On 21 July 2025, the US Department of the Treasury’s Financial Crimes Enforcement Network (‘FinCEN’) postponed the effective date of the IA Anti-Money Laundering (AML) Rule, which would require AML and Suspicious Activity Reporting by SEC Registered Investment Advisers (RIAs) and Exempt Reporting Advisers (ERAs). Previously marked with an effective date of 1 January 2026, the compliance date for the IA AML Rule is now 1 January 2028, giving RIAs and ERAs an additional two years to prepare.
While other SEC regulated financial institutions, such as broker-dealers, mutual funds, and banks have long been subject to AML requirements, the IA AML Rule heralds the first time that RIAs and ERAs are explicitly subject to AML and Countering the Financing of Terrorism (CFT) program obligations under the Bank Secrecy Act (BSA). FinCEN has previously proposed AML regulatory oversight of RIAs and ERAs in both 2003 and 2015, but both instances were dismissed.
As a refresher to the requirements, the IA AML Rule would bring RIAs and ERAs under the definition of a ‘financial institution’ by the BSA and so subject to core duties including:
- Developing a mandatory risk-based AML/CFT program which includes i) internal policies and procedures; ii) a designated compliance officer; iii) ongoing staff training; and iv) an independent audit function.
- Filing suspicious activity reports (SARs) with FinCEN and adhering to the Currency Transaction Report (CTR) and travel and recordkeeping requirements.
- Maintaining additional detailed records, including fund transfers and information sharing obligations under Section 314(a) and 314(b) of the USA PATRIOT ACT.
FinCEN has also delegated examination authority for these AML/CFT requirements to the SEC, giving the SEC full authority to test adherence as part of its ongoing examination efforts.
For investment advisers subject to the IA AML Rule that have their principal office and place of business outside the U.S., FinCEN clarified that the IA AML Rule only applies to activities that:
- take place within the United States, including through the involvement of U.S. personnel of the investment adviser, such as the involvement of an agency, branch, or office within the United States or
- provide services to a U.S. person or a foreign-located private fund with an investor that is a U.S. person.
While the IA AML Rule has been finalized, FinCEN’s decision to delay its effective date to January 1, 2028, is more than just a pause. It reflects a broader intent to re-examine the scope and substance of the rule, ensuring it aligns with the diverse business models and risk profiles across the investment adviser sector. FinCEN has also acknowledged industry concerns regarding compliance costs and regulatory uncertainty and plans to issue formal exemptive relief in the meantime, to provide clarity.
In parallel, FinCEN, working jointly with the SEC, will also revisit the proposed Customer Identification Program (CIP) rule, which would impose client verification requirements on RIAs and ERAs for the first time.
In short, change is still on the horizon, and while the timeline has shifted, the direction of travel toward enhanced AML oversight remains.
Blueprint GRC’s London-based team of SEC compliance experts is here to help. Whether you need to build a future-proof AML framework, assess your risk exposure, or prepare for evolving CIP obligations, we offer compliance consulting, flexible in-sourced staffing, and fully outsourced GRC solutions tailored to your firm.
Contact us at [email protected] to get ahead.
