On August 25, 2015, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) issued a notice of proposed rulemaking (“NPRM”) that would impose certain anti-money laundering (“AML”) requirements on investment advisers.1 In short, the NPRM (1) includes investment advisers within the general definition of “financial institution” under the FinCEN regulations, (2) requires investment advisers to establish AML programs and (3) requires investment advisers to file suspicious activity reports (“SARs”) with FinCEN.
The NPRM came as little surprise to the industry. FinCEN previously published two NPRMs that would have required the establishment of AML programs (the “Previous NPRMs”): the first on September 26, 2002, which would have applied to unregistered investment companies,2 and the second on May 5, 2003, which would have applied to certain investment advisers.3 FinCEN later withdrew the Previous NPRMs, on November 4, 2008.4
Heeding the warning, many investment advisers have already established and implemented AML programs as a matter of industry best practice. Many investment advisers maintain written AML compliance programs that provide for periodic AML trainings for relevant employees and Know Your Customer (“KYC”) procedures. Often times, these AML compliance programs are integrated with sanctions compliance programs, which also are not strictly required under regulations but are expected and necessary as a practical matter.5 In fact, FinCEN stated in its NPRM that it “contemplates that investment advisers would be able to adapt existing policies, procedures, and internal controls in order to comply with the rules FinCEN is proposing today.”6
If the NPRM is finalized into a regulation, however, failure to follow its requirements could form the basis for an enforcement action by the regulators. FinCEN delegated examination authority for compliance with the requirements under the NPRM to the Securities Exchange Commission (“SEC”). Consistent with FinCEN’s initiative, SEC’s Office of Compliance Inspections and Examinations (“OCIE”) has recently signaled that AML compliance is a priority.7 Specifically, OCIE announced earlier this year that it would focus on “firms that have not filed [SARs] or have filed incomplete or late SARs.”8
Much of the requirements contained in the NPRM are similar to the AML requirements that have been instituted on other financial institutions, such as broker-dealers and mutual funds; however, we outline some of the unexpected and interesting aspects of the NPRM below:
- The proposed definition of investment adviser. The proposed definition of investment adviser is “[a]ny person who is registered or required to register with the SEC under section 203 of the Investment Advisers Act of 1940 (15 U.S.C. 80b-3(a)).” Under this current formulation, advisers that qualify for an exemption from SEC registration, such as investment advisers to venture capital funds and certain private fund advisers, would not be included within the scope of the NPRM requirements. Similarly, small, state-registered and foreign private investment advisers, as well as most mid-sized advisers, would not be included. On the other hand, foreign advisers that are required to register with the SEC but have no place of business in the United States would be included within the scope of the Proposed Rule. The Proposed Rule would apply to all advisers registered or required to register with the SEC and would therefore include investment advisers to registered investment companies, financial planners, pension consultants, and entities that only provide securities newsletters and research reports.
- All advisory activity. FinCEN proposes that the investment adviser’s AML program must cover all of its advisory activity, whether the adviser is acting as the primary adviser or a subadviser. FinCEN acknowledged that “requiring an investment adviser to address in its AML program the subadvisory services it provides ... may result in some duplication of effort, such as when the primary adviser is subject to [the NPRM].”9Additionally, as mentioned above, the NPRM requirements would cover other advisory services that do not include managing client assets, such as pension consulting, securities newsletters, research reports and financial planning. The requirements under the NPRM would also apply to any advisory services that an investment adviser provides to any publicly or privately offered real estate fund, without any explicit limitations or exceptions.
- No CIP requirement. The current version of the NPRM does not require investment advisers to maintain a customer identification and verification program (“CIP”). This is a departure from the CIP requirements imposed on broker-dealers, mutual funds, future commission merchants and banks under those respective AML regulations. Institutions that are subject to AML requirements but do not have a CIP requirement include casinos, money services business, insurance companies, credit card system operators, and loan or finance companies. Many investment advisers already conduct some form of CIP or KYC during their onboarding process. Furthermore, as a practical matter, some form of client identification and diligence is necessary to effectively screen for and report suspicious transactions, as proposed under the NPRM. FinCEN reserved the possibility that it could propose a CIP requirement applicable to investment advisers in subsequent rulemakings.
- No SARs information sharing allowed. Under the current version of the NPRM, investment advisers are not permitted to share SARs within their corporate organization structure. This is a departure from the normal rule of construction under the AML regulations applicable to banks, broker-dealers, future commission merchants, mutual funds and introducing brokers in commodities, which provides that SAR information sharing within a firm’s corporate organizational structure is permissible. Additionally, the lack of SAR information sharing seems to be in contradiction to FinCEN’s suggestion that an investment adviser’s AML program could be one component of a parent organization’s comprehensive AML program, as further discussed below.
- The inclusion of investment advisers within the definition of “financial institution.” FinCEN proposed including investment advisers within the 31 C.F.R. § 1010.10(t) definition of “financial institution,” which would require investment advisers to comply with all BSA regulatory requirements generally applicable to financial institutions, including the requirements to file Currency Transactions Reports, the Recordkeeping and Travel Rules, and other related recordkeeping requirements. Other institutions that are subject to AML compliance requirements are not included within the general definition of financial institution, such as insurance companies, credit card systems operators, and loan or finance companies. Broker-dealers and mutual funds are included within the definition of financial institution.
- Comprehensive AML Programs. FinCEN recognized that investment advisers may also be registered with the SEC as broker-dealers or may be affiliated with, or subsidiaries of, entities that are otherwise required to establish AML programs. FinCEN explained that such entities do not have to implement multiple or separate programs as long as the program covers all of the entity’s activities and businesses that are subject to the Bank Secrecy Act. “FinCEN recognizes the importance of enterprise-wide compliance and, therefore, believes it would be beneficial and cost-effective for these types of entities to implement one comprehensive AML program that includes all activities covered by FinCEN’s regulations.”10
- Delegation of duties. FinCEN recognized that some elements of the investment advisers’ compliance programs may be performed by agents or third-party service providers, such as broker-dealers, custodians and transfer agents, “in which case it is permissible for an investment adviser to delegate contractually the implementation and operation of those aspects of its AML program to such an entity.”11 However, FinCEN emphasized that the investment advisers still remains fully responsible for the effectiveness of the program.
Comments on the NPRM are due by November 2, 2015. The NPRM lists a specific set of issues and questions on which FinCEN is seeking public comment. In general, agencies use responses to an NPRM to craft a proposed rule, which is submitted for comment prior to adopting a final rule. Given the delay surrounding the Previous NPRMs, the timing of the rulemaking under this NPRM is uncertain.