New Anti-Money Laundering Rules for Investment Advisers

The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), reissues Notice of Proposed Rule Making to include certain investment advisers in the definition of “financial institution”.

By Alma Angotti, Tracy Angulo, Gene Bolton, Gregory Schwarz

After more than 20 years and multiple iterations, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), has reissued a Notice of Proposed Rule Making (NPRM or proposed rule) to define as financial institutions, and impose Anti-Money Laundering (AML) requirements, on Registered Investment Advisors (RIAs) and exempt reporting advisers (ERAs).1 The issuance of this rule comes at the heels of the 2024 U.S. Treasury Investment Adviser Risk Assessment and the U.S. Strategy on Countering Corruption, which note that the Investment Adviser (IA) industry serves as an entry point into the U.S. market for illicit proceeds associated with foreign corruption, fraud, and tax evasion.2  Additionally, and perhaps more importantly, China and Russia have used IAs and investments into early-stage companies to access services and technology, with “long-term national security implications.”3 If we can take away one thing from this, it is that interrupting funds from foreign illicit activity, from sanction evasion to corruption, is at the forefront of national security priorities.

"The due-diligence process for determining the identity of investors and the source of their funding — similar to the process at banks dealing with high-net-worth clients — would likely be the biggest component for IAs to comply with the new suspicious activity monitoring and reporting requirements."            

—Alma Angotti, Partner, Financial Crime Fraud & Investigative Services

As indicated in the NPRM, the IA industry in the United States consists of a wide range of business models and advisory services, including wealth management, financial planning, and pension consulting. Advisory services can be provided on a “discretionary” or “non-discretionary” basis, however more than 90 percent of RIAs manage client assets on a discretionary basis.4 IAs provide services to a wide range of customers, including retail investors, high-net-worth individuals, private institutions, and governmental entities (including local, state, and foreign government funds).5

Distinct from the previous 2015 Investment Rule, ERAs are now incorporated in the proposed rule, with Registered IAs,  and will be required to establish AML Programs. While many IAs have already started to establish risk-based AML programs, the new rule will establish uniformity in AML obligations and close the gap in U.S. anti-money laundering regulation noted by U.S. Regulators and the Financial Action Take Force (FATF)6 for years.

It should be noted that FinCEN is not proposing to cover state-registered IAs but will continue to monitor activity involving state-registered IAs for indicia of money laundering, terrorist financing, or other illicit finance activities. FinCEN is also proposing to exempt from this rule the activities of mutual funds, as they are already subject to comprehensive AML/CFT obligations under the BSA.



With the proposed rule, the Treasury extends the definition of “financial institution” to include Investment Advisers because IAs engage in activities  similar to, related to, or a substitute for, financial services that other BSA-defined financial institutions (FIs) engage in. IAs would be subject to BSA/AML program requirements and examination by the U.S. Securities and Exchange Commission (SEC). Under the proposed requirements, both RIAs and ERAs would need to:

  1. Implement risk-based anti-money laundering (AML) and counter terrorist financing (CFT) programs based on the core pillars of compliance, which include internal controls, policies and procedures, an employee training program, independent testing and designation of a compliance officer. 
  2. File Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs) with FinCEN.
  3. Maintain originator and beneficiary information for transactions (i.e., comply with the recordkeeping requirements and the Travel Rule).
  4. Comply with information sharing obligations under Section 314(a) of the USA PATRIOT Act.7
  5. Implement special due diligence for correspondent and private banking accounts under Section 312 of the USA PATRIOT Act and special measures under section 311 of the USA PATRIOT Act and 9714(a) of the Combatting Russian Money Laundering Act.8


Key Compliance Considerations for RIAs and ERAs

While the NPRM was only recently published, it was 20-plus years in the making and the industry should finally anticipate a final rule in the upcoming years. IAs can begin to prepare by considering the following:

Development of a Customer Identification Program (CIP) and Customer Due Diligence (CDD) is Recommended…even if not yet Required.
CIP and CDD rule requirements, including identifying and verifying beneficial ownership of legal entity customers, are not in the proposed rule. FinCEN, however, stated that they will promulgate CIP requirements jointly with the SEC in a separate rulemaking. FinCEN also intends to amend and reissue the CDD Rule to bring it into conformance with the Corporate Transparency Act to ensure consistency.

Additionally, regardless of official application of CIP and CDD, Guidehouse advises that the due-diligence process for determining the identity of investors and the source of their funding—similar to the process at banks dealing with high-net-worth clients—would likely be the most critical element necessary for IAs to comply with suspicious activity monitoring and reporting requirements in the proposed rule. CIP and CDD are also necessary to adequately screen customers to comply with the Office of Foreign Assets Control and sanctions laws and comply with Sections 311 and 312 of the USA PATRIOT Act.

