FinCEN Issues Final AML Rule For RIAs
Navigating the New RIA AML Requirements
Subscribe to our original industry insightsThe Financial Crimes Enforcement Network (FinCEN) has recently issued a final rule extending anti-money laundering (AML) and countering the financing of terrorism (CFT) requirements to certain Registered Investment Advisers (RIAs). This long-anticipated regulatory action, set to take effect on January 1, 2026, is a significant development in the wealth management sector, marking a new era of compliance for investment advisors who previously operated outside the direct scope of AML regulations.
Background: RIAs and Anti-Money Laundering Requirements
Historically, RIAs were not classified as “financial institutions” under the Bank Secrecy Act (BSA). This exclusion allowed them to avoid the stringent AML requirements that banks, broker-dealers, and other financial institutions faced. However, with the growth of the investment advisory industry and its increasing role in global finance, the potential risks associated with money laundering and terrorist financing have become more pronounced. The introduction of the Final Rule is a direct response to these risks, aiming to close gaps in the financial regulatory framework.
Key Provisions of FinCEN’s Final Rule
Expansion of the Definition of Financial Institutions
The Final Rule amends 31 CFR 1010.100(t) to include investment advisors as “financial institutions.” This inclusion subjects RIAs to a range of obligations under the BSA, which were previously not applicable to them. The rule applies to both RIAs and Exempt Reporting Advisers (ERAs), including those advising private funds.
The Final Rule will apply to most SEC registered RIAs and ERAs. State Registered RIAs are not subject to this final rule.
Risk-Based AML Program Requirement
RIAs are now required to develop and implement a risk-based AML/CFT program. This program must be tailored to the specific risks associated with the advisor’s business model and client base. The AML program must also be approved, in writing, by its board of directors. If the RIA does not have a board of directors, then the AML program must be approved by its sole proprietor, general partner, trustee or other persons with similar functions as a board of directors. The AML/CFT program should include policies, procedures, and internal controls designed to detect and report suspicious activities, as well as to comply with applicable AML regulations.
Testing for Compliance with AML Rules
Like other financial institutions, RIAs will be required to have their AML program tested for compliance. However, unlike other financial institutions that require a third-party independent test, the Final Rule allows for the independent test to be conducted by the investment advisor’s personnel or by a qualified outside party. The SEC further clarifies that if an RIA chooses to use its own personnel, it cannot be anyone that has direct or indirect responsibilities with respect to the firm’s AML program.
Designation of an AML Compliance Officer
RIAs will be required to designate a person responsible for implementing and monitoring the operations and internal controls of the program.
Ongoing Training
RIAs will be required to have ongoing training for their employees on AML issues. While not specifically required in the Final Rule, Oyster Consulting recommends that firms tailor their AML training to the specific roles and responsibilities of their employees.
Suspicious Activity Reporting (SAR)
Under the new rule, RIAs must file Suspicious Activity Reports (SARs) with FinCEN for transactions involving or aggregating at least $5,000 in funds or other assets. This aligns RIAs with the SAR filing requirements applicable to other financial institutions, ensuring that they contribute to the broader financial intelligence gathering and reporting framework.
Currency Transaction Reporting (CTR)
Investment advisors are also required to file Currency Transaction Reports (CTRs) for transactions exceeding $10,000 in currency, whether conducted by, to, or through the investment advisor. This replaces the previous requirement for investment advisors to file Form 8300 for such transactions.
Travel Rule Compliance
RIAs must comply with FinCEN’s travel rules. These rules require maintaining records for certain transactions and ensuring that the necessary information is passed along in the payment chain.
Implications for the Investment Advisory Industry
The implementation of the Final RIA AML Rule represents a substantial shift for investment advisers, particularly for those who have not previously been subject to AML obligations. The requirement to establish comprehensive AML programs means firms will need to make significant investments in compliance infrastructure, training, and ongoing monitoring.
Future Developments and Regulatory Evolution
While the Final Rule is comprehensive, it leaves some areas open for future rulemaking. Notably, FinCEN has deferred the implementation of a Customer Identification Program (CIP) requirement for investment advisers. Additionally, there is no immediate obligation for RIAs to collect beneficial ownership information for legal entity customers, although this may be addressed in subsequent regulations.
Preparing for Compliance
Investment advisors should begin preparing for the January 1, 2026, compliance deadline by:
- conducting a thorough risk assessment of the firm’s operations and client base;
- developing a robust AML/CFT program;
- training staff;
- establishing effective monitoring and reporting mechanisms;
- consider investing in technology solutions that can help automate parts of the compliance process, such as transaction monitoring and SAR/CTR filing; and,
- consider engaging with legal and compliance experts to ensure that their AML programs meet both the letter and spirit of the law.
FinCEN’s Final RIA AML Rule is a landmark regulatory development that will bring significant changes to the investment advisory industry. As the January 1, 2026, compliance deadline approaches, investment advisers must act decisively to build and implement effective AML programs that comply with the new regulatory landscape.
AML Compliance Expertise
Oyster Consulting’s regulatory compliance experts will help you navigate the complexities of AML compliance with ease. Our consultants craft AML programs tailored to your firm’s business model, following the rules and best practices set by the SEC, FinCEN, and the Bank Secrecy Act. Our meticulous AML independent review process includes reviewing your firm’s written policies and procedures, actual practices, and books and records.
Oyster Solutions – The AML Compliance Tool You Need
The right tools matter. Oyster Solutions was created to help firms like yours operationalize the requirements of your governance, risk and compliance programs. Oyster Solutions is the AML compliance tool your firm needs. With the Oyster Solutions platform, you can manage and integrate your policies, assess your firm’s risk and enforce your procedures. The Oyster Solutions Monitor Module provides detailed alerts and trade review so your team can review and trigger escalation when needed. Easy reporting identifies which alerts have fired, how often, and by which advisers and reps.