TAKEAWAYS

• FinCEN is focused on customer due diligence, and both the 2024 Investment Adviser Risk Assessment and proposed rule indicate that investment advisers will be expected to assess customer identity, business model, and sources of funds where risks indicate the need.
• The proposed rule ties investment advisers to U.S. investment security and CFIUS, highlighting concerns over use by China and Russia of investment advisers and private funds to seek information on U.S. critical infrastructure and sensitive technology.
• SEC and FinCEN collaboration would shape regulation of investment advisers, and SEC implementation and enforcement bears watching.

On February 15, 2024, the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a notice of proposed rulemaking to regulate specified investment advisers as “financial institutions” under the Bank Secrecy Act (BSA) (the “Proposed Rule”). Investment advisers have presented a target for anti-money laundering (AML) regulation for a decade, with an earlier 2015 rulemaking effort failing to advance. The 2021 U.S. Strategy on Countering Corruption again highlighted the investment adviser sector, and the Treasury Department’s 2024 Investment Adviser Risk Assessment helped inform the Proposed Rule.

Upon closer review of the Proposed Rule, four key questions emerge for investment advisers, investors, and private equity and venture capital funds: (1) Will investment advisers need to pursue customer due diligence and in what situations? (2) Has the Proposed Rule opened a new compliance dimension for funds with U.S. investment security and CFIUS? (3) What does SEC and FinCEN collaboration portend? And (4) will this rule or key elements ever reach the finish line?

Below we review the Proposed Rule and seek to shed light on those four questions.

The Proposed Rule
FinCEN proposes that certain investment advisers would be required to implement an anti-money laundering and combating the financing of terrorism (AML/CFT) program, file Suspicious Activity Reports (SARs) with FinCEN, keep records relating to transmittal of funds and comply with the Travel Rule for transactions over $3,000 (by sharing certain identifying information about the originating party), and observe other specified obligations of financial institutions under the BSA. The Securities and Exchange Commission (SEC) would oversee investment advisers’ compliance with the Proposed Rule. The Proposed Rule does not initially propose to include a customer identification program (CIP) and discusses further coordination with the SEC on this point as well as future rulemaking to address customer due diligence and ultimate beneficial owner (UBO) obligations.

The Proposed Rule would regulate two types of investment advisers as financial institutions:

• Registered Investment Advisers (RIAs): Investment advisers registered or required to register with the SEC; and
• Exempt Reporting Advisers (ERAs): Investment advisers that report to the SEC as exempt reporting advisers pursuant to the Investment Advisers Act of 1940, as amended (the “Advisers Act”).

Moreover, non-U.S. advisers who are required to register as an RIA or file as an ERA also would be deemed “financial institutions,” even if they do not maintain a branch, office or staff in the United States.

The Proposed Rule would not regulate state-registered advisers as well as any state-ERAs that are not required to report to the SEC (although many states require notification via a Form ADV filing as part of the state exemption).^[1]

1. Will Investment Advisers Be Required to Conduct Customer Due Diligence (CDD) and Identify UBOs?

Customer due diligence on limited partners and ultimate investors can be a sensitive topic for investment advisers and funds. While the Proposed Rule does not include an initial CIP requirement, a closer review reveals that FinCEN envisions substantial customer due diligence for investment advisers in some contexts and identifies where RIAs and ERAs should see risk.

Section 1032.210(b)(5) of the Proposed Rule requires that “an investment adviser implement appropriate risk-based procedures for conducting ongoing CDD that includes (i) understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and (ii) conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.” These are two of the four provisions of the current CDD rule at 31 C.F.R. § 1010.230.

FinCEN explains that “[r]equiring investment advisers to perform effective CDD so that they understand who their customers are and what type of transactions they conduct is a critical aspect of combating all forms of illicit finance activity” and “enable[s] investment advisers to identify and report suspicious transactions by filing SARs.” 32 FR 12128. FinCEN discusses the elements of the CDD language in detail for proposed section 1032.210(b)(5) and assesses that “in some circumstances, on a risk-basis, an investment adviser would not need information relating to investors in those legal entity customers to comply with the requirements of the ongoing monitoring obligation” but that “in other circumstances, investment advisers may need to request information regarding investors in their legal entity customers.”

The 2024 Investment Adviser Risk Assessment and Proposed Rule provide guidance on where the risks can be expected to require more knowledge of investors and sources of funds under the CDD language. FinCEN indicates that it sees less risk where RIAs are co-registered as broker-dealers, affiliated with regulated financial institutions, working with regulated mutual funds, or have other lower-risk factors.

