President Trump Signs Executive Order Directing Federal Financial Regulators to Address Risks to US Financial System Presented by Customer Immigration Status

On May 19, 2026, President Donald Trump signed an Executive Order, “Restoring Integrity to America’s Financial System” (the “Executive Order”). The Executive Order directs the Treasury Department, the Consumer Financial Protection Bureau (“CFPB”), and certain federal functional financial regulators (as defined below) to issue guidance and propose regulatory changes aimed at protecting the American financial system from illicit financial activity, strengthening customer identification and customer due diligence requirements, and addressing the credit risks posed by extending financial services to those without valid work authorization. This Legal Update provides background on the Executive Order, summarizes its key provisions, and discusses potential implications for financial institutions.

Background

The Executive Order declares that “America’s financial institutions serve a critical role in safeguarding the American people against financial fraud and abuse” and states that the Administration “will not tolerate national security and public safety risks caused by illicit cross-border financial activity, nor will it permit risks to our financial system posed by the extension of credit or financial services to the inadmissible and removable alien population.”

In support of these objectives, the Executive Order cites financial trend analyses identifying hubs of fentanyl-related financial activity in the United States tied to Mexico-based cartels, as well as a recent analysis of Chinese money-laundering networks that allegedly used US-based accounts to facilitate the laundering of over $312 billion for criminal organizations. The Executive Order further indicates that lending to individuals without legal work authorization creates a structural “ability to repay” deficiency, because such borrowers face the possibility of loss of wages due to deportation or their employers’ decisions to comply with immigration law, which in turn “undermines the safety and soundness of the national banking system.”

Notably, the Executive Order is less prescriptive than expected, as earlier statements from administration officials indicated that banks would be required to collect proof of citizenship from all customers. Treasury Secretary Scott Bessent recently stated during an interview with Semafor World Economy that an executive order that would require banks to collect citizenship information from customers is currently “in process” and remarked that he does not think such a requirement would be “unreasonable, because: Why don’t we have information on who’s in our banking system?” As issued, however, the Executive Order does not impose a universal mandate requiring banks to collect citizenship or immigration status information from all customers. Instead, it contemplates a risk-based approach under which immigration status information may be sought when other risk indicators are present.

Key Provisions and Timelines for Regulatory Actions

The Executive Order imposes the following directives and deadlines on federal agencies:

1. Treasury Advisory Addressing Red Flags Associated with Non-Work-Authorized Populations (60-Day Deadline)

Within 60 days of the date of the Executive Order (i.e., by mid-July 2026), the Secretary of the Treasury must issue a formal advisory to financial institutions describing specific “red flags and typologies” of suspicious activity associated with non-work-authorized populations and their employers. The advisory must address six categories of suspicious activity:

• Evidentiary patterns of payroll tax evasion by employers or labor brokers.
• Use of foreign-identity documents, nominee accounts, shell companies, or complex “funnel” structures to obscure beneficial ownership or the true nature of payroll disbursements.
• Use of unregistered money services businesses, third-party payment processors, or peer-to-peer platforms for “off-the-books” wage payments intended to bypass Bank Secrecy Act (“BSA”) reporting thresholds.
• Repetitive, sub-threshold cash withdrawals or deposits correlated with payroll cycles outside regulated payroll systems.
• Financial activity indicative of labor trafficking or forced labor, where proceeds are commingled with legitimate business revenue or transferred to foreign jurisdictions.  
• Use of an individual taxpayer identification number (“ITIN”) to obtain credit products or open depository accounts where the applicant lacks verified lawful immigration status.

2. CFPB Clarification Regarding Ability-to-Repay Standards (60-Day Deadline)

Within 60 days of the date of the Executive Order, the CFPB is directed to consider clarifying that potential deportation and the associated loss of wages are factors that could adversely affect a non-work authorized borrower’s ability to repay under the “ability-to-repay” standards set forth in the Truth in Lending Act and Regulation Z. The CFPB must also consider clarifying that lenders may consider such factors as part of a reasonable and good-faith underwriting determination.

3. Federal Guidance Regarding Credit Risks Posed by the Non-Work-Authorized Population (60-Day Deadline)

Each federal functional financial regulator (defined in the Executive Order as the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation, and the National Credit Union Administration) must issue guidance within 60 days of the date of the Executive Order regarding the management of the potential credit risks posed by the non-work authorized population.

4. Proposed Changes to Customer Due Diligence Requirements (90-Day Deadline)

Within 90 days of the date of the Executive Order (i.e., by mid-August 2026), the Secretary of the Treasury, in consultation with the federal functional financial regulators, must propose changes to BSA regulations to strengthen risk-based customer due diligence (“CDD”) requirements. The proposed changes must ensure that institutions collect and verify sufficient customer identity information to identify nominal and beneficial account owners and assess risks related to illicit finance, sanctions evasion, fraud, or other unlawful activity. The proposed rules must also ensure that institutions maintain the authority, where warranted by risk indicators or supervisory concerns, to obtain information necessary to resolve material compliance concerns, including information relevant to immigration status and employment authorization when such information is relevant to assessing risks associated with fraud, identity misrepresentation, sanctions evasion, or other illicit financial activity.

5. Proposed Changes to Customer Identification Program Requirements (180-Day Deadline)

Within 180 days of the date of the Executive Order (i.e., by mid-November 2026), the Secretary of the Treasury and the federal functional financial regulators must consider changes to BSA regulations to strengthen risk-based customer identification program (“CIP”) requirements. The proposed changes should account for the risks that foreign consular identification cards pose to the integrity of the US financial system.

Takeaways

The Executive Order sets in motion a series of regulatory actions that could materially affect compliance obligations under anti-money laundering laws and credit underwriting practices. While the Executive Order stops short of imposing a universal citizenship verification mandate, it will require financial institutions to devote significant attention and resources to implementing the federal functional financial regulators’ guidance over the coming months. Any universal or broadly applicable citizenship verification mandate would require significant changes to existing practices and could adversely impact certain consumer loan programs as financial institutions and potential borrowers evaluate the implications.

Given the compressed timelines—including the 60-day deadline for the Secretary of the Treasury to issue an advisory identifying red flags related to the six enumerated categories of suspicious activity—financial institutions should begin assessing the potential impact of the Executive Order on their operations and compliance programs. Compliance teams may need to quickly incorporate the forthcoming guidance into their existing AML compliance programs, including suspicious activity-monitoring and reporting frameworks, transaction-monitoring systems, and CIP and CDD procedures.

In addition, the CFPB’s potential clarification regarding ability-to-repay standards and the federal functional financial regulators’ credit risk guidance could require lenders to revisit underwriting criteria, particularly with respect to borrowers who do not have a Social Security number. Importantly, while the Executive Order identifies immigration-related risks, lenders must ensure that their practices comply with applicable federal and state fair-lending laws.