Skip to main content

IAA Response to FinCEN NPRM: Delaying the Effective Date of the IA AML Rule

October 21, 2025

Download PDF

Andrea M. Gacki
Director
Financial Crimes Enforcement Network
P.O. Box 39
Vienna, VA 22183

Re:  Notice of Proposed Rulemaking: Delaying the Effective Date of the Anti-Money Laundering/Countering the Financing of Terrorism Program and Suspicious Activity Report Filing Requirements for Registered Investment Advisers and Exempt Reporting Advisers – Docket Number FINCEN-2025-0072; RIN 1506-AB58 and 1506-AB69

 

Dear Ms. Gacki:

The Investment Adviser Association (IAA)[1] appreciates the opportunity to comment on the Treasury Department’s Financial Crimes Enforcement Network’s (FinCEN’s) Proposal (NPRM)[2] to delay for two years the effective date of the IA AML Rule,[3] which was scheduled to take effect on January 1, 2026. Specifically, FinCEN has proposed to extend the effective date of the IA AML Rule until January 1, 2028.

FinCEN has also announced its intention to review the IA AML Rule to ensure that the rule is effectively tailored to the diverse business models and risk profiles of the wide range of investment adviser firms and reduce any unnecessary or duplicative regulatory burden and ensure that the rule strikes an appropriate balance between costs and benefits.[4] In addition, FinCEN has announced that it and the Securities and Exchange Commission (SEC) “intend[ ] to revisit the joint proposed rule establishing customer identification rule requirements for investment advisers,”[5] which is closely related to the IA AML Rule and implementation of which FinCEN has acknowledged should be aligned with the IA AML Rule.[6]

The IAA strongly supports a two-year extension of the effective date of the IA AML Rule. We also strongly support revisiting both the IA AML Rule and the CIP Proposal, and doing so together.

As emphasized in our comment letters on the IA AML Rule proposal and the CIP Proposal,[7] the IAA firmly supports the U.S. government’s efforts to combat money laundering and terrorist financing across all facets of the financial system. To be effective and efficient, however, these efforts must be risk-based and designed to fill identified gaps in the existing AML regulatory landscape rather than duplicating the protections that already exist. The IA AML Rule, however, is significantly broader in scope than it needs to be to achieve FinCEN’s objectives, imposing onerous requirements where AML risk is low and where any such risk is already addressed effectively under the existing AML regime.

A two-year extension will provide the agencies and stakeholders the opportunity to ensure that any AML and CIP requirements for investment advisers are appropriately tailored to reduce unnecessary or duplicative regulatory burdens while achieving the agencies’ policy goals. The extension will provide welcome appropriate clarity for advisers with respect to their compliance resources and budget planning.

With these considerations in mind, we provide responses to the three specific questions in the NPRM. We also offer some suggestions for your consideration as you look for opportunities to reduce unnecessary or duplicative regulatory burdens in a more narrowly tailored AML rule for advisers.

 

I. Responses to Requests for Comments

1. Are there material facts, data, or information that, had they been considered, would have led FinCEN to conclude that a different formulation or duration of proposed delay of the IA AML Rule effective date would better serve the public interest? What would this alternative formulation be?

We believe that the information described in the NPRM supports the proposed delay of the IA AML Rule of two years. In our view, a two-year extension is a reasonable and appropriate amount of time for FinCEN to thoughtfully and effectively reconsider the IA AML Rule to tailor it to achieve FinCEN’s objectives while reducing where possible the duplication of efforts and burdens where there is little or no corresponding benefit of a reduction in illicit finance risk.

Two years should also be an appropriate amount of time for FinCEN to consider the U.S. AML/CFT regime holistically, which we believe would help FinCEN identify where requirements call for duplication of effort or where there may be meaningful gaps in the regime and address any such gaps in a more targeted fashion.

It is also imperative for the IA AML Rule and CIP Proposal to be considered together. The IA AML Rule should not go into effect until a revisited CIP Proposal is finalized and the compliance dates of both rules should coincide so that advisers can implement their provisions in a coordinated effort.[8] Two years is a reasonable timeframe for the agencies to thoughtfully reconsider both rulemakings. Requiring compliance with an IA AML Rule before a CIP rule is finalized would defeat FinCEN’s stated objective of having advisers reasonably design and implement AML programs and impose undue and unnecessarily costly burdens on advisers. A comprehensive and effective AML program, which is based on risk assessment, cannot be fully implemented without the foundational procedures and key definitions provided by a finalized CIP rule (for example, the definitions of “customer” and “account,” which are crucial for risk assessment and transaction monitoring).

We appreciate FinCEN’s acknowledgement of these difficulties and its commitment to collaborating with the SEC to harmonize related rules and align compliance timetables,[9] a commitment we believe is further reflected in FinCEN’s announcement that it will work with the SEC to revisit the CIP Proposal.

