O’Melveny Worldwide

FinCEN Issues Final Rule Expanding AML Requirements to Investment Advisers

September 11, 2024

After two decades of prior iterations, on August 28, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued a final rule requiring certain investment advisers to establish anti-money laundering/countering the financing of terrorism (AML/CFT) programs, file reports with FinCEN, and follow certain recordkeeping and information-sharing procedures (Final Rule). The Final Rule largely tracks the proposed rule released in February, though FinCEN adopted a narrower definition of “investment adviser” than originally proposed and made several other changes in response to public comments. The rule takes effect on January 1, 2026.

Investment Advisers Covered by the Rule

The Final Rule narrows the definition of “investment adviser” to include:

  • Investment advisers registered or required to register with the U.S. Securities and Exchange Commission (SEC), also known as registered investment advisers (RIAs); and
  • Investment advisers that must report certain information to the SEC but are exempt from SEC registration, known as exempt reporting advisers (ERAs).

The Final Rule, however, excludes:

  • RIAs that register with the SEC only because they are mid-sized advisers, pension consultants, or multi-state advisers.
  • RIAs that are not required to report any assets under management (AUM) to the SEC on Form ADV.
  • State-registered advisers.
  • Foreign private advisers or family offices.
  • The non-U.S. advisory activities of RIAs or ERAs that have a principal place of business outside the United States. For these entities, the final rule only applies to advisory activities that (1) take place within the United States or (2) entail providing advisory services to a U.S. person or a foreign-located private fund with a U.S. investor.

AML/CFT Program Requirement

The Final Rule expands the definition of “financial institution” under the Bank Secrecy Act (BSA) to include “investment advisers” (the RIAs and ERAs described above) thereby imposing on them the BSA’s AML/CFT program requirements.

The program must be risk-based and reasonably designed to prevent third parties from using the investment advisers for illicit finance activities such as money laundering, fraud, and terrorist financing.1 The program must be approved in writing by the investment adviser’s board of directors/trustees or a comparable authority, and the program will be subject to inspection by FinCEN and the SEC.

Scope of the AML/CFT Program Requirement

  • The AML/CFT program requirement applies to RIAs and ERAs who act as primary advisers or provide sub-advisory services. However, a subadviser may exclude from its program another investment adviser to which it provides subadvisory services where the subadviser has a direct contractual relationship with the primary adviser and not with the primary adviser’s underlying customer.
  • An RIA or ERA may delegate the management of the AML/CFT program to a third party, but the adviser remains liable for compliance with BSA and FinCEN requirements.
  • An RIA that is dually registered with the SEC as a broker-dealer, or is a bank or bank subsidiary, may either create a separate AML/CFT program or participate in an enterprise-wide AML/CFT program that covers all of the entity’s activities subject to the BSA. The same option applies to RIAs or ERAs that are affiliated with or a subsidiary of another entity.

Required Elements of a Risk-Based AML/CFT Program

Under the AML/CFT program requirement, an RIA or ERA must:

  • Establish and implement internal policies, procedures, and controls reasonably designed to prevent illicit finance activities.
  • Provide for independent testing of the program by the investment adviser’s personnel or a qualified outside party. The final rule clarifies that a person involved in implementing the program may not participate in testing the program.
  • Designate one or more persons to implement and monitor the program.
  • Provide for ongoing employee training.
  • Implement risk-based procedures for performing ongoing customer due diligence (CDD), in accordance with FinCEN’s CDD Rule.2

Reporting Obligations

Under the Final Rule, RIAs and ERAs must:

  • File Suspicious Activity Reports (SARs) on suspicious transactions conducted or attempted by, at, or through an investment adviser, involving or aggregating to at least $5,000, and that the adviser knows, suspects, or has reason to suspect involved funds derived from illegal activity, is designed to evade reporting requirements, has no business or apparent lawful purpose, or involves the use of the investment adviser to facilitate criminal activity.
  • Maintain copies of filed SARs and underlying documentation for five years.
  • File a Currency Transaction Report (CTR) for each transaction involving a transaction or transactions, during one business day, that involve or aggregate to more than $10,000 by, through, or to the adviser. This replaces the requirement to report such transactions on Form 8300.

