Another Step Towards Federal AML Obligations for Investment Advisers
May 20, 2024
Last week, the U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) and the Securities and Exchange Commission (“SEC”) released a joint proposed rule (the “CIP Proposal”)[1] to impose customer identification program (“CIP”) obligations on SEC-registered investment advisers (“RIAs”) and exempt reporting advisers (“ERAs”) pursuant to the Bank Secrecy Act (the “BSA”).
The CIP Proposal would require RIAs and ERAs (together, “Covered Advisers”) to maintain a CIP similar to those required of banks and broker-dealers, with specific requirements to collect and retain records of their customers’ minimum identifying information and to verify the identity of any customer seeking to open an account.
CIP procedures would apply to any “customer” of a Covered Adviser, defined as natural and legal persons who enter into an advisory relationship with a Covered Adviser (typically referred to as “clients” under the Investment Advisers Act of 1940 (the “Advisers Act”)). Under this definition, investors in a private fund advised by a Covered Adviser would not be considered customers.
The CIP Proposal builds on FinCEN’s February 15, 2024 proposal to impose anti-money laundering/countering the financing of terrorism (“AML/CFT”) program requirements on Covered Advisers (the “AML Proposal”), detailed in our previous alert memo.[2] Approximately 15,000 RIAs and 6,000 ERAs could ultimately be covered by the AML Proposal and CIP Proposal, including many advisers that are located outside the United States but have registered (or file reports) with the SEC.
Comments must be submitted on or before 60 days after publication in the Federal Register.
Background
FinCEN has long contemplated imposing AML/CFT obligations on investment advisers pursuant to the BSA, viewing them as playing an important role in safeguarding the U.S. financial system against money laundering, and has proposed to impose AML/CFT program obligations on investment advisers twice before.[3] Although these prior rulemakings were never finalized, more recent developments have drawn renewed political attention towards the role of investment advisers,[4] and in February, FinCEN once again proposed to impose AML/CFT program obligations on investment advisers through the AML Proposal.[5]
The CIP Proposal would address a gap in AML/CFT program obligations left open by the AML Proposal—the requirement for a CIP that meets certain minimum regulatory standards. Under the USA PATRIOT Act, FinCEN is required to prescribe minimum standards for financial institutions to identify their customers in connection with opening new accounts.[6] For certain types of financial institutions, these regulations must be adopted jointly with the financial institutions’ primary Federal functional regulator. By issuing the CIP Proposal jointly with the SEC—the Federal functional regulator for investment advisers—FinCEN is taking another step towards harmonizing investment adviser AML/CFT requirements with those applicable to banks, broker-dealers and other financial institutions under the BSA. Finalization of the CIP Proposal is contingent on finalization of the AML Proposal, because FinCEN and the SEC cannot apply CIP requirements to investment advisers until they are first added to the list of “financial institutions” subject to AML program obligations under the BSA pursuant to the AML Proposal.
The CIP Proposal would not address another significant gap left open in the AML Proposal, which is how investment advisers would be expected to comply with the requirements for certain financial institutions to identify the beneficial owners of their legal entity customers under FinCEN’s 2016 Customer Due Diligence rule (the “CDD Rule”).[7] In the AML Proposal, FinCEN stated that it would delay proposing beneficial ownership identification requirements pending FinCEN’s planned revisions to the CDD Rule that are required as part of its implementation of the Corporate Transparency Act.[8]
Scope of the CIP Proposal
Under the AML Proposal, FinCEN has proposed to define “investment advisers” as an additional class of “financial institution” subject to the BSA, including the requirement under Section 326 of the USA PATRIOT Act for financial institutions to maintain a CIP meeting minimum prescribed standards.
“Investment advisers” would include RIAs and ERAs, defined as:
- Any person who is registered or required to register with the SEC under section 203 of the Advisers Act, and
- Any person who is exempt from SEC registration under section 203(l) or 203(m) of the Advisers Act.
The first prong of this definition covers RIAs and entities that are required to register as an RIA, but have not; the second prong covers ERAs, which consist of venture capital fund advisers and private fund advisers. Notably, other categories of investment advisers that are not required to register are excluded from the CIP Proposal. These include, among others, foreign private advisers, small state-registered investment advisers, and insurance company advisers. It also excludes entities which fall outside the definition of “investment adviser” such as family offices.
Under the CIP Proposal, Covered Advisers would be required to develop and implement a written, risk-based CIP, which would be incorporated into the Covered Advisers’ AML/CFT programs required under the AML Proposal.
If a Covered Adviser is dually registered as a bank or broker-dealer, or affiliated with an entity that is already subject to AML/CFT program requirements under the BSA, a single comprehensive or enterprise-wide program could be adopted to satisfy this requirement, rather than several standalone policies, so long as all relevant businesses and activities subject to BSA requirements are covered, and their particular risks are addressed.
