with co-author Margaret Hirce
This piece was originally shared on HedgeWeek and is republished here with permission.
With the increased regulatory focus on anti-money laundering (AML) enforcement, the Financial Crimes Enforcement Network (FinCEN) recently proposed rules that would require investment advisers, including certain hedge funds and private fund managers, to establish AML programs and report suspicious activity.[1] The Proposed Rules are intended to close a purported regulatory gap in this multitrillion-dollar sector, as investment advisers are not currently subject to the same Bank Secrecy Act (BSA) requirements as banks and other financial entities. FinCEN thereby seeks to address the concern that money launderers or terrorist financiers may target investment advisers as a “low-risk” way to access the U.S. financial system.
Implementing AML and suspicious activity reporting programs pose business and cost considerations for investment advisers. The Proposed Rules come amid heightened scrutiny and regulatory activity against banks and other financial institutions for AML, Office of Foreign Asset Control (OFAC) and Foreign Account Tax Compliance Act (FATCA) compliance. On December 1, 2015, the New York State Department of Financial Services announced proposed AML and terrorist financing regulations to address perceived shortcomings in regulated institutions’ compliance programs, demonstrating continued focus in this area.[2] The scrutiny of compliance programs has in recent years also extended to civil liability for financial institutions, including a series of private civil litigations under the Anti-Terrorism Act (ATA) against them. Whether or not a final rule is issued, regulatory and private scrutiny of compliance programs is expanding. Investment advisers are well advised to take note of FinCEN’s developing proposals in reviewing and implementing their compliance responsibilities to mitigate the increased regulatory rules.
Overview of FinCEN’s Proposed Rules
Broadly, the Proposed Rules would make three regulatory changes affecting investment advisers: (1) amend the BSA implementing regulations to include “investment adviser” in the definition of “financial institution,” (2) require investment advisers to establish and implement an AML program and (3) require investment advisers to report suspicious activity in connection with transactions of at least $5,000 in funds or other assets. Compliance examination authority would be delegated to the U.S. Securities and Exchange Commission (SEC).
First, FinCEN proposed adding “investment adviser” to the definition of “financial institution,” reasoning that investment advisers engage in similar activity to banks and broker-dealers.[3] The definition of “investment adviser” would include advisers required to register with the SEC, generally those with over $100 million in AUM, unless otherwise exempted. FinCEN noted that the types of investment advisers that fall within this definition include:
- “Dually registered investment advisers and advisers that are affiliated with or subsidiaries of entities required to establish AML programs
- Certain foreign investment advisers
- Investment advisers to registered investment companies
- Financial planners
- Pension consultants
- Entities that provide only securities newsletters and/or research reports.”[4]
Second, the Proposed Rules would require entities to establish AML programs pursuant to the BSA that are “reasonably designed to prevent the investment adviser from being used to facilitate money laundering or the financing of terrorist activities and to achieve and monitor compliance with the applicable provisions of the BSA and FinCEN’s implementing regulations.”[5] At a minimum, investment advisers must (1) establish written procedures, policies and internal controls; (2) provide for independent, periodic testing; (3) designate a person(s) responsible for implementing and monitoring the program; and (4) provide ongoing training to employees. The program as currently proposed under the Rules appears to encompass “all advisory activity,” including activity as a primary adviser or a sub-adviser, as well as activity that does not include managing client assets.
In establishing or revising their AML programs, advisers should conduct a risk-based assessment, evaluating the services provided, as well as the source of funds and location of clients (for individuals) and the type of entity, location and statutory scheme of the non-U.S. jurisdiction (for entities). FinCEN delineates expectations for certain types of advisory clients and services. For example, for non-pooled investment vehicle clients and private fund clients, the adviser should consider the types of accounts offered and method of funding and otherwise employ a risk-based approach. Critically, the Proposed Rules do not at this time require investment advisers to implement formal Customer Identification Procedures (CIP), but knowing your customer remains the governing principle of the Proposed Rules.
Third, investment advisers would be required to report suspicious activity when the transaction is “conducted or attempted by, at or through an investment adviser and involves or aggregates at least $5,000 in funds or other assets.”[6] In determining whether to report a transaction as suspicious, investment advisers should consider the circumstances and client at issue. FinCEN provides examples of red flags, including unusual withdrawals that do not match the client’s investment objectives. As a further exemplar, suspicious activity in the subscription of private fund interests might include using money orders in structured amounts to evade currency reporting requirements.
Why Investment Advisers?