Recordkeeping Requirements

The Final Rule requires RIAs and ERAs to:

  • Comply with the BSA’s Recordkeeping and Travel Rules.
  • Maintain records for extensions of credit and cross-border transfers of currency, monetary instruments, checks, investment securities, and credit in amounts above $3,000.

Information Sharing, Special Due Diligence, and Special Measures Under the PATRIOT Act

The Final Rule subjects RIAs and ERAs to FinCEN rules under the USA PATRIOT Act governing information-sharing processes among FinCEN, law enforcement, regulators, and financial institutions to identify money laundering or terrorist activity. These processes are known as the 314(a) and 314(b) programs. Moving forward, RIAs and ERAs should expect increased contact from FinCEN in support of law-enforcement investigations as well as from other financial institutions. 

The Final Rule also makes RIAs and ERAs subject to FinCEN rules under the PATRIOT Act that create special due-diligence and special-measures requirements for correspondent and private banking accounts involving foreign persons.

Delegation of Examination Authority to the SEC

FinCEN will delegate to the SEC the authority to examine RIAs and ERAs for compliance with the new requirements.

Considerations

With an effective date of January 1, 2026, covered investment advisers will need to act promptly to create and implement risk-based AML/CFT programs. Creating or updating an existing AML/CFT program to comply with the Final Rule will require significant time and expertise. Our O’Melveny team—including several members who have significant experience with AML/CFT programs from their tenure at both FinCEN and the SEC—can help.

1 FinCEN separately published a proposal to amend AML/CFT program requirements on July 3, 2024. This Final Rule does not reflect those proposed amendments that include, among other things, a mandatory risk assessment. See Anti-Money Laundering and Countering the Financing of Terrorism Programs, 89 Fed. Reg. 55428 (proposed July 3, 2024). 
2 Consistent with the proposed rule, the final rule does not require advisers to comply with the first two elements of the CDD Rule—customer identification programs (CIPs) and beneficial-owner verification. In May, FinCEN and the SEC jointly proposed CIP obligations for RIAs and ERAs. See Customer Identification Programs for Registered Investment Advisers and Exempt Reporting Advisers, 89 Fed. Reg. 44571 (proposed May 21, 2024). Expect FinCEN and the SEC to finalize this CIP rule in the coming months.

This memorandum is a summary for general information and discussion only and may be considered an advertisement for certain purposes. It is not a full analysis of the matters presented, may not be relied upon as legal advice, and does not purport to represent the views of our clients or the Firm. Tracie Ingrasin, an O’Melveny partner licensed to practice law in New York; Michele W. Layne, an O’Melveny of counsel licensed to practice law in California; AnnaLou Tirol, an O'Melveny partner licensed to practice law in California and the District of Columbia; Waqas A. Akmal, an O'Melveny counsel licensed to practice law in California; and Danny Hirsch, an O'Melveny associate licensed to practice law in California, contributed to the content of this newsletter. The views expressed in this newsletter are the views of the authors except as otherwise noted.

© 2024 O’Melveny & Myers LLP. All Rights Reserved. Portions of this communication may contain attorney advertising. Prior results do not guarantee a similar outcome. Please direct all inquiries regarding New York’s Rules of Professional Conduct to O’Melveny & Myers LLP, 1301 Avenue of the Americas, Suite 1700, New York, NY, 10019, T: +1 212 326 2000.

Related Professionals

Tracie Ingrasin
Partner
D: +1 212 326 2026
Michele W. Layne
Of Counsel
D: +1 213 430 6004
AnnaLou Tirol
Partner
D: +1 202 383 5342
Waqas A. Akmal
Counsel
D: +1 213-430-8398
Danny Hirsch
Associate
D: +1 213 430 6317
Related Practices
Asset Management
Corporate Social Responsibility & Sustainability
Financial Services Regulation
National Security
Regulatory & Advisory
Securities Regulation