FinCEN Final Rule Brings Investment Advisors Under AML Compliance Framework

The Case

A new FinCEN rule now requires certain investment advisors (RIAs and ERAs) to follow anti-money laundering and counter-terrorist financing (AML/CFT) requirements. This means RIAs and ERAs must establish AML/CFT programs, report suspicious activity, and keep records, with the SEC overseeing compliance. While some advisors already had voluntary programs in place, this rule makes compliance mandatory and firms fully accountable, even when outsourcing AML/CFT operations.  

The rule aims to prevent financial crime and aligns the US with global standards but requires advisors to enhance their compliance efforts, especially regarding due diligence and third-party risk management.

Regulatory Implications

The FinCEN Final Rule imposes the following key regulatory expectations:

Mandatory AML/CFT Programs:

• Investment advisors must implement risk-based AML/CFT programs, including internal controls, customer due diligence (CDD), and enhanced due diligence (EDD) for high-risk clients.

• Programs must be independently tested and supported by employee training initiatives.

Suspicious Activity Reporting:

• Advisors must file Suspicious Activity Reports (SARs) for transactions $5,000 and above deemed suspicious, ensuring compliance with FinCEN's reporting requirements.

Recordkeeping Obligations:

• Maintain records per BSA standards, including Currency Transaction Reports (CTRs) and data-sharing obligations under the USA PATRIOT Act.

Enforcement and Oversight:

• The SEC has been delegated examination authority, reinforcing its role in ensuring compliance and providing FinCEN with actionable oversight data.

Effective January 1, 2026, the rule addresses long-standing regulatory gaps in the investment advisor sector, aligning it with global AML standards.

Practical Guidance for Firms

Investment advisors must take proactive measures to ensure compliance with the FinCEN Final Rule. Here’s how firms can prepare:

1. Conduct a Comprehensive Gap Analysis:

   • Assess current AML/CFT programs against the new requirements.

   • Identify weaknesses in controls, reporting, and risk management frameworks.
     
     

2. Build or Enhance AML/CFT Programs:

   • Develop tailored, risk-based internal policies and procedures to address money laundering and terrorist financing risks.

   • Establish robust CDD and EDD protocols to better understand client profiles and mitigate risks.
     
     

3. Implement Strong Governance Practices:

   • Designate a compliance officer responsible for overseeing AML/CFT initiatives.

   • Ensure independent testing is performed regularly by internal staff or external consultants.
     
     

4. Strengthen Third-Party Risk Management:

   • Review relationships with outsourced service providers to ensure AML compliance activities meet regulatory standards.

   • Establish clear governance and oversight processes for outsourced functions to avoid regulatory liability.
     
     

5. Prepare for SEC Examinations:

   • Develop and document processes for compliance evidence, including SAR filings and AML program details.

   • Train staff on the new rule’s requirements to ensure readiness for potential examinations.
     
     

6. Monitor Related Rulemakings:

   • Stay informed about anticipated rules regarding Customer Identification Programs (CIP) and beneficial ownership requirements, which may affect AML/CFT compliance in the future.

InnReg provides investment advisors with tailored solutions to navigate these new compliance obligations. Contact us today to learn more about our services.