Even if FinCEN were to decide not to revisit the IA AML Rule despite its stated intention to do so, providing a two-year runway would be necessary to allow the agencies to work together to align the IA AML Rule with any final CIP rule and provide advisers with sufficient time to implement the two rules together. This would also allow FinCEN to address the many other substantial interpretive and implementation challenges presented by the IA AML Rule well prior to the compliance date. These include, for example, that advisers: (i) will need to allocate significant time and resources to establishing an AML program even if their business and operations present little or no AML risk; (ii) do not have physical custody of client assets and do not transact in cash for clients, thus unnecessarily duplicating the efforts of the qualified custodians that hold the advisory clients’ assets; (iii) that had previously voluntarily adopted AML policies and procedures will be required to set up new systems and/or processes to track the specific requirements of the new rule (e.g., to include transaction monitoring and the filing of Suspicious Activity Reports (SARs), which are more appropriately discharged by financial institutions that are subject to the Bank Secrecy Act (BSA) and have the required systems and operations in place to perform the required monitoring and reporting); (iv) would face significant expenses if required to hire personnel or retain consulting resources to comply with any new AML compliance officer and independent testing requirements (which are overly burdensome); and (v) lack clarity on how to rely on or contractually delegate a required function to a third party, especially since most advisers lack the leverage to negotiate with service providers.

 

2. Are there any additional costs or benefits to the proposed rule that should have been considered, articulated, or quantified? Any considered, articulated, or quantified costs or benefits that should have been done so differently? By what order of magnitude would such differences be expected to change FinCEN’s conclusions?

While we do not believe it should change FinCEN’s conclusion that a two-year extension strikes an appropriate balance between costs and benefits, we disagree with the NPRM’s conclusion that the proposed delay “would not have a significant impact on a substantial number of small entities.”[10] As we have long pointed out, small advisers constitute a majority of SEC-registered investment advisers by any rational measure.[11]

The NPRM fails to appropriately measure the costs and benefits of the proposed extension on small advisers because it applies the SEC’s outdated and inaccurate definition of “small entity” for purposes of its impact analysis under the Regulatory Flexibility Act. The SEC’s current definition, based on having assets under management of less than $25 million (with a few exceptions), excludes substantially all the SEC-registered investment advisers covered by the NPRM.[12] Rather, the IAA believes that the number of employees of an adviser is a more meaningful and accurate measure for classifying advisers as small entities for purposes of the Regulatory Flexibility Act, given that implementation of regulation requires human resources and AUM does not adequately capture many small advisers or reflect the burden of regulatory compliance.

Basing the Regulatory Flexibility Act analysis on the SEC’s unrealistic definition of “small entity” would be even more problematic if FinCEN were to decide not to reconsider the IA AML Rule because the rule so disproportionately burdens small advisers. The concerns we note in response to Question 1, for instance, are significantly more acute for small advisers, whose limited resources and lack of negotiating leverage have made it exceedingly challenging to implement the new requirements under the IA AML Rule.

 

3. Are there additional regulatory alternatives that would achieve the same balance of reduced costs without forgoing the intended benefits of the IA AML Rule that FinCEN should consider implementing instead of the proposed rule? If so, please describe in as much detail as practicable both the suggested alternative and the basis for a determination that it would similarly, or more efficiently, accomplish the same regulatory objectives.

We do not believe that there are additional regulatory alternatives that would achieve the same balance of reduced costs and benefits as the proposed two-year extension. The scope of the IA AML Rule is significantly broader than needed to achieve a comprehensive AML regime for advisers in the United States. Its requirements are also duplicative of the robust efforts already undertaken by financial institutions under the BSA, imposing burdens that far outweigh any benefits. FinCEN should take the time needed to review the IA AML Rule, and together with the SEC revisit the CIP Proposal, to ensure any new requirements are effectively scoped to fill meaningful gaps in our AML regime rather than to duplicate existing efforts.

 

II. IAA Recommendations to Improve the IA AML Rule

1. Specific recommendations to narrow scope.

The BSA does not need to extend to all investment advisers with respect to all their activities to provide a comprehensive AML regime in the United States. We recommend that FinCEN carefully consider the varying types of advisers and the diversity of their advisory activities and client bases and seek to extend the BSA only where doing so would fill a meaningful identified gap in the AML regime. We offer the following specific recommendations.

a) Exclude small advisers from rule

i. FinCEN acknowledges that the IA AML Rule has a disproportionately greater operational and compliance burden on smaller advisers. It excluded: state-registered advisers; Mid-Sized Advisers (SEC advisers with between $25M and $100M in AUM); Multi-State Advisers (SEC advisers that would otherwise be required to register in 15 or more states); pension consultants; and those with zero AUM (i.e., not managing any assets at all).

