Years in the making, on February 13, the Financial Crimes Enforcement Network (“FinCEN”) issued a notice of proposed rulemaking (“NPRM”) to include “investment adviser” (“IA”) within the definition of “financial institution” under the Bank Secrecy Act (“BSA”). FinCEN has posted a fact sheet on the NPRM here.

The NPRM subjects broad categories of IAs to statutory and regulatory anti-money laundering/countering terrorist financing (“AML/CTF”) compliance obligations. FinCEN is accepting comments on the NPRM until April 15, 2024.

Background on IA Regulation

As noted by FinCEN, the IA industry consists of numerous categories of domestic and foreign actors serving a wide range of customers, including retail investors, high-net-worth individuals, private institutions and governmental entities with advisory services, such as portfolio management, financial planning and pension consulting. 

The NPRM proposes to cover two types of IAs.  First, it would apply to registered investment advisors (“RIAs”), which are IAs registered or required to register with the SEC.  Under the Advisers Act, 15 U.S.C. § 80b–1 et seq., only IAs who have at least $100 million in assets under management (“AUM”) or advise a registered IA may register with the U.S. Securities and Exchange Commission (“SEC”). Besides registering with the SEC, RIAs with more than $110 million AUM also must submit a Form ADV and update it annually. RIAs with more than $100 million but less than $110 million AUM may register with the SEC.

Second, the NPRM would apply to “ERAs,” which are IAs that report to the SEC as Exempt Reporting Advisers. An ERA is statutorily exempt from registering with the SEC where: (1) it is an adviser solely to one or more venture capital funds; or (2) it is an adviser solely to one or more private funds and has less than $150 million AUM in the United States. According to FinCEN’s analysis, there are 15,391 SEC-Registered IAs reporting approximately $125 trillion in AUM. 

Other IAs typically register with the state in which the adviser maintains its principal place of business. State-registered IAs generally have less than $100 million in AUM and are required to file a Form ADV with their state regulator. Further, the Advisers Act covers non-U.S. IAs who are IAs with a principal office and place of business outside the United States and who solicit or advise “U.S. persons.”

Background on the NPRM

IAs are critical gatekeepers to the securities market, managing trillions of dollars of assets for their clients. The NPRM notes “the investment adviser industry has seen substantial growth in assets under management and the expansion of new products and services.” In or around 2015, approximately 12,000 RIAs reported approximately $67 trillion in AUM, but these numbers have seen a staggering increase to more than 15,000 RIAs with approximately $125 trillion in AUM as of mid-2023.

And, as FinCEN recognizes, the IA industry is subject to various forms of regulation by both state and federal bodies. For instance, IAs are subject to various reporting obligations under both federal and state law. Additionally, various SEC rules and regulations apply to many IAs governing, among other things, disclosures to clients, marketing, execution strategies and various disclosures. Specifically regarding AML/CFT, many IAs implement policies and practices designed to address AML/CFT risk in certain circumstances or for certain customers. However, despite the outsized role IAs play in providing both domestic and foreign investors access to the American securities market, “[c]urrently, there are no Federal or State regulations requiring investment advisers to maintain AML/CFT programs or records under the BSA, although some investment advisers may do so, for example, if they are also licensed as banks (or are bank subsidiaries), registered as broker-dealers, or advise mutual funds.” Recognizing the regulatory responsibility it shares with SEC to protect the securities market from manipulation and fraud, the NPRM is designed to fill that regulatory space. 

The Threat Assessed

As we have blogged, the Department of the Treasury (“Treasury”), the FBI and the SEC – indeed, the Biden Administration itself – have expressed concerns about money laundering risks posed by the IA industry (see here, here, here and here).  According to the NPRM, Treasury and other federal agencies and law enforcement conducted a thorough study of illicit finance risk in the IA industry. One finding of the study was that 15.4% of Suspicious Activity Reports (“SARs”) filed from 2013 to 2021 identified RIAs and ERAs as a subject in the narrative section of the SAR. Also, the study concluded that in the same time period, the number of SARs filed associated with RIAs and ERAs increased by about 400%, a disproportionately high increase to the overall increase in SARs.

The NPRM highlights three study findings, all with an international factor:

  • IAs “served as an entry point into the U.S. market for illicit proceeds associated with foreign corruption, fraud, and tax evasion;”
  • “certain advisers manage billions of dollars ultimately controlled by Russian oligarchs and their associates who help facilitate Russia’s illegal and unprovoked war of aggression against Ukraine;” and
  • “certain RIAs and ERAs and the private funds they advise are also being used by foreign states, most notably the People’s Republic of China (PRC) and Russia, to access certain technology and services with long-term national security implications through investments in early-stage companies.”

FinCEN found that private funds can be an entry point for illicit proceeds because they can be used to hide the true identities of the investors and source of funds by comingling illicit funds with legitimate funds. For example, the NPRM discusses a case where a bad actor attempted to launder $5 million in bribe payments related to a currency exchange scheme through his IA firm located in the United States.