Evaluate Protocol to Identify, Escalate, and Report Suspicious Activity
The IA relationship itself is, in many ways, more complicated than other financial relationships due to the number of parties involved, each responsible for different aspects of the customer AML/Know Your Customer (KYC) life cycle. Fund administrators, for example, provide certain services to IAs by maintaining books and records, managing subscriptions, and conducting due diligence on potential investors prior to onboarding. Prime Brokers provide services such as executing trades, settlement and financing to institutional clients, family offices, and hedge funds. Prime Brokers can be banks or broker-dealers and therefore are also subject to existing AML/CFT requirements. Qualified custodians custody investors’ funds and/or securities on behalf of the RIA and generally also maintain their own AML/CFT programs, either under BSA or similar foreign AML/CFT regimes if the custodian is operating outside of the U.S. 
In light of this complex relationship structure, it will be essential for RIAs and ERAs to establish clear lines of communication with other parties involved in servicing their investors, such as fund administrators and custodians to help identify and report suspicious activity. Without careful planning, IAs might miss information about their customer’s activity that would be critical to determining whether they should file a SAR. 

Engage Key Stakeholders
Early engagement of key stakeholders such as the board of directors and senior management is key. Under the proposed rule, each IA’s AML/CFT program would need to be approved by its board of directors or trustees. If the IA does not have a board, the AML/CFT program would need to be approved by the IA’s sole proprietor, general partner, trustee, or other persons that have functions similar to a board of directors.9 Ahead of a final rule, IAs may consider synthesizing pertinent information previously released for its key stakeholders, highlighting any foreseeable impacts on the business. 

Evaluate the Program You Have
If you have, as many RIAs and ERAs have, established an AML program, it will be important to evaluate whether that program is adequately risk-based, whether it meets the new regulatory requirements, and whether it is adequately implemented and sustainable. A risk assessment will be a critical element to ensuring you have the program that mitigates the risk of the business.

How Guidehouse Can Help

Not only do Guidehouse experts have decades experience in the IA and securities industry, but  some of our experts were at FinCEN helping to write rules that affected capital-market participants after the Sept. 11, 2001, terrorist attacks, including the first proposed rule for investment advisers in 2003. To ensure compliance, Guidehouse has a team of experts who are well-positioned to help entities in the IA industry with the following:

  • AML/CFT and Sanctions Program Design, Execution and Management
  • Staffing Assessment and designing Target Operating Models
  • AML/CFT Program and Sanctions Assessments and Remediation
  • KYC Risk Profiling, Risk Appetite, and File Remediation
  • Program Risk Management
  • Strategic Planning
  • Vendor sourcing and governance
  • AML/CFT and Sanctions Training

Contributions to this article: Trisha Gangadeen.

1 Pursuant to the Investment Advisers Act of 1940. ERAs have less detailed reporting requirements than RIAs, are not required to file Form PF, and are not examined by the SEC on a regular basis. SEC Rules Implementing Amendments to the Investment Advisers Act of 1940, Investment Advisers Act Release No. 3221 (June 22, 2011), 76 FR 42950, 42955 (July 19, 2011) and Instructions for Part 1A, Item 5.F of Form ADV.
3 2024 Investment Adviser Risk Assessment
4 Investment Adviser Association, Investment Adviser Industry Snapshot 2022, p. 53 (IAA Snapshot), available at
5 See Part 1A, Item 5 of Form ADV for a list of examples of different types of advisory clients.
6 FATF currently rates the U.S. AML regime as Partially Compliant with international AML and CFT standards. In its last evaluation over seven (7) years, FATF highlighted that the U.S. had minimal coverage for the investment advisement industry and recommended the U.S. continue efforts toward direct application of AML and CFT rules to Investment Advisers. This rule is an attempt, in part, to address FATFs concerns, remediate gaps and avoid negative downstream impacts on the national economy.
7 Section 314 was designed to establish stronger ties between business and federal law enforcement. FinCEN’s regulations under Section 314(a) enable law enforcement agencies, through FinCEN, to reach out to financial institutions to locate accounts and transactions of persons that may be involved in terrorism or money laundering. Additionally, Section 314(b) would allow IAs to request information related to money laundering and terror financing from other financial institutions.
8 According to the NPRM, FinCEN proposes that investment advisers be required to comply with special measures issued pursuant to Sections 311 and 9714(a) to maintain the options available under these sections that protect the U.S. financial system from certain illicit finance threats and to require IAs to meet obligations consistent with obligations imposed on other BSA-defined financial institutions under Sections 311 and 9714 special measures. See 2024-02854.pdf ( Section 311 requires U.S. financial institutions to implement certain “special measures” if the Treasury Secretary finds that reasonable grounds exist to conclude that a foreign jurisdiction, institution, class of transaction, or type of account is a “primary money-laundering concern. Section 9714(a) of the Combating Russian Money Laundering Act allows for similar special measures in the context of Russian illicit finance.
9 See 2024-02854.pdf (

Let Us Help Guide You

Complexity demands a trusted guide with the unique expertise and cross-sector versatility to deliver unwavering success. We work with organizations across regulated commercial and public sectors to catalyze transformation and pioneer new directions for the future.

Stay ahead of the curve with news, insights and updates from Guidehouse about issues relevant to your organization and its work.