New FinCEN Rule: Long-Awaited AML Requirements for RIAs Is Here

As the registered investment advisery sector continues to grow, so do regulatory expectations. Effective in 2026, registered investment advisers (RIAs) will be considered “financial institutions” (FIs) according to a final rule recently issued by the Financial Crimes Enforcement Network (FinCEN).

The final rule1 will require that most RIAs and exempt reporting advisers (ERAs) to comply with anti money laundering (AML) and counter-terrorist financing (CTF) requirements effective January 1, 2026. This article will explore FinCEN’s attempts to require RIAs to be subject to AML requirements, the 2024 Investment Adviser Risk Assessment2 that the final rule regularly cites, and the requirements of the final rule issued on August 28, 2024.

U.S. AML Framework Gaps

The Financial Action Task Force (FATF) is an internationally recognized organization that leads global action to tackle money laundering and terrorist and proliferation financing. FATF has pointed to gaps in the U.S. AML framework, particularly regarding a need for more comprehensive AML requirements for RIAs.

In its 2016 evaluation of the U.S., FATF noted that while the U.S. had a robust AML framework in many areas, the absence of AML obligations for RIAs and other nonfinancial businesses and professions posed significant risks. FATF’s concerns are centered around investment advisers being used as conduits for money laundering without proper oversight. FATF highlighted that RIAs, which manage trillions of dollars in assets, were not subject to the same stringent AML rules as banks or broker-dealers, leaving a potential loophole for illicit activities like money laundering and terrorist financing. The organization recommended that the U.S. close this gap to strengthen the overall integrity of its financial system.

Third Time Is a Charm for FinCEN

FinCEN has made multiple attempts to impose AML requirements on RIAs. These repeated attempts reflect the agency’s recognition of the risks posed by the lack of AML regulations in the investment adviser sector and its ongoing efforts to close this regulatory gap.

The first significant effort was in 2003, when FinCEN proposed a rule to extend AML obligations to RIAs. However, this proposal was eventually withdrawn following concerns from the industry that investment advisers were already subject to extensive regulation under the U.S. Securities and Exchange Commission (SEC).

In 2015, FinCEN tried again by issuing a Notice of Proposed Rulemaking that would have required RIAs to establish AML programs and report suspicious activities. This proposal was part of an effort to address vulnerabilities in the financial system later highlighted by FATF. However, the rule never advanced to the final stage.

Six years later, in response to the increasing focus on money laundering risks in the investment adviser sector, mainly related to the growth in assets under management (AUM) and private fund management, FinCEN included RIAs in its 2021 U.S. Strategy on Countering Corruption, emphasizing the need for enhanced oversight. That led to FinCEN finalizing the new AML rule in August 2024 that formally brings RIAs under the Bank Secrecy Act’s (BSA) AML requirements.

Impetus of Final Rule Adoption

FinCEN’s 2024 Investment Adviser Risk Assessment highlights several key risks and vulnerabilities associated with the investment adviser sector. The assessment, which laid the groundwork for the 2024 final rule, was part of an effort to recalibrate the regulatory environment and protect the sector from being exploited for illicit financial activities. The assessment highlighted the following:

1. The report found that sanctioned individuals, corrupt officials and tax evaders used investment advisers to access U.S. financial markets. They often aimed to invest in securities, real estate and other assets, exploiting the industry’s AML supervision gaps.
2. FinCEN found instances where foreign adversaries, including individual from countries like China and Russia, used investment advisers to invest early-stage companies. This allowed them access to sensitive technologies and information, posing a national security risk.
3. The sector has nearly doubled since 2015, with total AUM reaching unprecedented levels. Without corresponding AML/CTF measures, this expansion increased the sector’s exposure to money laundering and terrorist financing risks.
4. Although some advisers voluntarily implemented AML measures or did so under contractual obligations or affiliations with other institutions (e.g., broker-dealers or banks) with an AML compliance requirement, many investment advisers lacked comprehensive programs. This absence of standardized compliance made the sector vulnerable to exploitation by bad actors.
5. The assessment emphasized the need for stronger customer due diligence (CDD) measures, particularly in identifying the beneficial owners of legal entities.

Final Rule Highlights

The newly adopted rule marks a significant shift, requiring these advisers to establish robust AML/CTF programs, which had previously been mandatory for other FIs, such as banks and broker-dealers, but not for RIAs. Some key elements of the rule are as follows:

1. The rule formally designates SEC-registered investment advisers and ERAs as FIs under the BSA, subjecting them to AML/CTF regulations. They will be considered covered advisers. It excludes state-registered investment advisers, family offices and certain foreign private advisers, though FinCEN will continue monitoring these entities for future risks.
2. Covered advisers must create a risk-based AML program tailored to their business risks. The program should include internal policies, independent testing, a designated compliance officer, employee training and CDD procedures. In addition, advisers must file suspicious activity reports (SARs) and currency transaction reports (CTRs) for transactions exceeding certain thresholds (e.g., $10,000 for CTRs).
3. Covered advisers are required to maintain comprehensive records of fund transmittals and confirm that relevant information travels with the transactions. This creates a clear audit trail, especially in cases involving more than $3,000.
4. Advisers must now respond to law enforcement requests to help track accounts and transactions suspected of involvement in money laundering or terrorist activities pursuant to Section 314(a). Voluntary information sharing under Section 314(b) is also encouraged.
5. The rule extends its reach to foreign-located advisers with significant U.S. ties, such as those serving U.S. investors or managing private funds with U.S. investors. However, purely foreign clients of non-U.S. advisers are excluded.

Impact of New AML Requirements for RIAs

Advocates of the new AML rule for RIAs highlight several key benefits, which include closing gaps in the U.S. financial system that bad actors could exploit. This rule aims to strengthen safeguards by requiring advisers to implement AML/CTF programs. Doing so would help prevent illicit finance from flowing through advisery channels, reducing the risk of terrorism financing and other illegal activities.

Supporters emphasize that the rule is designed to be risk-based, meaning that advisers can tailor their compliance programs according to the specific risks associated with their business model and client base. This allows firms to allocate resources efficiently, focusing on higher-risk areas while maintaining reasonable compliance efforts in lower-risk operations.

Lastly, by mandating stronger CDD and reporting suspicious activity, investment adviser industry advocates say the rule bolsters the integrity of U.S. financial markets. It aims to enhance transparency and accountability, which could, in turn, benefit investors and strengthen trust in the investment adviser sector.

Some concerns in the investment adviser industry about the new rule center around the operational impact of the increased compliance requirements (especially for smaller RIAs and ERAs with limited compliance infrastructure). Advisers covered under the new rule will need to develop robust AML/CTF programs, conduct independent testing and fulfill reporting obligations such as filing SARs. Firms may need to invest in additional internal and external compliance resources to meet these requirements.

In addition, some industry participants have expressed a need for more clarity and guidance around the rule’s scope, particularly in defining which transactions require SARs.

Despite some of the concerns raised, many in the industry recognize the importance of the rule in addressing potential AML risks and preventing bad actors from exploiting regulatory oversight limitations in the investment adviser sector.

Going Forward

The adoption of the AML requirement for RIAs has long been discussed. FinCEN’s new AML compliance rule for registered investment advisers is largely seen as an enhancement to the U.S. AML framework. Considering the extensive requirements for RIAs under FinCEN’s new AML rule, advisers may require additional internal and external resources to comply ahead of the January 2026 deadline.

Read the full article at ACAMS Today.