Recent FinCEN Proposal
In August 2015, the Financial Crimes Enforcement Network (FinCEN) proposed a new rule that would require investment advisers to establish anti-money laundering (AML) programs and file suspicious activity reports (SARs) pursuant to the Bank Secrecy Act (BSA). The full details of the proposal can be found here. If adopted, it would impose much stricter AML requirements on registered investment adviser (RIA) firms.
The comment period on the rule ended on November 2, 2015 and as of yet no final rule has been announced. As the rule presently stands, It would only apply to RIA firms registered with the Securities and Exchange Commission (SEC), but it is possible that state regulators will also adopt similar rules in the event the federal rule is implemented. However, a similar proposal was made in 2003 and subsequently withdrawn in 2008, so whether, when, and in what format the rule will be implemented remains to be seen.
Current AML Regulations for RIA Firms
There is no current anti-money laundering rule that applies specifically to investment advisers. Though adviser indictments for money laundering are not unheard of, there are presently no specific laws or regulations of which an RIA might run afoul for not implementing a robust AML program as it pertains to its clients. AML is considered the domain of “financial institutions” and its legal burden general falls on an investment advisory firm's custodian, not on the RIA itself.
Despite the lack of specific requirements, some state and SEC regulators will expect to see an AML policy included in an investment adviser's policies and procedures manual along with evidence of its implementation. It is unfortunately a bit of a gray area – there is no written rule, and different examiners may have different perspectives on an advisory firm's role in preventing money-laundering – but a deficiency letter is certainly a possible result of an examination when no AML program exists.
It's also very important to note that while an investment advisory firm's custodian may have the ultimate responsibility in regards to AML, it's possible that the custodian may require RIA firms to fulfill certain obligations. Though the contractual terms may be vague (“compliance with anti-money laundering rules”), an RIA may be obligated via its custodial contract to adhere to the same AML rules to which its custodian must adhere.
Our Recommendation as RIA Compliance Consultants
Given the lack of a specific rule, uncertainty surrounding the implementation of FinCEN’s proposal and the potential costs of implementing a robust AML program, what is an RIA firm to do?
While many of the rules that comprise RIA compliance are fairly cut-and-dry, anti-money laundering is an exception. Every advisory firm is suggested to take a “risk-based” approach that factors in its own risk level based on the advisory services it provides as well as the risk levels of its clients and prospects. A well-crafted AML policy will outline the standard information the firm will collect of clients and how those records will be kept, address potential “red flags” for which the firm will be on the lookout, and provide a policy that outlines the firm’s various duties depending on the situation.
Though the development of an AML program may seem intimidating and costly, the basic identification and record keeping requirements for a traditional RIA firm may be quite minimal and not much more onerous that what the firm is already doing in the normal course of business – collecting a client’s name, date of birth, address and phone number, social security number, and a description of his or her business or primary source of funds. Only if an RIA spots “red flags” – such as a client who refuses to provide basic identification or has no explanation for its source of funds – would it be possibly be necessary to take specific action, including refusing to open an account or filing a Form SAR-SF.
Unless and until a specific rule is implemented, we caution the Chief Compliance Officer (CCO) every of investment advisory firm to use their best judgment when approaching AML. Have procedures to address “red flag” situations, but keep in mind that anti-money laundering is not one-size-fits-all and that policies can and will differ based on the specific risk levels of individual firms.