The investment advisory business is a multitrillion-dollar industry that, according to FinCEN, is susceptible to risk during all three stages of money laundering: placement, layering and integration.[7] The Proposed Rules note that in June 2014, there were over 11,000 investment advisers registered with the SEC reporting $61.9 trillion in client assets. Moreover, recent private fund statistics released by the SEC show an increase in the number and asset value of hedge funds and private equity funds over the past two years.[8] Between Q1 2013 and Q4 2014, there was a 15 percent increase in number of hedge funds and a corresponding 27 percent increase in aggregate private fund gross asset value, from $4.779 billion to $6.059 billion. The statistics show even greater growth in the number of private equity funds during the same time frame, at nearly 22 percent, with an increase in asset value of nearly 18 percent.
FinCEN issued the Proposed Rules to address potential “gaps in knowledge” regarding clients or transactions because investment advisers are “uniquely situated to appreciate a broader understanding of their clients’ movement of funds through the financial system because of the types of advisory activities in which they engage.”[9] Though many investment advisers currently work with banks or broker-dealers subject to BSA regulations, those entities may not have access to sufficient information on the client or the transaction in order to assess risk. For example, if an investment adviser manages a private fund, the custodial bank holding the assets may not know the identities of the underlying fund investors.[10] According to FinCEN, this is where investment advisers can plug the gap. By holding investment advisers to the same AML and SAR requirements as other financial institutions, FinCEN seeks to remove a potential avenue for money launderers or terrorist financers to enter the U.S. financial system illegally.
Potential Impact and Challenges for Investment Advisers
Requiring investment advisers to develop and implement AML programs pursuant to BSA regulations and report suspicious activity raises a number of challenges and business considerations for these entities, including cost and risk of responsibility.
Impact on Small Advisers
By defining investment advisers as those with over $100 million in assets under management (AUM), FinCEN is regulating smaller advisers that will have to bear the costs associated with compliance regimes. As discussed in The Cost of Compliance, smaller advisers necessarily have to spend a proportionally greater amount of their total operating costs on compliance than their larger counterparts.[11] Compliance costs were found to pose a “significant barrier to entry” for smaller investment advisers, and some smaller advisers were struggling with the costs of regulatory scrutiny even prior to this proposed regulation.[12]
Investment advisers and hedge funds present lesser money laundering risks because they generally provide low liquidity and involve fewer transactions. Investors may typically only withdraw funds on a quarterly or annual basis and are sometimes subject to initial lock-up periods during which no withdrawals may be made. The fund transfers are often limited to an initial subscription payment and limited numbers of supplemental investments. Moreover, only the hedge funds themselves have direct contact with the customers that put them in a position to assess the client risk profile. The registered investment advisers (RIAs) do not typically interface directly with the investors, nor do sub-advisers who recommend investment strategies. For these reasons, the Managed Funds Association (MFA) has properly recommended that the Proposed Rules be restricted to exclude sub-advisers and permit RIAs to rely on the AML compliance programs of the funds themselves.
Costs of Compliance
Costs associated with complying with the Proposed Rules will be a consideration for any investment adviser, whether large or small. FinCEN acknowledges that investment advisers are already required to implement certain programs and controls in connection with federal securities laws.[13] Certain components of these established programs may overlap with BSA requirements, and FinCEN notes that dual-registered investment advisers would need to develop a “comprehensive AML program that covers all of the entity’s advisory and broker-dealer activities and businesses.”[14] FinCEN also acknowledges that, for suspicious activity reporting, advisers already collect investor information as part of their client on-boarding procedures.
Hedge funds are often structured with both domestic and foreign funds, with the foreign funds typically more heavily populated with non-U.S. investors including private investment pools, trusts and other foreign private entities and individuals. Fund administrators, many of which are located in off-shore jurisdictions with developed AML regulations, and some of which are affiliated with banks or broker-dealers, provide a variety of administrative and compliance-related functions for the funds and are accordingly in the best position to leverage their processes to also handle AML compliance responsibilities. The Proposed Rules do not by their terms prohibit delegation of these AML compliance responsibilities to foreign or domestic fund administrators, but they should be clarified to expressly authorize such delegation to help the smaller investment advisers (by personnel or AUM) manage these additional compliance requirements without crippling them with outsized administrative burdens.
Risk-Based Approach
FinCEN recognized that investment advisers may delegate AML program implementation and operation requirements to third parties, but the adviser itself “will remain fully responsible for the effectiveness of the program, as well as for ensuring that FinCEN and the SEC are able to obtain information and records relating to the AML program.”[15] Similar to the AML program, advisers may delegate suspicious activity reporting, but the “adviser remains responsible for its compliance with the requirement to report suspicious activity, including the requirement to maintain SAR confidentiality.”[16]
Consistent with the AML rules for mutual funds and other financial institutions, the Proposed Rules require investment advisers to implement a risk-based approach in their AML programs. Covered investment advisers should focus their diligence and transactional monitoring on the client activity with the higher risk profiles, especially clients whose funds are not received from U.S. or foreign banks or broker-dealers with highly regulated and evolved AML compliance programs. A risk-based program should focus on customers where the underlying investors or beneficial owners are not transparent, such as pooled investment vehicles, trusts, private funds and omnibus accounts.
