Overview
On August 28, 2024, The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a final rule adding certain “investment advisers” to the “financial institution” definition under the existing Bank Secrecy Act of 1970 (BSA).
The final rule prescribes minimum standards for anti-money laundering (AML) programs, requires filing of suspicious activity and currency reports, and includes other obligations applicable to financial institutions subject to the BSA.
The objective of the rule is to close regulatory gaps in the investment adviser industry and safeguard investment advisers from illicit activities identified by the U.S. Department of the Treasury in the Investment Adviser Risk Assessment conducted in February 2024. The Investment Risk Assessment highlighted numerous cases in which sanctioned persons, corrupt officials, fraudsters, and foreign countries had used investment advisers as an entry point to access the U.S. financial system and launder funds.
Banks have been dealing with AML regulations for decades and continue to invest in maintaining and modernizing their programs. Investment advisers and asset management firms, which had traditionally been excluded from the BSA regulations, will now be held to the same bar.
Key Compliance Date
FinCEN will require investment advisers to implement and comply with the final rule by January 1, 2026. FinCEN has delegated examination authority over investment advisers to the SEC once the requirements are effective.
Investment Advisers Included/Excluded by the Final Rule
The final rule defines the term “investment adviser” to include SEC Registered Investment Advisers (RIAs) and Exempt Reporting Advisers (ERAs), but excludes RIAs that are registered with the SEC solely because they are mid-sized advisers (AUM between USD25 mil to USD100 mil), multi-state advisers, or pension consultants. Also excluded are RIAs not required to report any AUM to the SEC on Form ADV (few RIAs fall within these excluded categories).
Explore expert Integrated Risk Management solutions that solve real-world problems
Understand emerging threats, changing regulations, and evolving technologies – then formulate actionable, pragmatic strategies to reduce risk across the enterprise.
FinCEN has decided to exempt these categories of advisers because their advisory activities and customers are generally lower risk.
For investment advisers with a principal office and business outside of the U.S., the final rule is only applicable if the advisory activity takes place within the U.S. or they provide advisory services to a U.S. person or foreign-located private fund with an investor who is a U.S. person.
Other investment advisers excluded from the final rule include:
- State registered investment advisers.
- Foreign private advisers.
- Family offices.
AML Requirements for Investment Advisers Included by the Final Rule
Investment advisers covered by the final rule are required to develop and implement a risk-based AML program with:
- Written internal policies, procedures, and controls to comply with the requirements of the BSA, along with periodic reviews and updates of policies and procedures.
- A designated BSA/AML Compliance Officer.
- Established BSA/AML employee training programs.
- An independent testing function of the BSA/AML program.
- Risk-based procedures for conducting ongoing customer due diligence.
Other AML/CFT obligations required by investment advisers under the final rule include:
- Filing Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs): Investment advisers are required to file SARs with FinCEN for suspicious transactions and maintain records of all SARs filed. Additionally, investment advisers are required to file CTRs for transactions that exceed USD10,000 in currency and certain negotiable instruments (these transactions are currently being filed on IRS Form 8300).
- Complying with recordkeeping requirements and travel rules: Record and retain originator and beneficiary information for certain transactions and pass this information to financial institutions in certain funds transmittals.
- Responding to Section 314(a) requests: These relate to law enforcement requests, pursuant to Section 314(a) of the USA PATRIOT Act, to locate accounts and transactions of persons that are suspected of money laundering or terrorist financing (ML/TF) activities.
- Conducting special due diligence measures: Investment advisers will be required to maintain due diligence measures that allow them to detect and report on an ongoing basis any suspected ML/TF activities involving a correspondent or private banking account that is established, maintained, administered, or managed in the U.S for a foreign financial institution.
Featured Insight
How Should Investment Advisers Mobilize?
While it may be helpful to reference other financial institutions that are currently covered under the BSA definition (e.g., banks, wealth managers) as a blueprint for implementation, it’s important to be aware that a BSA /AML program should be risk-based. The depth and resources dedicated to an investment adviser’s BSA /AML program may vary between firms and largely depend on their size and business model.
The first critical step in designing an effective BSA/AML program is to perform an ML/TF risk assessment to understand risks associated with a firm’s clientele, products, service delivery methods, and geography. Over the next few months, investment advisers covered by the final rule should also:
- Perform a gap analysis on existing policies, procedures, and controls and remediate areas that are at risk of non-compliance on the effective date.
- Assess whether key third-party service providers such as placement agents, administrators, and custodians support compliance with new BSA requirements, as investment advisers are ultimately responsible.
- Identify other adjacent processes and technologies that may be impacted.
- Determine whether the firm has the appropriate resources, technology, and data to support the new BSA/ AML requirements.
How CrossCountry Consulting Can Help
CrossCountry’s business transformation and integrated risk management experts have the industry and regulatory knowledge to support with:
- Performing an AML/CTF gap analysis and risk assessment.
- Designing a risk and controls framework that’s integrated with the overall risk strategy and other risk areas across firm.
- Assessing technological solutions to automate manual controls in higher risk areas (e.g., name screening), with consideration of cost vs benefits.
- Advising compliance and legal functions on writing AML/CFT policies and procedures.
- Developing and implementing a transition playbook to meet the January 1, 2026 deadline.
- Providing remediation support (e.g., KYC/CDD).
- Designing and delivering employee training for AML/CFT.
To better understand the new rule requirements and position your firm for compliance, contact CrossCountry Consulting.