New FinCEN Anti-Money Laundering Requirements for Investment Advisers (September 2024)

Nuri ShinFINCEN

New FinCEN Anti-Money Laundering Requirements for Investment Advisers (September 2024)

I. Overview

On August 28, 2024, the Financial Crimes Enforcement Network (“FinCEN”) issued a new Final Rule (the “AML Rule”) imposing anti-money laundering (“AML”) obligations on certain investment advisers who are either registered with the Securities and Exchange Commission (“SEC”, and such advisers, “SEC RIAs”) or are considered “exempt reporting advisers” with the SEC (“SEC ERAs”, and together with SEC RIAs, “Advisers”). In connection with the Final Rule, Advisers will have to affirmatively establish and maintain relatively detailed and robust AML policies, including a requirement to monitor and maintain records of “suspicious activity reports” (“SARs”). FinCEN has delegated the responsibility for enforcement and oversight of the AML Rule to the SEC, and all Advisers will be subject to examination by the SEC in connection with Advisers’ compliance with the AML Rule. The compliance date for the AML Rule is January 1, 2026.

II. Definition of “Investment Adviser” Under the Final Rule

FinCEN has implemented the Final Rule by adding the term “investment adviser” to the definition of “financial institution” as provided by the Bank Secrecy Act (the “BSA”). The term “investment adviser” will include both SEC RIAs and SEC ERAs. It is important for emerging managers to note that investment advisers would typically file as an ERA with the SEC instead of registering with the SEC once they cross the $25MM AUM threshold, in reliance on the “private fund adviser exemption” provided under the Advisers Act for advisers managing under $150MM in AUM. Such SEC ERAs are within the scope of the AML Rule, as such Advisers are claiming ERA status under the Advisers Act (as is most common) and are not registering with the SEC[1].

The scope of coverage of the BSA does not include foreign private advisers who do not have to register or file as an ERA with the SEC under the “foreign private adviser” exemption (typically those foreign advisers managing under $25MM of U.S. capital, as defined in such exemption, among other requirements), excluded family offices, or state-registered investment advisers.

It is further important to note that foreign-located Advisers (i.e. Advisers whose principal office and place of business are located outside the United States) that are not considered “foreign private advisers” are within the scope of the Final Rule. However, the Final Rule will only be applied to (ii) such Advisers’ activities that take place within the United States, including through involvement of U.S. personnel of the Adviser, such as the involvement of an agency, branch, or office within the United States and (ii) advisory services that are provided to U.S. persons or foreign-located private funds that have investors who are U.S. persons.

III. Establishing or Updating AML Programs

Turning to the concrete requirements of Advisers provided under the AML Rule, it is now required that Advisers implement a formal written AML program, which must be approved in writing by its general partner, managing member, board of directors, or similar governing body and make such program available for inspection by FinCEN or the SEC. At a minimum, Advisers will need to do the following:

  1. Designate an AML compliance officer, which is a person responsible for and qualified to implement and monitor the AML program;
  • Develop internal policies, procedures and controls reasonably designed to prevent the Adviser from being used for money laundering, terrorist financing or other illicit financing activities and to achieve compliance with applicable BSA provisions and implementing regulations;
  • Create an ongoing employee training program on AML;
  • Implement an independent audit function to test the AML program. This function can be conducted by either third parties or, alternatively, employees of the Adviser, as long as such employees are not involved in the operation and oversight of the AML programs; and
  • Implement appropriate risk-based procedures for conducting ongoing customer due diligence, which include (i) understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile, (ii) conducting ongoing monitoring to identify and report suspicious transactions and (iii) maintaining and updating customer information.

It is important to note, especially for smaller ERAs, that FinCEN expressly allows the contractual delegation of the implementation and operation of some or all aspects of an Adviser’s AML program to a third-party provider, including a fund administrator. Such fund administrator may be based in the United States or may be a foreign-located service provider, including any providers domiciled in the Cayman Islands.

However, even in the event of delegation of such authority, the Adviser will remain fully responsible and legally liable for, and be required to demonstrate to any SEC examiners, the AML program’s compliance with AML requirements and FinCEN’s implementing regulations. The Adviser will also be required to identify and document the procedures appropriate to address its vulnerability to money laundering and terrorist financing, and then undertake reasonable steps to assess whether the service provider would carry out such procedures effectively. Such oversight measures could include, for example, having the Adviser conduct due diligence on the third party’s AML policies and determining whether they meet the Adviser’s standards; a written agreement with the third party containing appropriate representations and covenants, including that the third party will maintain and adhere to risk-based and reasonably designed AML policies, procedures and controls and update the Adviser if there are any deficiencies identified in the third-party’s audit (if any); and/or having the Adviser periodically monitor compliance with such requirements.