ii. The logic for these exclusions was that these advisers are small, and the AML risk is low. That same logic would apply to many small advisers that remain in scope.

iii. The IAA believes that head count is the best measure of an adviser’s size since it directly relates to an adviser’s resources. As previously noted, we recommend a threshold of 100 or fewer employees, but, at a minimum, advisers with 20 or fewer employees should be excluded (for the same reasons as state, Mid-Sized, and Multi-State advisers are excluded), and we are ready to work with FinCEN as it determines an appropriate threshold.</p

b) Exclude certain clients/services from AML program requirement

i. Certain low-risk institutional clients. There are several categories of institutional clients that raise very limited AML risk. In addition to excluding these clients/services from the AML program requirement, the IAA believes advisers that serve only these types of clients should be excluded from the rule altogether. These clients include:

1) Other AML-compliant financial institutions, including banks and broker-dealers. This is consistent with the fact that the IA AML Rule currently excludes mutual fund clients because they have their own AML requirements. The same is true for banks and broker-dealers, and therefore the same reasoning should apply.

2) Retirement accounts, including multi-employer plans. The source of funds for these plans are employers and employees and the plans are regulated by the Department of Labor and the Internal Revenue Service. There are also penalties for early withdrawals from these plans.

3) Employees’ securities companies. Shares of these companies are owned by current or former employees of a company and their families.

4) Government entities (federal, state and local). These entities are subject to public accountability and transparency, and the nature of their funding sources raises limited, if any, AML risk.

5) Nonprofits. These entities operate with transparent processes for receiving and disbursing funds and operate with limited financial and staffing resources.

6) Endowments and foundations. Endowments and foundations are heavily regulated by tax authorities and various laws. Public disclosure requirements provide transparency. Most funding comes from transparent, identifiable resources.

7) Publicly-traded companies. These companies are heavily regulated and are required to provide substantial disclosure including audited financial statements.

ii. Non-management services.

1)The IA AML Rule excludes advisers that provide only non-management services but keeps those that provide both management and non-management services in scope. The non-management services and clients should not be subject to the IA AML Rule.

2) FinCEN’s concern is that activities will be rebranded as non-management to evade the rule. This would violate other rules and raise regulatory scrutiny and is therefore unlikely. FinCEN recognizes that advisers are already familiar with how to distinguish management and non-management services for purposes of Form ADV reporting so this distinction should be straightforward.

iii. Certain private fund clients. Advisers whose only clients are private funds established in an AML-compliant country (i.e., not deemed non-compliant by FATF) where subscriptions, redemptions, and due diligence on investors are performed by an administrator that is subject to AML requirements should be excluded from the scope of the rule.

iv. Situations with multiple advisers. In arrangements involving a primary adviser and another adviser, such as a sub-adviser in a wrap fee or other program, model provider, overlay manager, implementation manager, retail managed account platform, and turnkey asset management program, the primary adviser should bear AML program obligations. Other advisers involved in an arrangement should not be subject to AML Rule obligations for those arrangements, because that would be duplicative and would not provide additional protection.

2. Specific recommendations on ways to avoid duplication, ease practical burdens.

a) Exempt advisers with a low-risk client base from some required elements of an AML program. These advisers should not have to: (i) conduct independent testing because it would be unnecessary and expensive; and (ii) employ additional Client Identification Procedures and due diligence measures as and when those rules become final.

FinCEN could clarify or confirm through guidance that an adviser will be considered to have a low-risk client base if its clients are primarily individuals who the adviser reasonably believes are low risk, based on reasonable due diligence policies and procedures. Factors that an adviser could use to show that a client is low risk include clarity on the client’s background and source of wealth, the client is based in an AML-compliant country, and the client has a relatively low volume of activity, the activity is straightforward, and it is conducted through a qualified custodian with which the client has a contract. Other factors could change a client’s risk profile.

b) Eliminate contractual delegation requirement. Advisers should be able to delegate elements of the AML program to service providers based on their due diligence and policies and procedures, without the requirement to enter into a contract.

c) Clarify SAR filing obligations and allow for sharing of some confidential information. Provide additional guidance to help advisers understand when SARs must be filed, including (i) clarifying the meaning of “by, at, or through,” e.g., in circumstances where an adviser doesn’t have all information necessary to file a SAR, (ii) confirming that an adviser’s transaction monitoring obligation is satisfied if it engages in monitoring consistent with the Investment Advisers Act of 1940, fiduciary obligations, and other applicable requirements, including Regulation S-ID, and (iii) allowing advisers to work with custodians or administrators to file SARs without running afoul of confidentiality obligations.

d) Exempt advisers from recordkeeping and travel rules and 314(a) obligations. Advisers are typically not handling payments, and a custodian or other AML-compliant financial institution is already subject to recordkeeping, travel rules, and 314(a) obligations. Exempting advisers from these requirements would not create a gap in the system. Requirements to collect and retain sensitive client information also raise significant privacy and cybersecurity concerns. Imposing these requirements on investment advisers creates little marginal AML/CFT benefit but creates significant burdens on advisers and creates privacy risks and duplication of efforts.

