FinCEN final rule on AML/CFT requirements for investment advisers, effective January 1, 2026 

By Richard Casciani, Managing Director, U.S. 

On September 4, 2024, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a final rule (the “Final Rule”) mandating certain anti-money laundering (AML) and countering the financing of terrorism (CFT) requirements for most investment advisers registered with the U.S. Securities and Exchange Commission (SEC) (registered investment advisers, or RIAs) and investment advisers that report to the SEC as exempt reporting advisers (ERAs). The Final Rule has a compliance date of January 1, 2026 and requires those in scope to adopt AML/CFT compliance programs and monitor for and report suspicious activity to FinCEN. 

Which investment advisers are covered by or exempt from the Final Rule?

The Final Rule applies to SEC RIAs and SEC ERAs with a few exceptions. The following advisers are exempt:  

• Mid-size advisers 
• Multi-state advisers 
• Pension consultants 
• Family offices 
• Advisers of sub-advised funds only 
• RIAs that are not required to report any assets under management (AUM) to the SEC 

With respect to foreign private advisers, the Final Rule applies to activities that take place in the U.S. (i.e. through U.S. employee(s) or office(s)/branch(es)) or with respect to a U.S. fund or U.S. investors. 

What is required for an AML/CFT program?

What reports must be submitted?

Covered advisers will be required to comply with reporting obligations related to currency transactions or suspicious activity. 

• Suspicious Activity Reports (SARs)  

The Final Rule requires covered advisers to file SARs with FinCEN for any suspicious transaction (or pattern of transactions) conducted or attempted by, at or through the adviser that involves or aggregates at least $5,000 in funds or other assets. SARs must be filed with FinCEN no later than 30 days after initial detection of the triggering event.  

Covered advisers may need to file SARs on suspicious activity involving private fund investments (e.g. funding through multiple wires from different accounts) or portfolio companies (e.g. fund investors seeking information about a portfolio investment that could indicate illicit technology transfer concerns).  However, non-advisory activities (i.e. if an adviser’s staff maintain management roles at portfolio companies) are not in scope of an adviser’s SAR filing obligation. 

Covered advisers must ensure confidentiality of SARs; such information generally cannot be shared with external parties, including service providers.  

• Currency Transaction Reports (CTRs) 

Covered advisers will be required to file a CTR with FinCEN for certain currency transactions of more than $10,000. This will replace the existing requirement that advisers report currency-related transactions on Form 8300. 

More than one adviser may have an obligation to report the same transaction.  Such reporting can be done in one filing if the report includes the names of both advisers, states that it is a “joint filing,” and each adviser maintains a copy of the filing. 

What are the immediate action items?

In preparation for the Final Rule’s compliance deadline, covered advisers should be addressing the following items:   

• Determine budget: Covered advisers should be assessing their budgets in consideration of various factors, including software licensing (if the adviser will conduct AML checks internally) and engaging external provider(s) to: 
  • Draft policies and procedures 
  • Conduct testing 
  • Conduct annual training 
  • Conduct ongoing due diligence 
• Draft policies and procedures: Covered advisers may elect to engage a third-party provider to assist with developing (or enhancing existing) policies and procedures to ensure compliance with the Final Rule 
• Determine who will be the AML officer: Covered advisers should determine which employee will be designated the AML officer and confirm the record-keeping process if multiple parties will be involved 
• Determine who will conduct testing: Covered advisers will likely need to engage a third-party provider for testing, given the need for independent testing 
• Schedule training for existing employees before year-end: Advisers should consider adding AML requirements to existing compliance training or separately implementing such training 
• Create a customer risk profile for each investor: This requirement could potentially be the most arduous provision of the Final Rule, especially for advisers to private funds with a broad investor base.  So, advisers should prioritize accordingly.  The risk profile of each investor will determine the level of ongoing customer due diligence 
• Update service provider agreements: Covered advisers should determine if amendments are needed with service providers like fund administrators or compliance consultants 

How can IQ-EQ assist?

IQ-EQ’s compliance and AML teams can provide a range of assistance to covered advisers to prepare for and comply with the ongoing requirements of the Final Rule: 

• Drafting tailored AML policies and procedures 
• Initial AML risk analysis and testing process buildout and implementation –  reviewing advisers’ business profiles, including types of advisory services provided by the firm, the nature of its customers and the applicable customer risk profiles; assisting with the creation of customer risk profiles; designing a testing regime, which would include a review of high- versus low-risk investors and applicable ongoing monitoring 
• Conducting annual or quarterly AML testing, as required 
• Conducting recurring AML/KYC investor reviews 

IQ-EQ will continue to monitor any further developments and is ready to assist with developing policy or advising on related needs. Click here to discover our U.S. regulatory compliance services and contact our expert team today.