But the greatest concern appears to be the national security threat posed by adverse nations such as Russia and China seeking to invest in early-stage companies developing technology with national security implications. For instance, FinCEN has observed evidence of wealth management firms assisting members of the Russian elite to invest in public and private U.S. companies involved in the development of biotechnology and artificial intelligence. These investors typically invest through entities domiciled in jurisdictions such as Bermuda in order to conceal the origin of their funds. FinCEN appears concerned about this movement of funds because “[t]he scale of these investments is significant and may include billions of dollars invested for a single Russian oligarch.”

Additionally, FinCEN is concerned that competitors to the United States, “most notably the PRC” “may see private funds as a back door to acquire assets of interest in the United States, such as equity stakes in companies developing critical or emerging technologies.” To underscore the seriousness of this treat, the NPRM posits that the PRC government explicitly endorsed the use of overseas venture capital funds to invest in ‘‘seed-based and start-up technology” by citing to a 2016 PRC State Council notice.

The Rule

Generally stated, the proposed rule would establish AML/CFT requirements for RIAs and ERAs. This means that RIAs and ERAs would be required to implement an AML/CFT program, file SARs with FinCEN, keep records relating to the transmittal of funds (Recordkeeping and Travel Rule), and other obligations. The proposed rule would also apply information-sharing provisions between and among FinCEN, law enforcement government agencies, and certain financial institutions (“FIs”), and would subject IAs to the ‘‘special measures’’ imposed by FinCEN pursuant to Section 311 of the USA PATRIOT Act.

RIAs and ERAs would have to implement a risk-based AML/CFT program, which generally must include the following at a minimum: the development of internal policies, procedures, and controls; the designation of a compliance officer; an ongoing employee training program; and an independent audit function to test programs. FinCEN recognizes that a one-size fits all approach for IAs is not reasonable and that, instead, the risk should be reasonably designed and consistent with the IA’s respective risk profile.

Under the NPRM, RIAs and ERAs would have the same obligation as other FIs to report suspicious transactions that are conducted or attempted by, at, or through the RIA/ERA and involve or aggregate at least $5,000 in funds or other assets by filing SARs. FinCEN notes that compliance with the SAR filing obligation does not relieve RIAs or ERAs of compliance with any other reporting requirement imposed by the SEC.

The Recordkeeping and Travel Rule apply to transmittals of funds equal to or in excess of $3,000. Under the NPRM, RIAs and ERAs would be subject to the same requirements of those Rules as other FIs, meaning obtaining and retaining, among other information, the name, address, and other information about the transmittor and the transaction

Currently, RIAs and ERAs are required to file Form 8300 for the receipt of $10,000 in cash and certain negotiable instruments in the course of business. By including RIAs and ERAs under FIs for purposes of the BSA, RIAs and ERAs would have to file Currency Transaction Reports (“CTRs”) for the same type of transaction.

While the NPRM proposes rules for RIAs and ERAs, it also makes important exceptions. For one, RIAs and ERAs would have a different compliance approach to mutual funds, as FinCEN found that mutual funds posed a lower risk because they are already defined as ‘‘financial institutions’’ under the BSA and, thus already subject to AML/CFT program requirements. Consequently, many of the usual requirements that a RIA or ERA would have to implement do not apply with respect to its activities with a mutual fund under the proposed rule. Also, state-registered IAs are not covered by the NPRM because the risk is also deemed to be low.

Significantly, the NPRM does not include a customer identification program (“CIP”) requirement, nor is it proposing to include within the AML/CFT program requirements an obligation to collect beneficial ownership information (“BOI”) for legal entity customers at this time. FinCEN anticipates addressing CIP via a future joint rulemaking with the SEC because the BSA requires such rulemaking to be done jointly with the federal functional regulator.  As a practical matter, implementing an adequate AML/CFT program and filing required SARs is very difficult, and arguably impossible, unless the FI also performs CIP.

The NPRM explains that FinCEN first has to implement more aspects of the Corporate Transparency Act (the “CTA”). In a nutshell, the CTA requires certain types of domestic and foreign entities to submit specified BOI to FinCEN. We have extensively blogged on the CTA, including more recently here, here and here. FinCEN has issued two of the three rule sets (BOI reporting and access to BOI) with respect to implementing the CTA but has yet to issue the third rule:  revising the Customer Due Diligence (“CDD”) Rule, which requires covered FIs such as banks to obtain BOI from most entity customers, so that the CDD Rule and the CTA align. The NPRM provides that FinCEN anticipates the changes to the CDD Rule will have a significant impact on FIs. Because the requirement to collect and verify BOI is predicated on a CIP requirement, FinCEN is holding off on issuing a proposed rule for RIAs and ERAs regarding the CIP requirement until the agency revises the CDD Rule.  Further, and as we just blogged, a federal district court issued a March 1 ruling that the CTA is unconstitutional, which presumably will affect the timing of CDD Rule revisions.

Finally, FinCEN would delegate its examination authority to the SEC because the SEC has the expertise in the regulation of IAs, is the federal functional regulator, and is responsible for examining IAs for compliance with the Federal securities laws.

Next Steps

FinCEN is taking comments until April 15, 2024. The NPRM also elicited comments regarding the nature and effect of IA activities on money laundering. As the NPRM notes, FinCEN in collaboration with the SEC will issue more guidance at a later time.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.  Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.