September 1, 2015
On September 1, 2015, the Department of the Treasury, Financial Crimes Enforcement Network ("FinCEN") published a long-awaited Notice of Proposed Rulemaking ("NPRM") with new rules that would require registered investment advisers to implement Anti-Money Laundering ("AML") programs and to file Suspicious Activity Reports ("SARs") under the Bank Secrecy Act ("BSA"). 80 Fed. Reg. 52680 (Sept. 1, 2015). This appears to be just the first round of BSA rulemakings for investment advisers. Public comments are due by November 2, 2015, i.e., sixty days from the date of publication in the Federal Register. The NPRM includes a number of specific issues on which FinCEN is seeking comment.
The proposed requirements are generally consistent with parallel BSA requirements for banks, broker-dealers in securities, and other BSA financial institutions. The requirements would apply across the board to all registered investment advisers whatever their services or relationship with their clients. The NPRM gives little insight into specific government expectations for compliance beyond that investment advisers are expected to implement the requirements on a risk-basis.
This proposed BSA regulation has been many years in the making. In 2002 and 2003, FinCEN issued two NPRMs proposing AML program requirements for unregistered investment companies and certain investment advisers, respectively. In 2007, FinCEN announced that it would further review the issue of applying BSA requirements to funds and investment advisers and develop another proposal for public comment. FinCEN formally withdrew both proposals in November 2008. Despite periodic Congressional pressure based on concerns that illegal source funds were being invested in hedge funds, FinCEN waited eight years to publish this new regulatory proposal.
The Proposed Regulations
As proposed, the AML program and SAR requirements would apply to all investment advisers that are registered with the Securities and Exchange Commission ("SEC") or required to be registered with the SEC under Section 203 of the Investment Advisors Act of 1940, generally investment advisers with assets under management of $100 million or more as calculated under the SEC regulations. This would include advisers and subadvisers. FinCEN states that it may include other types of smaller investment advisers (state registered or exempt under SEC requirements) in future rulemakings because they, too, may be vulnerable to money laundering.
FinCEN does not cite any particular examples of money laundering by investment advisers or the clients of investment advisers, e.g., hedge funds or private equity funds. FinCEN states a general concern that: "As long as investment advisers are not subject to AML program and suspicious activity requirements money launderers may see them as a low risk way to enter the financial system." According to FinCEN, an investment adviser’s view into its client activities may help detect illegal activities.
Under the NPRM, registered investment advisers, like banks and broker-dealers, would be designated as financial institutions under the BSA. FinCEN intends to delegate examination authority for compliance with the proposed requirements to the SEC. As discussed below, this is the opening volley for proposed BSA requirements for investment advisers. Additional NPRMs covering other requirements may follow.
Financial institution under the BSA is defined as a person doing business "in the United States." Nevertheless, the registered investment advisers may include foreign investment advisers. Moreover, FinCEN is seeking comments on whether foreign SEC registered and private advisers should be covered by the requirements. Coverage of foreign advisers needs to be clarified.
AML Program Requirements
The proposed AML program requirements for investment advisers are comparable to the requirements for banks, broker-dealers, mutual funds, and other financial institutions under the BSA, and they are consistent with the BSA statutory authority for AML programs, 31 U.S.C. § 5318(h). Under the proposal, a registered investment adviser would be required to develop and implement a written, risk-based program that is reasonably-designed to prevent the investment adviser from being used to facilitate money laundering and the financing of terrorism and to comply with applicable BSA requirements. The minimum requirements would include what are sometimes referred to as the four AML program pillars required in Section 5318(h):
The program would be required to be approved by the Board of Directors or trustees of the investment adviser or, if none, by the investment adviser’s sole proprietor, general partner, trustee or other persons that have "functions similar to a board of directors."
FinCEN recognized that registered investment advisers with all types of clients and that provide all types of services would be caught up in the definition of investment adviser, including investment advisers with clients that are mutual funds and "publicly or privately offered real estate funds," registered investment advisers that provide advisory services but that do not manage assets or conduct transactions, pension consultants, financial planners, and investment advisers that only provide research or newsletters. Comments are sought on whether there should be categories of registered investment advisers excluded from the definition because of the low money laundering risk of their services or clients. All registered investment advisers would be required to establish risk-based AML programs. FinCEN states the burden of establishing an AML program would be reduced based on the risk-based nature of the program and the types of advisory services these entities provide.
