Essential Guide to Investment Adviser AML Compliance Requirements

Understanding AML Compliance Requirements

Overview of the Bank Secrecy Act and its impact on financial institutions

Maintaining the integrity of the financial system is crucial, as the expansion and complexity of investment activities necessitate stronger anti-money laundering measures. The Securities and Exchange Commission (SEC) plays a crucial role in overseeing compliance with regulations, ensuring that investment advisers adhere to AML/CFT requirements.

Effective January 1, 2025, certain registered investment advisers (RIAs) and certain financial institutions must meet minimum anti-money laundering standards as required by the new FinCEN rule.

The Bank Secrecy Act (BSA) will require investment advisers to implement anti-money laundering (AML) and countering the financing of terrorism (CFT) programs to prevent and detect financial crimes. The proposed regulatory changes also introduce the concept of covered investment advisers, emphasizing the need for these advisers to adopt AML and CFT measures to mitigate risks associated with illicit finance and national security threats.

The BSA now applies to a wider range of financial institutions, thereby expanding the definition to include investment advisers under BSA and AML/CFT compliance requirements.

  • Exempt reporting advisers are now classified as ‘financial institutions’ under the BSA by the Financial Crimes Enforcement Network (FinCEN). This classification imposes specific anti-money laundering (AML) and countering the financing of terrorism (CFT) compliance obligations that must be met.

The BSA requires RIAs to report suspicious activity to the Financial Crimes Enforcement Network (FinCEN).

Key components of an effective AML compliance program

  • An AML/CFT compliance program that includes policies and procedures, training, and monitoring and reporting suspicious activity.
  • A risk-based approach to AML compliance, including identifying and assessing customer risks and implementing monitoring controls and processes to mitigate those risks.
  • A designated chief compliance officer to oversee the AML compliance program.

Importance of risk-based approach to AML compliance

  • A risk-based approach to AML/CFT compliance allows financial institutions to focus on the most significant risks and allocate resources effectively.
  • A risk-based approach also helps financial institutions to identify and mitigate risks that are specific to their business and customers.

Investment Adviser AML Obligations

Customer due diligence and know-your-customer requirements for registered investment advisers

  • Registered investment advisers must conduct customer due diligence and know-your-customer (KYC) requirements to verify the identity of their customers and assess their risk profile.
    • (Note: Examples of documentary verification would include obtaining articles of organization for an LLC, or a copy of a driver’s license for an individual.)
  • Recent regulatory changes under the Bank Secrecy Act (BSA) do not mandate the collection of beneficial ownership data for legal entity customers of investment advisers, but future rulemaking efforts will address identification requirements for these customer types.
  • Minimum identifying information should be gathered to satisfy customer identification program requirements including, for an individual, full name, date of birth, physical address, and tax ID.

Suspicious activity monitoring and reporting obligations

  • Monitoring processes can be manual or automated and may involve the use of third-party reports and tools made available by your custodian.
  • Monitoring processes should be sufficient to identify red flags.
  • Investment advisers must report suspicious activity to FinCEN and monitor and report suspicious activity related to their customers.
  • Investment advisers, similar to other covered institutions, must also maintain accurate and complete records of suspicious activity reports, and collaborate with law enforcement government agencies through information-sharing provisions to enhance the efficiency of reporting and combating illicit finance risks.

Annual AML training and compliance program review requirements

  • Investment advisers must provide annual AML training to their employees. Training can be delivered in person or online. Training content must be relevant to the employee’s role and firm risks.
  • All employees should review the AML/CFT compliance manual when hired and at the time amendments are made.
  • The chief compliance officer may consider additional specialized training for AML associates and supervisors.
  • Investment advisers should also designate a compliance manager to oversee the AML training function for new and existing employees.

Implementing and Maintaining an AML Compliance Program

Conducting a risk assessment and developing a compliance program

  • Investment advisers should conduct a risk assessment to identify and assess risks and incorporate this assessment into its compliance program. Risk factors could include: types of customers, locations of customers, method of obtaining customers, and investment activity or proposed activity.
  • The compliance program must include written policies and procedures to address:
    • Identification and verification of customers and beneficial owners, when applicable
    • Training of personnel
    • Designation of persons responsible for the AML program
    • Ongoing customer due diligence
    • Ongoing monitoring of red flags and suspicious activity
    • Reporting of suspicious activity to FinCEN.

Updating policies and procedures for AML compliance

Ongoing reviews and changes to the program are necessary to ensure it captures:

  • Regulatory changes requiring investment advisers to implement AML and CFT measures
  • The implications of subjecting investment advisers to new regulatory requirements under the expanded BSA, which mandates comprehensive AML/CFT programs
  • Regulatory alerts, SEC examination priorities, risk alerts and other regulatory communications
  • Changes to technology/vendors which assist with AML efforts
  • Changes to personnel involved in AML program
  • Changes to firm’s business involving investment products or customers
  • Activity monitoring changes (i.e. processes, frequency, or reports utilized)

Designating a compliance officer and training staff

  • Investment advisers must designate a compliance officer to oversee the AML/CFT compliance program.
  • Investment advisers should also designate other personnel in writing who have AML responsibilities, if applicable.

