On August 25, 2015, the U.S. Department of the Treasury's Financial Crimes Enforcement Network (FinCEN) released proposed rules that would require investment advisers that are registered or required to be registered (RIAs) with the Securities and Exchange Commission (SEC) to establish anti-money laundering (AML) programs and report suspicious transactions to FinCEN. The proposed rules also would include RIAs within the definition of "financial institution" in the regulations implementing the Bank Secrecy Act (BSA), thereby requiring RIAs to comply with BSA recordkeeping and reporting requirements applicable to financial institutions.

Under the proposed rules, FinCEN would delegate its authority to examine RIAs for compliance with these regulations to the SEC.

While the proposed rules would not apply to "exempt reporting advisers" (including advisers solely to venture capital funds) or non-US advisers that are not registered with the SEC, FinCEN posed the question of whether the rules should apply to those advisers.

AML Program Requirements

The proposed rules would require RIAs to establish and implement a written AML program that must be approved in writing by the RIA's board of directors or trustees, or, if the RIA is without a board of directors, by its sole proprietor, general partner, trustee or other persons with functions similar to a board of directors. The AML program must cover all advisory activities of the RIA, irrespective of whether the RIA is acting as the primary adviser or subadviser. Advisory activities include management of client assets as well as advisory services that do not involve asset management (e.g., pension consulting, research reports or financial planning), subadvisory services and advisory services to real estate funds.

Specifically, the proposed rules prescribe four minimum AML program requirements. The AML program must:

  • establish and implement policies, procedures, and internal controls based on the RIA's assessment of the money laundering or terrorist financing risks associated with its business;  
  • be independently tested on a periodic basis to ensure compliance and functionality;  
  • designate a person or persons (such as a committee) responsible for implementing and monitoring the operations and internal controls of the AML program; and  
  • provide for ongoing training of employees and other appropriate persons.

The person or persons designated as being responsible for compliance should be knowledgeable and competent regarding FinCEN's regulatory requirements and the adviser's AML risks. Whether the compliance officer is dedicated full time to BSA compliance would depend on the size and type of advisory services the adviser provides and the clients it serves. A person designated as a compliance officer should be an officer of the investment adviser.

For RIAs that are dually registered as broker-dealers, separate AML programs are permitted but not required, provided that the AML program covers all advisory and broker-dealer activities and businesses of the RIA.

The proposed rules allow RIAs to delegate the implementation and operation of their AML program to other financial institutions, agents or third-party service providers, but RIAs remain fully responsible for the effectiveness of the AML program.

Suspicious Activity Reports

In addition, the proposed rules would require RIAs to report suspicious transactions that are conducted or attempted by, at, or through an RIA of at least $5,000 in funds or other assets, by completing and providing a Suspicious Activity Report (SAR) to FinCEN within 30 days of becoming aware of such suspicious transaction. RIAs would be required to assess client activity and relationships for money laundering risks and develop a suspicious transaction monitoring program that is suitable for the RIA in the context of such risks. In circumstances that require immediate attention, including suspected money laundering or terrorist financing schemes, RIAs must notify the appropriate law enforcement authority at once by telephone in addition to submitting a timely SAR. RIAs must keep copies of filed SARs and any underlying documents for 5 years from the date of filing. The proposed rules allow RIAs to delegate their suspicious activity reporting requirements to other financial institutions, agents or third-party service providers.

Reporting and Recordkeeping Requirements

Lastly, the proposed rules would include RIAs within the definition of "financial institution" under the BSA. As a "financial institution," an RIA would be required to comply with certain BSA reporting, recordkeeping and retention requirements, including:

  • the requirement to file Currency Transaction Reports (CTRs) for transfers in excess of $10,000 in currency by, through or to an RIA during a single business day (which would replace an RIA's current obligation to file Form 8300 when cash and negotiable instruments in excess of $10,000 are received);  
  • the recordkeeping and retention requirements for transmittal of funds equal to or in excess of $3,000, subject to certain exceptions (commonly referred to as the "Recordkeeping and Travel Rules"); and   
  • the recordkeeping and retention requirements for extensions of credit and cross-border transfers of currency, monetary instruments, checks, investment securities and credit in excess of $10,000.

Future Rulemakings

While the proposed rules do not impose a customer identification program (CIP) requirement, customer due diligence requirement or certain U.S. Patriot Act requirements, FinCEN anticipates addressing these requirements in future rulemakings. In particular, FinCEN anticipates the CIP requirement will be addressed through a joint rulemaking with the SEC.

Timing

Comments on the proposed rules are due within 60 days after the publication of the proposing release in the Federal Register. Once the proposed rules are published, the 60 day comment period will begin. Under federal administrative procedures, FinCEN is obligated to consider any submitted comments before issuing the final rules.