Investment advisers that are dually registered with the SEC as a securities broker and as an investment adviser, and investment advisers that are affiliated with financial institutions already subject to BSA AML program requirements, would not be required to develop separate AML programs so long as the AML programs of these entities already cover all of the entity’s broker-dealer and investment adviser activities and businesses and address the money laundering risks posed by all aspects of the business.
Registered investment advisers will be expected to develop a risk assessment based on an analysis of the money laundering and terrorist financing risks posed by their clients, based on such factors as the nature of the services provided, the client types, the clients’ geographic locations (including the jurisdiction’s regulatory regime), the Investment Adviser’s experience with the clients, and references from other financial institutions, for instance. Policies, procedures, and internal controls, including for monitoring transactions to identify potentially suspicious activity, would be developed consistent with this risk assessment. Clearly, the program for a registered investment adviser whose clients are U.S. pension funds would not be expected to resemble the program for a hedge fund with investors who are high net worth individual clients from jurisdictions which are considered to pose a high risk for money laundering.
The preamble to the NPRM includes a discussion of the relevant risks of non-pooled investment vehicle clients; registered open-end fund clients, i.e., mutual funds (considered lower risk); registered closed-end fund clients, and private fund clients/unrestricted pooled investment vehicles. FinCEN notes that certain private funds and unregistered pooled investment vehicles may present lower risk than others.
FinCEN expects registered investment advisers to apply the same AML policies and procedures to services to non-U.S. private funds or unregistered pooled investment vehicles organized in a foreign jurisdiction as it does to U.S. clients.
Proposed Effective Date
FinCEN has proposed a six-month delayed effective date from the date of the issuance of the final rulemaking.
Suspicious Activity Reporting
The proposed requirement for investment advisers to file SARs with FinCEN also is comparable to the SAR requirement for other financial institutions that are subject to SAR reporting requirements. Accordingly, investment advisers would be required to report transactions aggregating to $5,000 or more in funds or other assets conducted or attempted "by, through or at" the registered investment adviser if the investment adviser knows, suspects or has reason to suspect that the transactions involve money laundering or BSA violations (including structuring to evade any BSA reporting or recordkeeping requirement), have no business or apparent lawful purpose or are not the sort of transactions in which a particular customer normally would be engaged, or involve the use of the registered investment adviser to facilitate criminal activity. It would appear that the SAR requirement would not apply to advisory services because there would be no transactions "by, through or at" the registered investment adviser.
Like other financial institutions, registered investment advisers will be expected to identify suspicious activity on the front-end (when an employee identifies potential suspicious activity at the time of the transaction) and through risk-based processes for identifying and investigating potentially suspicious activity on the back-end after transactions are concluded through reports or monitoring systems.
The preamble to the NPRM includes a non-exhaustive list of red flags for suspicious activity. FinCEN suggests that monitoring to identify potentially suspicious activity could include, for example, monitoring for fraud, the use of negotiable instruments used in money laundering schemes, such as money orders and travelers checks, and payments for an investment with multiple wire transfers from different financial institutions.
If a registered investment adviser and another financial institution subject to SAR reporting were involved in the same transaction, a joint SAR could be filed so long as the SAR included all relevant facts and each financial institution maintained a copy of the SAR and the supporting documentation.
Delegation of SAR Responsibilities
The preamble to the NPRM states that the proposed SAR regulation would permit a registered investment adviser to delegate its SAR responsibilities to an agent or third party processor. In these circumstances, however, FinCEN advises that the registered investment adviser would remain responsible for compliance with the SAR requirements and would be liable for any violations of the SAR regulation by the third party.
Sharing of SARs
As proposed, the rule would not permit registered investment advisers to share SARs within their corporate organizational structures in the absence of further guidance from FinCEN. This is inconsistent with FinCEN’s guidance for banks, broker-dealers, mutual funds, and futures commodity merchants and their introducing brokers, which permit the sharing of SARs and the existence of SARs within their organizational structures subject to certain limitations. Given FinCEN’s recognition that registered investment advisers may delegate certain of their BSA functions to others within their organization (and even outside their organization to an agent or third party service provider), it does not make sense for FinCEN not to issue guidance at the same time that it promulgates a final rule. FinCEN is soliciting comments on this issue.
Other SAR Provisions
Other SAR proposed provisions are comparable to the SAR provisions applicable to other financial institutions, e.g., the timing of the filing of SARs (30 calendar days after the initial detection by the registered investment adviser of facts that may constitute a basis for filing a SAR); record retention (five years from the date of filing the SAR); the SAR confidentiality requirement and the prohibition on disclosing a SAR or any information that would disclose the existence of a SAR; the need to call law enforcement in cases of activity requiring immediate attention; and the civil safe harbor from liability based on the filing of a SAR.