Best Practices for Investment Advisers

Regularly reviewing and updating the compliance program

  • Investment advisers must regularly review and update their AML compliance program to ensure it remains effective, risk based, and compliant with regulatory requirements.
  • Investment advisers must also review and update their AML/CFT written risk assessment.
  • The AML Compliance Officer should regularly review regulatory communications to ensure the compliance program is current.

Monitoring and reporting suspicious activity

  • Investment advisers must monitor and report suspicious activity related to their customers.
  • Monitoring of activity should be adequate to properly surveil for AML/CFT reg flags given the risk profile of the firm.
  • Investment advisers must also maintain accurate and complete records of suspicious activity reports.

Maintaining accurate and complete records

  • Investment advisers must maintain accurate and complete records of their AML/CFT compliance program, including:
    • written policies and procedures
    • customer due diligence and KYC requirements
    • records of monitoring activities and suspicious activity reports
    • training records
    • independent testing reports

Regulatory Requirements and Compliance

Resources for understanding AML/CFT Program Requirements

  • The Securities and Exchange Commission (SEC) plays a crucial role in overseeing compliance with regulations, ensuring that investment advisers adhere to AML/CFT requirements.
  • Investment advisers must understand and comply with USA Patriot Act, SEC and FinCEN rules and regulations.
  • Department of the Treasury issues “2024 Investment Adviser Risk Assessment” in February 2024.
  • FinCEN issued a Fact Sheet for the new AML/CFT Program rule June 28, 2024.
  • FinCEN issued a final rule Fact Sheet on August 28, 2024 regarding requirements to Combat Illicit Finance and National Security Threats in the Investment Adviser sector.
  • Investment advisers must also comply with other regulatory requirements, including the Investment Advisers Act of 1940 and Regulation S-P.

Conducting regular compliance audits and testing

  • Investment advisers must conduct regular compliance audits and testing to ensure their AML compliance program is effective and compliant with regulatory requirements.
  • Testing should be conducted by an independent party (i.e. someone not involved in performing the AML functions being tested, or reporting to the AML Officer).
  • The frequency of the independent testing would depend upon the money laundering, terrorist financing, and other illicit finance risks of the adviser and the adviser’s overall risk management strategy.
  • Investment advisers should also conduct regular compliance audits and testing to ensure their risk assessment is current and effectively identifying risks as well as mitigating procedures.

Next steps for implementing an AML compliance program

  • Make a list of AML risks, rank those risks (e.g. a numbering system or “high”, “medium”, or “low”), and address how those risks will be mitigated. The framework for completing this assessment could be obtained from a knowledgeable compliance consultant.
  • Begin drafting your AML Compliance Manual, based on a risk assessment, and designed to address all SEC and FinCEN requirements. This should be done with assistance from a compliance expert who is knowledgeable on the Bank Secrecy Act and SEC regulations. If a template is used, it is critical to customize the language so that is clearly addresses your firm’s processes and recordkeeping.

About the Author

Nathan Jodat has over 25 years’ experience in the financial services industry and has performed hundreds of examinations.   Since January 2009, Mr. Jodat has been a compliance consultant performing and overseeing examinations for broker-dealers and investment advisers located throughout the United States. Prior to working as a compliance consultant, Nathan was a Vice President and Regional Supervisor at one of the nation’s largest dually registered investment adviser and broker-dealer. His responsibilities included supervising producing branch managers, compliance/regulatory policy training, preparing branch offices for compliance inspections, and following up on internal audit and regulatory deficiencies.  Prior to being promoted to Regional Supervisor, Mr. Jodat was a Compliance Examiner in New York, NY.  He was responsible for traveling to branches and OSJs throughout the country to conduct compliance inspections as required by FINRA rules. Being one of the nation’s largest full-service broker-dealers, Nathan was responsible for maintaining a high level of regulatory and product knowledge on mutual funds, variable annuities, equities, UITs, REITs, options, commodities, and alternative investments.  Nathan has also held other positions including Operations Manager and Financial Advisor.

Follow on:

About Us

ITA Compliance, formed in 2012, specializes in providing examination services to broker-dealers and investment advisers. These services include FINRA, SEC, and state-required testing and audits, as well as consultative mock regulatory-type reviews. Our examiners have more than 20 years average compliance experience and have conducted hundreds of examinations for small, medium, and large institutions.

To schedule a call, or inquire about our services, please contact us at 617-854-7500 or you may complete the following form: https://itacompliance.com/contact_us.html.

Recent posts