When the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) quietly proposed a rule a year ago adding registered investment advisors to the definition of “financial institution” for the purposes of anti-money laundering program requirements established by the Bank Secrecy Act, few people outside industry insiders took notice.
However, judging by the impact such AML requirements have had on other, similar financial institutions such as broker-dealers, RIAs may be in for a rude awakening: AML rules have a way of expanding into new and unanticipated areas, creating large enforcement targets for regulators to pursue aggressively.
The proposed rule, which for now would apply only to investment advisors required to be registered with the SEC, would subject investment advisors to the same rules that already require banks, mutual funds, securities broker-dealers and insurance companies to maintain AML programs and file reports of suspicious activities, in order to combat what FinCEN called “money laundering vulnerabilities in the U.S. financial system.”
The text of the proposed rule was published on September 1, 2015, and a public comment period was opened for sixty days. (FinCEN spokeswoman Candice Basso told ThinkAdvisor that FinCEN “is considering public comments as it crafts the final rule” for RIAs.)
The proposed rule would require an investment advisor to develop and implement its AML program within six months of the date the regulation goes into effect, which could be any day now.
Public comment on the compliance timetable was critical of the six-month deadline because of the onerous effects of the law; several commenters suggested that the compliance date should be extended to eighteen months.
Implications for Investment Advisors
The implications of this impending rules change are significant:
Beware of AML Mission Creep: Implementation of compliant AML programs is likely to be burdensome, time-consuming and complex. The requirements to which investment advisors will soon be subject are continually expanding. For example, FinCEN recently extended customer due diligence (CDD) requirements under BSA rules, thus requiring financial institutions to identify and verify the identity of beneficial owners of a legal entity at the time the legal entity opens a new account; develop risk profiles; conduct ongoing monitoring of customers; and establish risk-based procedures for conducting ongoing CDD (more on the new CDD requirements here).
AML Rules Are Ripe for Enforcement: The Financial Industry Regulatory Authority recently indicated that it expects more enforcement cases related to AML in the coming months and years. Recently, FINRA reached a $17 million settlement amid allegations that the settling broker-dealer firm failed to institute adequate AML controls. The AML compliance officer at the firm was also fined $25,000 and suspended for three months for allegedly failing to effectively supervise and screen out suspicious activity. RIAs can expect similarly aggressive enforcement efforts from the SEC and other regulators.
AML Gatekeepers Beware
A speech in April by Brad Bennett, FINRA’s executive vice president of enforcement, is indicative of the regulatory mindset for determining AML liability toward so-called gatekeepers such as AML compliance officers. Top on the list of factors of regulatory concerns are recidivism, the extent to which the officer was involved in or willfully blind to the wrong-doing, whether the individual has taken corrective measures, and the extent of underlying conduct and degree of investor harm.
FINRA’s hard look at AML officers will sound eerily familiar to RIA compliance officers, who heard a similar speech from the SEC’s enforcement chief, Andrew Ceresney.
To stay compliant with the ever-evolving AML requirements, due diligence on clients is crucial. RIAs will have to tailor their programs to the risks inherent in the services they provide. In addition, AML compliance programs should be tested and updated regularly. Employees should receive regular compliance training and designated compliance officers should be diligent in their oversight.
Finally, because FinCEN’s proposed deadline for implementation is only six months from the date the new rule is effective, investment advisors should consider beginning preparation for the new requirements now to ensure they are able to meet the coming deadline.
Margaret Buckles, an attorney with Paul Hastings, contributed