However, in other cases a risk-based approach may require CDD efforts, particularly where investment advisers and the funds they support may be blind as to ultimate investors and sources of fund where they confront layers of shell companies; non-U.S. entities in jurisdictions that make it hard to identify UBOs; and/or nominee shareholders obscuring the ownership chain. The 2024 Investment Adviser Risk Assessment notes at page 14 that in the final quarter of 2022, private fund advisers reported on Form PF that the “beneficial ownership of their private funds included $375 billion by non-U.S. individuals, and that they could not reasonably ascertain the beneficial owners for $284 billion AUM attributed to non-U.S. investors.” That likely understates the problem, as some ERA fund advisers are not required to file Form PF, including advisers to venture capital funds as well as advisers with smaller assets under management.

FinCEN notes that it cannot always rely on the regulated banks, broker-dealers and other financial institutions that RIAs/ERAs engage for services, and “in some cases, an investment adviser may be the only person or entity with a complete understanding of the source of a customer’s invested assets, background information regarding the customer, or the objectives for which the assets are invested.” 32 FR 12113.

2. Investment Advisers and U.S. Investment Security

The Proposed Rule and 2024 Investment Adviser Risk Assessment raise a concern that foreign adversaries, in particular China and Russia, may be using investment advisers and funds to obtain information on U.S. critical infrastructure and sensitive technologies from early-stage growth companies.

Usually, CFIUS reviews and polices foreign investment in U.S. businesses. FinCEN raises that absent AML program, reporting and information sharing requirements, some investment advisers and funds (including venture capital funds) can be abused by non-U.S. investors. Funds and the nationalities of limited partners always have raised a challenge for CFIUS and U.S. investment security rules, but FinCEN’s identification of the targeting of early-stage companies via investment advisers and funds is striking.

In particular, the 2024 Investment Adviser Risk Assessment notes that advisers and funds can be used to request detailed technical information after proposing an investment. Currently, investment advisers may not have the compliance infrastructure or awareness to identify red flags, and no obligation to report (or rules to violate) for complicity or willful blindness.

3. Monitoring the SEC Role

Ultimately, the SEC would be asked to administer the BSA rules for covered investment advisers, as the agency does for broker-dealers. SEC collaboration with FinCEN can be expected to shape any future regulations. As noted above, FinCEN has stated that it would work with the SEC on a CIP rule for investment advisers. Further, FinCEN seems sensitive to duplicative regulation—coordination with the SEC will be important to identify where the agencies expect gaps in light of existing SEC regulation.

As one example, FinCEN proposes to follow SEC jurisdictional rules and apply the investment adviser regulations to non-U.S. persons even where they do not maintain operations in the United States. Activity in interstate or foreign commerce would be a sufficient nexus.

Although the SEC and FinCEN will coordinate in important respects, regulated entities should be aware that the SEC will take the lead in examining investment advisers for AML compliance and bringing enforcement actions, as appropriate. The SEC has prioritized AML enforcement in relation to broker-dealers, and we expect the staff to devote substantial resources to enforcement efforts to the extent that the Proposed Rule is adopted.

4. Will There Be a Final Rule?

There is a long history of FinCEN proposed rules that never became final, including the earlier attempt to regulate investment advisers in 2015. Industry group opposition and politics can form barriers. This Proposed Rule comes in an election year, and it is not clear that a Trump administration would support this specific regulation or continuation of a process begun under President Biden. In a second Biden term, FinCEN would have to maintain momentum and overcome pressure to pause or limit the final rule.

However, there are some reasons for investment advisers and the funds industry to take this initiative seriously. As discussed above, the 2024 Investment Adviser Risk Assessment identifies specific gaps and risks, including in the area of U.S. investment security. Further, there is a multilateral angle and the Proposed Rule is designed to address a deficiency identified by the Financial Action Task Force in its 2016 Mutual Evaluation of the United States.

Investment advisers and funds also might need to watch the SEC, which already regulates the RIAs and ERAs at issue, and could expand scrutiny should the FinCEN rulemaking stall. The SEC has already taken steps to encourage AML/CFT programs by investment advisers pursuant to the “no-action letter” of the Securities Industry and Financial Markets Association (SIFMA).

For now, FinCEN is proceeding under the Proposed Rule. Written comments must be submitted on or before April 15, 2024.

^{[1] The Proposed Rule addressed state-registered investment advisers, citing that FinCEN did not propose to cover these advisers because the Treasury risk assessment found few examples of these advisers being misused for money laundering, terrorist financing or other illicit financial activities. FinCEN will continue to monitor state-registered investment advisers and may take appropriate steps to mitigate such activities.}

[View source.]