Preparing for FinCEN’s New AML Rule: Why Investment Advisers Should Act Now
This marks a significant shift in the anti-money laundering (AML) regulatory landscape, requiring advisers to implement formal AML and counter-financing of terrorism (CFT) programs that will be subject to SEC (Securities and Exchange Commission) oversight.
What’s Required Under the New AML Rule?
RIAs and ERAs will be required to establish and maintain a written, risk-based AML/CFT program that includes elements outside of current industry practices. Below is a brief description of the requirements and new obligations expected of all advisers:
- Risk-based program design
Advisers must adopt an AML/CFT program tailored to the specific risks associated with a firm’s clients, strategies, products, services and geographic exposure. - Designation of an AML Officer
Advisers must appoint a qualified in-house resource to oversee day-to-day AML/CFT compliance. - Employee AML/CFT training
A training program must be created and specifically tailored to highlight employee responsibilities under the new AML/CFT program. - Independent testing
Advisers must conduct periodic testing of the AML program by an independent party (internal audit or external consultant). - Suspicious Activity Reporting (SARs) filing obligations
Advisers will be required to file SARs when appropriate, in accordance with the Financial Crimes Enforcement Network (FinCEN) requirements. - Compliance with the Travel Rule and information sharing obligations
Advisers must implement controls to ensure compliance with the Travel Rule and the USA PATRIOT Act’s Section 314 information-sharing provisions.
Key Dates
The compliance deadline for the new FinCEN AML rule is approaching, ensure you’re prepared:
- Final Rule issued: August 28, 2024
- Compliance deadline: January 1, 2026
Why Advisers Should Act Now
Meeting the Rule’s new requirements will require careful planning and execution. Advisers should begin developing their AML/CFT programs no later than summer 2025 to allow sufficient time for:
- Conducting a risk assessment, which is expected to be a central focus during SEC examinations
- Designing and documenting policies and procedures
- Developing training materials
- Vetting independent testing vendors or internal resources
- Implementing tracking mechanisms for SARs and Travel Rule compliance
Best Practices for Implementation
To navigate the new FinCEN AML requirements successfully, advisers should adopt a systematic approach. The following best practices will guide firms through the process and help ensure compliance.
- Start with a comprehensive risk assessment
Understand your exposure across client types, products, delivery channels and geographies. This assessment will drive the entire AML program. - Leverage existing controls
If your firm already performs certain AML-related tasks (e.g., investor due diligence), identify and incorporate these into your formal program. - Ensure compliance is documented
Regulators will expect thorough documentation, including written policies, procedures, training logs, testing and reports. - Tailor training
Customize training by role (e.g., operations, investor relations, portfolio management) and updated it annually to ensure against stale information. - Establish escalation protocols
Define how SARs will be monitored, documented and evaluated, who makes the final filing decision, and how communications with FinCEN will be handled. - Engage experienced compliance resources
Many firms lack in-house AML expertise. External consultants are able to provide the critical insight and independent testing required for compliance with the new rule.
Common Pitfalls to Avoid
As advisers work to meet FinCEN’s AML standards, certain mistakes can undermine compliance efforts. Below are some key pitfalls to avoid in order to maintain a comprehensive and sustainable AML regulatory framework.
- Relying on fund administrators alone
While administrators may conduct investor due diligence, advisers remain independently responsible for compliance and must assume the duty themselves. - Relying on one-size-fits-all policies
Generic policies often fail to address firm-specific risks. This can lead to compliance gaps and possibly result in findings during examinations. - Delaying risk assessment
Without a timely assessment, your program may lack the necessary foundation for customization and effective implementation. - Neglecting ongoing monitoring
AML programs must evolve with the business; annual reviews and updates are essential. - Failing to train key employees
Training is expected to be practical and role-specific. This goes beyond typical industry-standard compliance training and must be tailored to the firm’s risk profile.
Practical Application Steps for Advisers
Advisers can follow these practical steps to develop and execute a plan for meeting the new AML requirements. These actions will support both operational efficiency and regulatory confidence.
- Appoint an internal working group or project lead to manage implementation.
- Engage a qualified AML consultant to conduct the necessary risk-assessment and help draft your program.
- Map existing compliance processes (e.g., KYC, sanctions screening) to new AML requirements to avoid duplication.
- Create a timeline and testing plan that ensures all aspects of the rule are met by year-end 2025.
- Prepare for mock testing and sample reviews in Q4 2025.
For more detailed information, you can access FinCEN’s official final rule here.
How Waystone Can Help
At Waystone, we recognize that there is no one-size-fits-all approach to compliance. Different investment advisers have varying requirements, fund structures, and areas of focus. Our dedicated team of compliance specialists has extensive experience assisting firms in meeting their FinCEN obligations and implementing tailored AML programs.
Waystone offers a range of AML solutions designed to support investment advisers, regulated funds, and unregulated funds in fulfilling their regulatory obligations, including:
- AML Audits
- Outsourced AML Officers
- Risk Assessments
- Bespoke Customer Due Diligence (CDD) Solutions
- AML Delegate Service
- AML Training
Our solutions are customized to align with each client’s specific needs, ensuring compliance while supporting your broader business objectives.
In addition to our US expertise, Waystone brings global insight and proven methodologies from our established AML teams in the Cayman Islands and Europe. This cross-jurisdictional experience enhances our ability to implement effective AML programs that stand up to regulatory scrutiny.
For implementation guidance or assistance with developing your AML program, please reach out to your usual Waystone representative, or contact us below.