Definition of Customer
The CIP Proposal does not suggest any changes should be made to the traditional view of who a Covered Adviser’s clients/customers are. A customer would be defined as a natural or legal person who enters into a contractual or other business relationship with a Covered Adviser under which the Covered Adviser provides investment advisory services. In the case of advisers to private funds, the CIP Proposal acknowledges that the Covered Adviser would treat the fund as the customer, and that the investors in a fund would not be customers of the Covered Adviser for CIP or other purposes.[9]
CIP Elements
The elements of the CIP that would be required under the CIP Proposal parallel those required of other financial institutions that currently are subject to a CIP obligation. They include:
- Establishing risk-based procedures for collecting and verifying information regarding the identity of customers, to the extent reasonable and practicable, within a reasonable time before or after the customer’s account is opened;
- Obtaining, at a minimum, certain identifying information with respect to each customer before opening an account for the customer:
- Name;
- Date of birth for an individual or the date of formation for any person other than an individual;
- Address; and
- Identification number (for U.S. persons, a taxpayer identification number (“TIN”), and for non-U.S. persons, typically a TIN or passport number);
- Following risk-based procedures to verify the accuracy of identifying information through documentary and/or non-documentary methods;
- Addressing circumstances in which, based on the Covered Adviser’s risk assessment of a new account opened by a customer that is not an individual, the Covered Adviser will obtain information about individuals with authority or control over such accounts in order to verify the customer’s identity if other verification methods do not enable the Covered Adviser to verify the true identity of a customer;
- Addressing circumstances in which the Covered Adviser cannot form a reasonable belief that it knows the true identity of a customer, including:
- When the Covered Adviser should not open an account;
- The terms under which the Covered Adviser may provide advisory services to the customer while the Covered Adviser attempts to verify the customer’s identity;
- When the Covered Adviser should close an account after attempts to verify a customer’s identity fail; and
- When the Covered Adviser should file a suspicious activity report (“SAR”) in accordance with applicable law and regulation;
- Determining whether a customer appears on any designated list of known or suspected terrorists or terrorist organizations provided by any Federal government agency;
- Maintaining records of information used to verify a customer’s identity, including name, address, and other identifying information, while the account remains open and for five years after the date the account is closed;
- Providing adequate notice to customers that the Covered Adviser is requesting information to verify their identities; and
- Specifying when the Covered Adviser may rely on the performance by another financial institution (including an affiliate) subject to a CIP obligation under U.S. federal law, of any procedures of the Covered Adviser’s CIP with respect to any customer of the investment adviser that is opening, or has opened, an account or has established an account or similar business relationship with the other financial institution.
Reliance Relationships
If the CIP Proposal is adopted, Covered Advisers would formally become financial institutions subject to a CIP requirement, such that banks, broker-dealers and other financial institutions subject to CIP requirements could rely on the Covered Adviser to perform CIP procedures without the need to rely on the SEC’s longstanding no-action relief issued to broker-dealers that seek to rely on an investment adviser’s AML procedures,[10] so long as reliance is reasonable under the circumstances and the Covered Adviser agrees to make an annual certification to the relying financial institution regarding its AML/CFT program.
Special Rules for Mutual Fund Customers
Because mutual funds are already subject to CIP under the BSA, the CIP Proposal would not require a Covered Adviser to apply its CIP with respect to the mutual funds it advises, provided those mutual funds maintain a BSA-complaint CIP.
Compliance Date
Covered Advisers would be required to develop and implement a CIP on or before six months from the effective date of the CIP final rule, but no sooner than the compliance date of a final rule implementing the AML Proposal, which is currently proposed to be 12 months after the effective date of that rule, once finalized.
[1] Customer Identification Programs for Registered Investment Advisers and Exempt Reporting Advisers, Release No. BSA-1; File No. S7-2024-02 (May 13, 2024), available here.
[2] AML/CFT Program and Suspicious Activity Report Filing Requirements for Registered Investment Advisers and Exempt Reporting Advisers, 89 Fed. Reg. 12108 (Feb. 15, 2024); Cleary Gottlieb, FinCEN Tries Again . . . to Impose AML Requirements on Investment Advisers (Feb. 22, 2024), available here.
[3] Anti-Money Laundering Programs for Investment Advisers, 68 Fed. Reg. 23,646 (May 5, 2003) (proposed rule); Anti-Money Laundering Program and Suspicious Activity Report Filing Requirements for Registered Investment Advisers, 80 Fed. Reg. 52,680 (Sept. 1, 2015) (proposed rule).
[4] See Senator Jack Reed et al., Comment Letter on Proposed Rule to Require Customer Identification Programs for Registered Investment Advisers and Exempt Reporting Advisers (April 15, 2024), available here; Senator Jack Reed et al., Letter to FinCEN (March 30, 2022), available here.
[5] The comment period on the AML Proposal ended on April 15, 2024, but the rule has not yet been finalized.
[6] 31 U.S.C. 5318(l).
[7] Customer Due Diligence Requirements for Financial Institutions, 81 Fed. Reg. 29398 (May 11, 2016), codified at 31 C.F.R. § 1010.230.
[8] See AML Proposal, 89 Fed. Reg. at 12129; Anti-Money Laundering Act of 2020 §§ 6401-6403 (codified at 31 U.S.C. §§ 5336).
[9] CIP Proposal at pages 45 and 69 (Table 1, footnote 10) (unpublished version).
[10] See, e.g., Letter from Lourdes Gonzalez, Assistant Chief Counsel, Division of Trading and Markets, SEC, to Bernard V. Canepa, Securities Industry Association, dated Dec. 9, 2022; Letter from Annette L. Nazareth, Director, Division of Market Regulation, SEC, to Alan Sorcher, Securities Industry Association, dated Feb. 12, 2004.