IV. Suspicious Activity Reports

              Further, Advisers are obligated to file and report to FinCEN certain suspicious transactions involving or aggregating funds or other assets of at least $5,000 by filing suspicious activity reports (“SARs”) within thirty (30) days after the date of the detection of such suspicious transaction. Suspicious transactions are those that, among other things: (i) have no business or apparent lawful purpose or (ii) are not the sort in which the particular customers would normally be expected to engage.

              Advisers are also required to implement appropriate risk-based procedures to conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information. Given that fund administrators will often not have the capacity or be in a position to determine SARs on behalf of Advisers, FinCEN has also provided some indicators to Advisers as to what may constitute a SAR. Specifically, some of the types of SARs provided by FinCEN include:

  • transactions designed to hide the source or destination of funds and fraudulent activity;
  • an investor in a venture capital or private equity fund requesting access to detailed non-public technical information about a portfolio company the fund is invested in that is inconsistent with a professed focus on economic return, in a potential case of illicit technology transfer in violation of sanctions, export controls, or other applicable law;
  • using multiple wire transfers from different accounts maintained at different financial institutions or requesting that a transaction be processed in a manner to avoid funds being transmitted through certain jurisdictions;
  • other unusual wire activity that does not correlate with a customer’s stated investment objectives;
  • transferring funds or other assets involving the accounts of third parties with no plausible relationship to the customer, transfers of funds or assets involving suspicious counterparties—such as those subject to adverse media, exhibiting shell company characteristics, or located in jurisdictions with which the customer has no apparent nexus;
  • the customer behaving in a manner that suggests that the customer is acting as a “proxy” to manage the assets of a third party;
  • an unusual withdrawal request by a customer with ties to activity or individuals subject to U.S sanctions following or shortly prior to news of a potential sanctions listing; and
  • potential fraud and manipulation of customer funds directed by the investment adviser, potentially consisting of insider trading, market manipulation, or an unusual wire transfer request by an Adviser from a private fund’s account held for the fund’s benefit at a qualified custodian.

              It should be noted that these examples are not exhaustive, and that FinCEN has directed Advisers that a determination to file a SAR should be based on all the facts and circumstances relating to the SAR and the customer in question.

Advisers are not limited to monitoring just those transactions that are made by direct customers of the Adviser, but also must monitor “all transactions by, at, or through the financial institution.” Examples of such activities include: when an Adviser’s customer provides an instruction to the Adviser for the Adviser to pass on to the custodian (e.g., an instruction to withdraw assets, to liquidate particular securities, or a suggestion that the Adviser purchase certain securities for the customer’s account) or the Adviser instructs a custodian to execute transactions on behalf of its client.

In the event Adviser reports any SARs, Advisers must maintain copies of filed SARs and the underlying related documentation for a period of five (5) years from the date of such filings. However, subject to certain narrow exceptions, no Adviser or employee of such Adviser shall disclose a SAR or any information that reveals the existence of a SAR to any third party that is not FinCEN.

V. Currency Transaction Reports

              Finally, Advisers will be required to file currency transaction reports (“CTRs”) and create and retain records for extensions of credit and cross-border transfers of currency, monetary instruments, checks, investment securities, and credit in amounts exceeding $3,000. Specifically, Advisers must create and retain records for transmittals of funds and ensure that certain information pertaining to the transmittal of funds “travels” with the transmittal to the next financial institution in the payment chain. FinCEN also provided in the Final Rule that RIAs and ERAs be required to report transactions in currency over $10,000. Currently, all investment advisers (including SEC RIAs and SEC ERAs) report such transactions on Form 8300. Under the Final Rule, a CTR would replace Form 8300 for RIAs and ERAs.

VI. Conclusion

              In conclusion, both SEC RIAs and SEC ERAs will now be subject to requirements to: (i) appoint an AML officer, (ii) adopt and comply with formal written AML policies and procedures, (iii) train their employees in such policies, (iv) implement independent audit functions of such policies, (v) implement procedures for customer due diligence, (vi) report suspicious transactions to FinCEN, and (vii) make certain currency transaction reports. They will be subject to examination by FinCEN and the SEC and be required to take certain steps to ensure their own compliance with such policies, including if the Advisers delegate authority for operation and implementation of such AML policies to third parties such as fund administrators. The compliance date for the AML Rule is January 1, 2026.

[1] The Final Rule provides that certain mid-sized Advisers (i.e. those investment advisers who manage between $25MM and $100MM of AUM) are carved out from the definition of “investment adviser” and would thus be exempt from complying with the Final Rule. However, such carve-out would only apply to mid-sized Advisers who are registered or required to register with the SEC, which would not include SEC ERAs.

Next Post

Share this Post