Proposed Effective Date
The proposed effective date for the SAR requirement would be the same as for the AML program requirement, i.e., six months from the date the final rule is issued. Registered investment advisers, however, are "encouraged" by FinCEN to begin filing SARs on a voluntary basis when the rule is issued.
What is not Covered – Future NPRMs Applicable to Investment Advisers
FinCEN states that it is not requiring registered investment advisers to implement customer identification program ("CIP") and customer due diligence ("CDD") requirements under this NPRM, but that further proposals requiring CIP and CDD are contemplated. A CIP rulemaking would be issued jointly with the SEC (like the CIP requirements for broker-dealers).
Future rulemakings applicable to registered investment advisers also will deal with the application of the requirements under USA PATRIOT Act Section 311 (special measures applicable to foreign jurisdictions, financial institutions, transactions or accounts of primary money laundering concern); Section 312 (enhanced due diligence for correspondent accounts for foreign financial institutions and private banking clients, i.e., high net worth non-U.S. persons); Section 313 (prohibition on providing correspondent accounts to foreign shell banks); and Section 319(b) (requirement to maintain ownership records for foreign correspondent banks, identify a U.S. agent for service of process for foreign correspondent banks, and provide access to foreign correspondent bank records through U.S. financial institution respondents).
Nevertheless, to conduct a risk assessment and to comply with the AML program and SAR requirements, some risk-based CDD measures would appear to be necessary for registered investment advisers unless they have a low risk client base. CDD requirements (and enhanced due diligence or EDD requirements for higher risk customers) would include obtaining an understanding of who a customer (natural or legal) is, the nature of the person’s wealth and sources of funds, and whether public information about the person raises money laundering red flags that the person’s funds for investment could be from an illegal source. FinCEN and the financial institution regulators often describe CDD/EDD as part of the requirement to have a risk-based AML program and the SAR obligation, i.e., a financial institution must have enough knowledge about a customer to identify what is suspicious or unusual for that customer.
Other Requirements That Would be Applied Through This Rulemaking
Certain other BSA requirements apply to all BSA financial institutions and also would apply to registered investment advisers by virtue of their designation as BSA financial institutions.
Currency Transaction Reports
To the extent that a transaction in currency over $10,000 ever was conducted by or on behalf of the same person on the same day by, to or through a registered investment adviser, the investment adviser would be required to file a Currency Transaction Report ("CTR") with FinCEN. 31 C.F.R. § 1010.311. Once subject to the CTR requirement, investment advisers no longer would be required to file Forms 8300 on cash and certain negotiable instruments received over $10,000. The Form 8300 requirement is applicable to non-financial institution trades and businesses under the BSA regulations, 31 C.F.R. § 1010.330, and parallel requirements under the IRS Code.
It seems unlikely that registered investment advisers would engage in any reportable currency transactions. Moreover, a fundamental component of any AML program for a registered investment adviser should include prohibitions or restrictions on forms of payment that figure in money laundering schemes, such as currency, money orders, travelers checks, multiple cashier’s checks or third party payments.
Fund Transfer Recordkeeping and Travel Rule Requirements
With respect to transmittals of funds of $3,000 or more sent or received by a registered investment adviser (as the transmittor’s (sender’s) or recipient’s financial institution), investment advisers would have to comply with the funds transfer recordkeeping and Travel Rule requirements of the BSA. 31 C.F.R. § 1031.410. This would mean creating and maintaining records of the transfers with specified information and making sure that certain of the information "travels" to the next financial institution in the payment chain.
Registered investment advisers would be subject to the information sharing provisions of the BSA based on Sections 314(a) and 314(b) of the USA PATRIOT Act, as implemented by BSA regulations. Under Section 314(a), as implemented in the BSA regulations, 31 C.F.R. § 1010.520, and FinCEN guidance, financial institutions must review lists provided periodically by FinCEN of persons suspected of being involved in money laundering or terrorist financing and must respond via a secured network to FinCEN whether they have (or had) an account for the listed person or have conducted certain transactions with the listed person.
Under Section 314(b), as implemented in the BSA regulations, 31 C.F.R. § 1010.540, a registered investment adviser could register with FinCEN annually on a voluntary basis and participate in the sharing of information with other financial institutions subject to an AML program requirement, such as banks, broker-dealers and mutual funds. Financial institutions that choose to participate in Section 314(b) sharing may make and receive information requests to exchange information on a limited basis for the purpose of determining whether to file a SAR. Financial institutions that submit Section 314(b) notices are provided with a safe harbor from civil liability to a customer based on the information sharing.
