On August 28, 2024, Financial Crimes Enforcement Network (FinCEN) issued a final rule (the “Final Rule”) that imposes comprehensive anti-money laundering and countering the financing of terrorism (“AML/CFT”) requirements on SEC-registered investment advisers and exempt reporting advisers (collectively, “Investment Advisers”).  In view of the Final Rule’s January 1, 2026 compliance date (the “Compliance Date”), this eUpdate highlights key aspects of the Final Rule, and discusses what Investment Advisers should do to prepare for compliance.

Key Aspects of the Final Rule

Under the Final Rule, Investment Advisers will be required to:

  • Design and implement a risk-based AML/CFT program that shall at a minimum:
    • Establish and implement internal policies, procedures, and controls reasonably designed to prevent the Investment Adviser from being used for money laundering, terrorist financing, or other illicit finance activities and to achieve compliance with the applicable provisions of the Bank Secrecy Act and implementing regulations; 
    • Provide for independent testing for compliance to be conducted by the Investment Adviser’s personnel or by a qualified outside party;
    • Designate a person or persons responsible for implementing and monitoring the operations and internal controls of the program;
    • Provide ongoing training for appropriate persons; and
    • Implement appropriate risk-based procedures for conducting ongoing customer due diligence, to include, but not be limited to:
      • Understanding the nature and purpose of customer relationships for the purpose of developing customer risk profiles; and
      • Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information;
  • File Suspicious Activity Reports (“SARs”) and Currency Transaction Reports (“CTRs”) with FinCEN; and
  • Keep certain records, such as those relating to the transmittal of funds.

According to the Final Rule release, Investment Advisers should review customer agreements for existing clients to understand the nature and the purpose of the customer relationship in order to develop a customer risk profile and to identify and report suspicious activity on a risk basis.

Under the Final Rule, Investment Advisers may contractually delegate the implementation and operation of certain aspects of their AML/CFT program to a third party, such as a fund administrator.  However, Investment Advisers will remain fully responsible and legally liable for the program’s compliance with the Final Rule.

Dorsey Observations

How to Prepare for Compliance

Investment Advisers should consider taking the following steps to prepare for compliance with the Final Rule in advance of the Compliance Date:

  • Develop and adopt an AML/CFT program, including policies and procedures, in accordance with the Final Rule.
    • The program must be approved in writing by the Investment Adviser’s board of directors or, if the Investment Adviser does not have a board of directors, by its sole proprietor, general partner, trustee, or other persons that have similar functions.
  • Appoint an AML/CFT compliance officer to implement and monitor the program.
  • Conduct a gap analysis of existing AML/CFT practices, including those outsourced to a third party such as a fund administrator, against the requirements of the Final Rule.
    • For example, Investment Advisers should assess the adequacy of their know your customer/customer due diligence (“KYC/CDD”) procedures and the sufficiency of KYC/CDD information collected to date.Investment Advisers should examine their ability to develop customer risk profiles, monitor for suspicious activity, and make SAR and CTR filings with FinCEN on a confidential and timely basis.
  • Review and amend relevant client agreements, such as investor subscription agreements and investment advisory agreements, as necessary, for compliance with the Final Rule.
  • Provide training for appropriate personnel on the Final Rule.
  • Appoint internal personnel (who are not involved in the operation and oversight of the AML/CFT program), or a third party, to conduct independent testing of the program.

How Dorsey Can Help

Dorsey has a long history of advising financial institutions, such as banks, broker-dealers, and insurance companies, on compliance with FinCEN’s AML/CFT rules.  Our extensive experience includes advising financial institutions on KYC/CDD requirements, SARs reporting, and independent testing of AML/CFT programs.

Please contact David Tang and Erin Bryan to discuss how Dorsey can assist in bringing your investment advisory firm into compliance with the Final Rule.