And Just Like That...
Investment Advisers Became Financial Institutions
The Financial Crimes Enforcement Network (FinCEN) in August issued a final rule to help safeguard the investment adviser sector from illicit financial activity, including abuse by criminals, foreign adversaries, kleptocrats, and other money laundering and terrorist financing threats. This final rule adds certain registered investment advisers (RIAs) and exempt reporting advisers (ERAs) to the definition of “financial institution,” obligating them to undertake certain compliance measures and minimum standards under the Bank Secrecy Act (BSA).
The final rule aims to mitigate the risks highlighted by last year’s Treasury Investment Adviser Risk Assessment, which noted numerous cases in which sanctioned persons, corrupt officials, fraudsters, and other criminals have exploited the investment adviser industry to access the US financial system and launder funds. In addition, the Risk Assessment identifies adversarial states such as China and Russia that exploit investment advisers through investment in early-stage companies to access certain technologies and services with national security implications.
Investment advisers and the private funds they advise have been used by Russian oligarchs as an entry point into the US financial system, helping obscure their ownership of US assets. Many of them may not have been sanctioned before Russia’s full-scale invasion of Ukraine, but many of them are also kleptocrats who have misappropriated assets. Treasury’s review of BSA reporting filed between January 2019 and June 2023 identified more than 20 investment advisers in the United States with significant ties to Russian oligarchs or illicit activities.
The Treasury review also identified 60 additional investment advisers located in the United States who managed private funds in which identified Russian oligarchs have invested.
No, there was no indication of illicit activity in the cases that Treasury reviewed, but the risk is significant—both to the investment advisers and to the US financial system.
The transformation
Given all the risks, the final rule adds investment advisers—RIAs and ERAs—to the definition of “financial institution.” And POOF! Just like that, investment advisers have transformed into financial institutions. The rule requires RIAs and ERAs to:
Implement an AML/CFT program
File reports, such as Suspicious Activity Reports (SARs) and Cash Transaction Reports (CTRs), with FinCEN
Comply with the record-keeping rule, which requires financial institutions to maintain records of certain transactions and customer information for five years. and Travel Rule, which requires financial institutions to pass on certain information to the next financial institution, in certain funds transfers that involve multiple financial institutions
Abide by other obligations applicable to financial institutions subject to the BSA and FinCEN’s implementing regulations, such as special information sharing procedures
The deadline for compliance has been extended to January 1, 2026, so RIAs and ERAs have roughly eight months to get compliant.
The challenge
Many investment adviser firms already have at least some AML programs in place, but many will have to start from scratch to establish a risk-based AML/CFT compliance program.
Among other things, they’ll need to appoint an AML compliance officer. They will have to perform due diligence and will have know-your-customer obligations. They will need a customer identification program. They will need to implement a training program for their employees, develop internal policies and procedures addressing their AML policies, and conduct independent reviews of their BSA program to ensure it’s current and identifies risks appropriately.
If it sounds like a lot, it is - especially if your investment adviser firm has no AML processes in place at all. Starting from scratch requires time and resources.
FINRA has a terrific template RIAs and ERAs, as well as other small firms can use as a springboard to kickstart their risk-based AML program, meaning that the program’s AML policies, procedures, and internal controls should be designed to address the risk of money laundering specific to the firm.
What kind of customers does the firm serve? Where are they located? Does the firm already have some AML policies and procedures in place, and if it does, what are they? What are the inherent risks (those that exist before any mitigation measures are taken) and what are the residual risks (risks that remain after AML controls are put in place)?
This “risk-assessment” will not only help ensure that the firm’s AML program is tailored to the company’s real risks, but it can also be a useful tool to demonstrate to regulators that the firm used a reasonable approach to design its AML program.
The big thing is to make sure that the firm projects a “tone from the top” that compliance is mandatory and critical to the firm’s operation. The “tone from the top” is a public commitment to compliance voiced by the Board of Directors and by senior managers. There should be no doubt that the firm is committed to protecting the organization and the US financial system writ large.
An AML Compliance Officer should have full responsibility for the firm’s AML program. They should have a working knowledge of the BSA and its implementing regulations and be experienced and knowledgeable about the intricacies of the BSA, the training requirements for the firm’s personnel, and the filing of appropriate reports, such as SARs when necessary. The Compliance Officer should monitor the firm’s compliance with its obligations under the BSA, overseeing communication and training for employees and ensuring that the firm keeps and maintains all the required AML records.
In other words, it’s not easy, and RIAs and ERAs should start working to implement these fundamental requirements at once.
What happens if they don’t?
The U.S. Securities and Exchange Commission (SEC) in January announced a settlement with investment adviser Navy Capital because they misrepresented their AML procedures. The investment adviser stated in disclosure documents provided to investors that the company was voluntarily complying with AML requirements, although those laws did not specifically apply to investment advisers.
Oops!
That turned out to be not exactly true, and the SEC ordered the investment adviser to pay $150,000 in penalties. No, the firm was not yet legally required to comply with AML laws, but misrepresenting these efforts to investors can leave the firm at risk for regulatory penalties, as well as reputational risk.
In another case in January, the SEC charged LPL Financial a broker-dealer and investment adviser with multiple failures related to its AML program. LPL agreed to pay a civil penalty of $18 million and implement improvements to its AML policies and procedures.
LPL was a broker-dealer, so it already had requirements under the BSA, but I’m bringing this case as a warning. Once the requirements kick in, major penalties can result, and the SEC doesn’t appear to be in a forgiving mood.
Sharing information
The final rule requires that investment advisers abide by the information-sharing provisions of sections 314(a) and 314(b) of the USA PATRIOT Act.
Under 314(a), investment advisers will have to search internal records for specified information on certain accounts, transactions, individuals, and entities upon request from FinCEN.
Under Section 314(b), firms will voluntarily share information with other financial institutions regarding individuals, entities, organizations, and countries that may involve illicit financial activity.
Get ready
There’s a lot to learn and establish, especially if your investment adviser firm doesn’t have any current processes in place to address illicit finance risks.
How to assess risk?
How to conduct due diligence?
What kinds of vulnerabilities does your firm have?
How to mitigate these risks? What kind of training would be most useful?
FinCEN has delegated its examination authority for the requirements of the final rule to the SEC, which is the functional regulator responsible for the oversight and regulation of investment advisers.
And it doesn’t like like the SEC will be in the mood to be generous.
The time to start is ASAP. Get in touch with a professional and start work.
The US financial system is vulnerable to abuse, and investment advisers are a gaping loophole in our anti-money laundering regime.