Suspicious activity reporting in the investment adviser context may present additional compliance challenges due to hedge fund privacy and confidentiality practices that encourage such pooled investment funds and at times undermine the transparency of the underlying investors. Despite these challenges, investment advisers will be expected to conduct enhanced due diligence of these classes of customers to ensure that sanctions screening and Know-your-customer procedures are sufficiently comprehensive and adequately reported. Investment advisers will be expected to enhance their auditing protocols to ensure that any AML compliance functions delegated to third parties are monitored on a periodic basis to ensure their regulatory obligations are being met.
Conclusion
The Proposed Rules extending AML compliance obligations to a new class of registered investment advisers come amid an increase in focus on regulatory compliance by criminal authorities, regulatory agencies and private plaintiffs. Global banks and broker-dealers have incurred billions of dollars in penalties and fines for AML and sanctions violations over the past few years.[17] These risks have given rise to derivative litigation where AML compliance programs of financial institutions are scrutinized in the context of private lawsuits against financial institutions for processing transactions on behalf of international terrorist organizations and individual terrorists.[18] A bipartisan bill has been introduced in the U.S. Senate that would expand the liability provisions of the ATA to enable plaintiffs to hold liable “any person who aided, abetted or conspired with the person who committed such an act of international terrorism,”[19] which would include investment advisers. The recent terrorist attacks in Paris and Beirut will likely trigger increased support for this pending legislation, as Congress looks to impose additional responsibilities on the U.S. financial industry to curtail terrorist access to the global financial system.
The focus on AML compliance for the private investment industry is likely to remain a high regulatory priority even if the money laundering risks are relatively modest in these types of low liquidity investment funds. With the Proposed Rules under consideration, investment advisers and hedge funds are well advised to monitor the development of the final rules and identify a risk-based approach to align existing or third-party resources with their customer risk profiles and services.
Notes:
[1] Financial Crimes Enforcement Network: Anti-Money Laundering Program and Suspicious Activity Report Filing Requirements for Registered Investment Advisers, Proposed Rules, Fed. Reg. Vol. 80, No. 169 (Sept. 1, 2015) (“Proposed Rules”). The Proposed Rules were published on the Federal Register on September 1, 2015, and open for public comment for 60 days.[2] Press Release, Governor Cuomo Announces Anti-Terrorism Regulation Requiring Senior Financial Executives to Certify Effectiveness of Anti-Money Laundering Systems, NYS Department of Financial Services (Dec. 1, 2015), available at http://www.dfs.ny.gov/about/press/pr1512011.htm.
[3] Including the definition in the regulations implementing the BSA would trigger certain regulatory requirements including those pertaining to Currency Transaction Reports, the Recordkeeping and Travel Rules, and section 314(a) of the USA PATRIOT Act regarding the sharing of information.
[4] Proposed Rules at 52684.
[5] Id. at 52686.
[6] Id. at 52690.
[7] The U.S. Department of Treasury’s National Money Laundering Risk Assessment, released in June 2015, notes that securities industry participants do not normally collect cash, which reduces the “placement” risk, see page 79.
[8] U.S. Securities and Exchange Commission Division of Investment Management Risk and Examinations Office, Private Fund Statistics Fourth Calendar Quarter 2014 (Oct. 16, 2015).
[9] Proposed Rules at 52682.
[10] Id. at 52681.
[11] The Cost of Compliance, 2013 KPMG/AIMA/MFA Global Hedge Fund Survey, at 15, available at http://www.kpmg.com/Global/en/IssuesAndInsights/ArticlesPublications/the-cost-of-compliance/Documents/the-cost-of-compliance-v2.pdf.
[12] Id. at 4.
[13] Proposed Rules at 52686.
[14] Id. at 52688.
[15] Id. at 52689.
[16] Id. at 52691.
[17] For example, in 2014 BNP Paribas paid nearly $9B for sanctions violations and in 2015 Oppenheimer Funds settled with the SEC and FinCEN, admitting wrongdoing and paying $20M in penalties, for violations of federal securities laws and the BSA for failure to file SARs.
[18] In Linde v. Arab Bank PLC, No. 04-cv-0799 (E.D.N.Y.), a federal jury found the bank liable for facilitating terrorism funding under the Anti-Terrorism Act, and the bank settled with the plaintiffs for an undisclosed amount this past September prior to the damages portion of the trial.
[19] S. 2040, 114th § 4 (2015).