Observations and Conclusion
According to FinCEN, additional NPRMs expanding the BSA requirements applicable to registered investment advisers will follow. The public discussion of this NPRM and the subsequent NPRMs should provide additional insight into FinCEN and the SEC’s regulatory expectations for investment advisers and further frame the issues that need clarification. Ultimately, based on the experience of most BSA financial institutions, government expectations will evolve and increase, and the specific expectations often will be revealed through the examination process.
Many registered investment advisers already have put into place AML programs voluntarily. Some have done so because they are part of a financial group that includes businesses that are financial institutions under the BSA, and the group has put in place an enterprise-wide AML program. Moreover, hedge funds and other investment funds are expected by banks and broker-dealers to have AML programs to obtain services and so that their broker-dealers can rely on SEC registered investment advisers to conduct CIP on customers, as allowed by a no action letter issued by the SEC if certain conditions are met. See Request for No-Action Relief Under Broker-Dealer Customer Identification Rule (31 C.F.R. § 1023.220) (Jan. 9, 2015). Investment advisers also have implemented programs to protect themselves from liability for the crime of money laundering and the related forfeiture risk and, most importantly, to guard against the reputational risk of being associated with money launderers or facilitating terrorist financing.
Some registered investment advisers will need to re-evaluate their current AML programs to determine whether they meet the proposed regulatory requirements. Investment advisers for funds will need to review the agreements with fund investors to make sure that the investors will provide any information to the investment adviser necessary to meet the current and future regulatory requirements applicable to the investment adviser.
Clearly, many registered investment advisers will not have previously developed an AML program because of the low risk nature of their clients and services. A case should be made that many of the registered investment advisers provide services to clients that pose little or no money laundering risk and that these investment advisers should be excluded from the final rule, such as investment advisers to pension funds or which provide only research services. Investment advisers also should be excluded with respect to mutual funds, which themselves are subject to the full range of BSA requirements. This should be a major focus of comments on the proposal. FinCEN could consider including reasonable exemptions in the regulation based on the services offered and the client types and/or include an exemption process in the final rule whereby individual registered investment advisers could seek an exemption.
Further, guidance is needed on the intended extraterritorial impacts of the BSA requirements applicable to registered investment advisers. As proposed, the AML program would apply to U.S. registered investment advisers that provide services to clients outside the United States, e.g., funds and other investment vehicles organized under foreign law, and to the extent transactions are directed by investment adviser outside the United States, it would appear the SAR requirement would apply. This could raise conflicts with foreign laws that apply to funds rather than the advisers and that could put U.S. advisers at a competitive disadvantage or subject funds and other investment vehicles to multiple regulatory requirements and examinations. Similar issues are raised with respect to foreign investment advisers that are registered with the SEC.
The case made by FinCEN for the law enforcement need for this regulation appears to be theoretical and the cost benefit analysis is not convincing. Nevertheless, this proposal is moving forward. Consequently, registered investment advisers and other investment advisers should take advantage of the comment opportunity to ensure that the final regulation is as clear as possible to minimize future regulatory risk and to make suggestions to reduce the compliance burden and to frame the issues that FinCEN should consider in future rulemakings.
 The real estate fund itself would not be required to implement an AML program.
 For instance, if a registered investment adviser sent a transmittal order for an established customer, the investment adviser would be required to record the name and address of the transmitter; the amount of the transmittal order; any payment instructions received from the transmittor with the transmittal order; the identity of the recipient’s financial institution; and information received from the transmittor about the recipient. That information (and any account number) would then have to be included in the transmittal order sent to the next financial institution in the payment chain.
Gibson, Dunn & Crutcher’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact any member of the Gibson Dunn team, the Gibson Dunn lawyer with whom you usually work, or the authors:
Arthur S. Long – New York (+1 212-351-2426, email@example.com)
Edward D. Sopher – New York (+1 212-351-3918, firstname.lastname@example.org)
Jennifer Bellah Maguire – Los Angeles (+1 213-229-7986, email@example.com)
Y. Shukie Grossman – New York (+1 212-351-2369, firstname.lastname@example.org)
Edward D. Nelson – New York (+1 212-351-2666, email@example.com)
C. William Thomas, Jr. – Washington, D.C. (+1 202-887-3735, firstname.lastname@example.org)
Gregory Merz – Washington, D.C. (+1 202-887-3637, email@example.com)
© 2015 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.