Banking managers, chief financial officers , and politicians are increasingly voicing their concerns about the ‘excessive’ burden imposed by compliance with Sarbanes–Oxley (SOX) Act, Bank Secrecy Act/Anti-Money Laundering (BSA/AML), and Interagency Supervisory guidance on operational risk advanced measurement approaches (AMA). The underpinnings of the banking regulations — FDICIA, SOX, AMA, and BSA/AML — are all, however, based on the organisation's internal control structure, and provide a solid framework for enterprise-wide management of operational risk and capital. The Intelligence Reform and Terrorism Prevention Act of 2004, ACH Guideline changes, Check 21, and increasing competition through technology-based products and services are part of the larger picture of evolving threats and increasing change in the industry that are challenging the banking managers to take a holistic approach to enterprise-wide risk management. In the current environment of corporate scandals and public distrust, the investor community will use the integrated compliance framework to differentiate between adopters and nonadopters of good corporate management practices. This paper highlights the regulatory overlaps and inherent leveraging opportunities in the compliance practices, and points out the competitive advantage to progressive banking institutions. It includes a personal view for implementing integrated enterprise-wide operational risk management leveraging on existing compliance practices, and outlines regulatory Guidelines for information technology controls and BSA/AML compliance. The paper explores how the compliance requirements are changing the emphasis of corporate governance and finance functions in banking institutions.