FinCEN advisory flags ITIN accounts in crackdown on illicit payrolls

What happened

On 5 June 2026, FinCEN (the US Financial Crimes Enforcement Network) issued Advisory FIN-2026-A002, jointly with the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, and the National Credit Union Administration, and in coordination with the Internal Revenue Service. The advisory addresses money laundering and fraud connected to the unlawful employment of people not authorized to work in the United States, and the employers who profit from it.

The advisory sets out 18 red-flag indicators. They include a customer who describes themselves as a laborer, opens an account using an Individual Taxpayer Identification Number (ITIN), receives a high volume of checks from multiple companies, then withdraws cash or writes many small checks. Others describe a construction or staffing firm that reports substantial revenue but almost no payroll, and a company less than two years old with no online presence that has the profile of a shell.

FinCEN asks institutions to weigh whether an ITIN presented in place of a Social Security number (SSN) or a valid work-authorization document is a relevant risk factor when a customer opens an account or seeks credit. Where the activity fits the advisory, FinCEN wants the key term FINANCIALINTEGRITY-2026-A002 in field 2 of the suspicious activity report (SAR) and in the narrative. The advisory follows the 19 May 2026 executive order on financial-system integrity that this newsletter logged last week.

Why it matters

The supervisory message is specific. An ITIN, on its own, is not suspicious, but its use in place of an SSN can be one input into a risk assessment. The likely effect is that examiners will expect institutions to show they considered the factor and documented the reasoning, in either direction.

That creates a real tension. ITIN holders include lawful taxpayers, and over-weighting the identifier risks both fair-lending exposure under the Equal Credit Opportunity Act (ECOA) and a wave of defensive de-risking that pushes legitimate customers out of the banking system. The point for compliance leaders is that the advisory does not ask for blanket treatment. It asks for a reasoned, documented assessment, which is harder than a rule but safer.

Practitioner angle

• Add the key term FINANCIALINTEGRITY-2026-A002 to your SAR-writing guidance and brief investigators on the 18 indicators so the typology is recognized at triage, not after the fact.
• Resist converting “ITIN” into a monitoring rule by itself. Build it as one weighted factor alongside the payroll-mismatch and shell-company indicators the advisory actually describes.
• Coordinate with your fair-lending and legal functions before you change any account-opening or credit-decisioning logic, so the AML response does not create an ECOA problem.
• For business customers, the stronger signal is the revenue-without-payroll pattern. Confirm your business-account monitoring can see it.

The single most important step: route this advisory through your financial crime and fair-lending teams together, and agree the documented standard before a frontline officer improvises one.