurate.
Partner Bank and Vendor Dependencies
Fintechs that rely on sponsor banks or third-party vendors face a shared responsibility model. A bank partner may handle CTR filings for certain transactions, but regulators expect fintechs to maintain oversight.
If reports are missed, both parties may be held accountable. That means fintech compliance officers must confirm who is responsible for filing, review reporting practices regularly, and keep evidence of oversight as part of their compliance program.
Misconceptions About Currency Transaction Reports
Customers and financial professionals alike often misunderstand CTR rules. Clearing up these misconceptions helps prevent mistakes in compliance programs.
“Only suspicious transactions require a CTR.”
This is incorrect. CTRs are mandatory whenever cash activity crosses the $10,000 threshold, regardless of whether the funds appear legitimate. Suspicious transactions are handled separately through Suspicious Activity Reports (SARs).
Filing both may be necessary when a transaction is both over the threshold and raises red flags. A key compliance mistake is treating CTRs as discretionary when they are strictly rules-based.
“Depositing exactly $10,000 does not trigger a report.”
The regulation applies to transactions of more than $10,000. In practice, many institutions also file at exactly $10,000 to avoid ambiguity or examiner criticism. Treating $10,000 as a safe limit exposes firms to unnecessary risk, especially since aggregation rules may push the total above the threshold. Examiners often expect a conservative approach, meaning it is safer to report borderline cases rather than argue about technicalities.
“Breaking up deposits avoids reporting.”
This is structuring, which is itself a federal crime. Customers sometimes believe multiple smaller deposits across locations or days can go unnoticed. Institutions that fail to detect or report structuring attempts risk penalties, and employees who assist customers in doing so can be held personally liable. Detecting structuring requires strong monitoring systems and staff training, since it is one of the most common forms of attempted evasion.
“A CTR automatically signals wrongdoing to the IRS or law enforcement.”
Filing a CTR does not mean the customer is suspected of a crime. Most reports are filed on legitimate transactions, such as cash-heavy businesses depositing daily receipts. CTRs simply feed into a national database, where patterns can be reviewed if needed.
Law enforcement may never look at the individual report unless it becomes relevant in a broader investigation. For customers, filing is routine; for institutions, it is about maintaining compliance consistency.
“If the bank partner files CTRs, the fintech doesn’t need to worry.”
Fintechs remain accountable for oversight. When reports are missed, regulators may hold both the bank and the fintech responsible. A strong compliance program requires monitoring and documentation to confirm partner obligations are being met, rather than relying on assumptions.
Even if the partner bank handles submission, fintechs should retain records, perform periodic reviews, and be prepared to show auditors how they manage CTR responsibilities.
Consequences of CTR Non-Compliance
Failing to meet CTR obligations is not treated lightly. Regulators view lapses as weaknesses in a company’s broader anti-money laundering program, and penalties can be significant.
Civil Penalties
Institutions that fail to file or that submit inaccurate reports may face civil money penalties. Fines can run into the tens or hundreds of thousands of dollars per violation, depending on the severity and whether the issue is repeated.
Regulators often consider the adequacy of an institution’s compliance program when setting penalties, which means weak processes can amplify the consequences.
Criminal Penalties
Intentional violations, such as deliberately failing to file CTRs, knowingly allowing structuring, or falsifying information, will bring criminal penalties. Individuals can face fines up to $250,000 and imprisonment of up to five years.
If the violation is tied to another unlawful activity, penalties can double. Both institutions and individual employees may be prosecuted.
Notable Enforcement Cases
Regulators regularly bring enforcement actions to highlight the importance of CTR compliance:
A large US bank paid $390 million in fines for failing to detect and report structuring across multiple branches.
A money services business was penalized for neglecting to file 200+ cash transactions over $10,000 despite clear evidence in its records.
Several cryptocurrency ATM operators have faced enforcement for ignoring CTR obligations, with one of the operators forfeiting over $1 million and other assets, reinforcing FinCEN’s position that virtual asset businesses are not exempt.
For fintechs, these cases illustrate that regulators apply the same standards across traditional and non-traditional institutions. Weak controls, even in a startup environment, can invite the same scrutiny and consequences as lapses at major banks.
See also:
Recent Developments and Trends in CTR Compliance
CTR rules have been stable for decades, but enforcement priorities and technology are changing how institutions manage them. Fintech leaders should be aware of three areas receiving particular attention.
Proposed Changes to the $10,000 Threshold
The $10,000 threshold was set in the 1970s and has not been adjusted for inflation. Policymakers occasionally raise the idea of increasing it, arguing that the current level captures too many routine transactions.
So far, no legislative changes have been enacted, but discussions in Congress and Treasury reports continue to revisit the issue. Compliance teams should monitor these debates, as any adjustment would directly affect reporting volumes.
Cryptocurrency and Digital Asset Considerations
FinCEN has clarified that businesses dealing in virtual currency are treated as money transmitters under the BSA if they accept or dispense cash. That means crypto ATM operators, exchangers, and hybrid fintech models must file CTRs when transactions exceed $10,000.
Enforcement actions, including recent DOJ cases, confirm that regulators are applying these obligations in practice. For fintechs, this is a reminder that digital asset innovation does not exempt a business from traditional cash reporting rules.
Use of Regulatory Technology
Institutions are increasingly adopting regtech tools like Regly to detect transactions that may trigger CTRs. Automated aggregation across branches, channels, or partner platforms reduces the risk of missed filings.
For fintechs with lean teams, outsourcing compliance operations or leveraging third-party monitoring systems can make CTR compliance more practical. Regulators have signaled support for technology that improves data quality and timeliness, as long as institutions maintain accountability for oversight.
Key Takeaways for Fintech Compliance Teams
Currency transaction reports are one of the most routine yet critical filings in US financial regulation. They apply to banks, broker-dealers, MSBs, and increasingly to fintech companies that handle cash or partner with institutions that do.
For fintech compliance teams, CTR rules are strict, not discretionary. Secondly, your oversight responsibilities extend to partnerships. Even if a sponsor bank is the entity of record, regulators expect fintechs to maintain visibility into CTR processes and be able to demonstrate accountability.
For fintechs moving fast in competitive markets, showing that cash reporting is under control can strengthen relationships with banking partners and regulators alike. If your fintech is navigating CTR obligations or broader AML compliance, InnReg can help. Our team combines deep regulatory expertise with a practical, outsourced model, giving you the oversight regulators expect without the overhead of building a full in-house department.
How Can InnReg Help?
InnReg is a global regulatory compliance and operations consulting team serving financial services companies since 2013.
We are especially effective at launching and scaling fintechs with innovative compliance strategies and delivering cost-effective managed services, assisted by proprietary regtech solutions.
If you need help with money transmitter compliance, reach out to our regulatory experts today:
Published on Oct 13, 2025
Last updated on Oct 13, 2025
Related Articles
Featured LinkedIn Posts