* * *

We look forward to continuing our constructive engagement with FinCEN during the delay period and beyond. Please do not hesitate to contact us if we can provide any additional information.

Respectfully,

Gail C. Bernstein
General Counsel and Head of Public Policy

Tracy M. Soehle
Associate General Counsel

 

cc:
The Honorable John Hurley, Undersecretary for Terrorism and Financial Intelligence and Head of Strategic Illicit Finance Initiatives, Department of the Treasury
The Honorable Paul S. Atkins, Chairman, SEC
The Honorable Hester M. Peirce, Commissioner, SEC
The Honorable Caroline A. Crenshaw, Commissioner, SEC
The Honorable Mark T. Uyeda, Commissioner, SEC
Brian Daly, Director, Division of Investment Management, SEC
Sarah ten Siethoff, Associate Director, Division of Investment Management, SEC

 

[1] The IAA is the leading organization dedicated to advancing the interests of fiduciary investment advisers. For more than 85 years, the IAA has been advocating for advisers before Congress and U.S. and global regulators, promoting best practices and providing education and resources to empower advisers to effectively serve their clients, the capital markets, and the U.S. economy. Our members range from global asset managers to the medium- and small-sized firms that make up the majority of our industry. Together, the IAA’s member firms manage more than $35 trillion in assets for a wide variety of individual and institutional clients, including pension plans, trusts, mutual funds, private funds, endowments, foundations, and corporations. For more information, please visit www.investmentadviser.org.

[2] FinCEN: Delaying the Effective Date of the Anti-Money Laundering/Countering the Financing of Terrorism Program and Suspicious Activity Report Filing Requirements for Registered Investment Advisers and Exempt Reporting Advisers, FINCEN-2025-0072 and RIN 1506-AB58 and 1506-AB69 (Sept. 22, 2025), available at https://www.govinfo.gov/content/pkg/FR-2025-09-22/pdf/2025-18271.pdf.

[3] FinCEN: Anti-Money Laundering/Countering the Financing of Terrorism Program and Suspicious Activity Report Filing Requirements for Registered Investment Advisers and Exempt Reporting Advisers, 89 Fed. Reg. 72156 (Sept. 4, 2024), available at https://www.govinfo.gov/content/pkg/FR-2024-09-04/pdf/2024-19260.pdf (IA AML Rule).

[4] See NPRM, 90 Fed. Reg. at 45361.

[5] See Treasury Announces Postponement and Reopening of Investment Adviser Rule | U.S. Department of the Treasury; see FinCEN and SEC: Customer Identification Programs for Registered Investment Advisers and Exempt Reporting Advisers, 89 Fed. Reg. 44571 (May 21, 2024), available at https://www.govinfo.gov/content/pkg/FR-2024-05-21/pdf/2024-10738.pdf (CIP Proposal).

[6] “Regarding CIP … FinCEN and the SEC intend to align the compliance dates for both AML/CFT Program and SAR Rule as well as a potential final CIP rule.” See IA AML Rule Release, 89 Fed. Reg. at 72208.

[7] See IAA comments on IA AML Rule proposal (Apr. 15, 2024), available at https://www.investmentadviser.org/wp-content/uploads/2024/04/Investment-Adviser-Association-AML-for-Advisers-Letter.pdf?t=6618369214292. See also IAA comments on CIP Proposal for advisers (July 22, 2024), available at https://www.investmentadviser.org/wp-content/uploads/2024/07/Investment-Adviser-Association-CIP-for-Advisers-Letter-Final.pdf?t=669e5969baf98. See also IAA Concerns Regarding New AML and CIP Rules for Investment Advisers (Jan. 31, 2025), available at IAA-Letter-to-TreasFinCEN-Director-Andrea-Gacki-Final.pdf.

[8] A two-year delay would also provide more time for the courts to provide greater clarity on the Corporate Transparency Act, which also ties in to the AML/CFT regime.

[9] “FinCEN recognizes and has considered the potential challenges that may arise with multiple rulemaking processes that could affect investment advisers’ AML/CFT requirements. As such, FinCEN intends to carefully coordinate on these rulemakings to ensure consistency in how investment advisers, as well as other financial institutions, are treated under these rules. Regarding CIP, as noted above, FinCEN and the SEC intend to align the compliance dates for both AML/CFT Program and SAR Rule as well as a potential final CIP rule.” IA AML Rule Release, 89 Fed. Reg. at 72208.

[10] NPRM, 90 Fed. Reg. at 45364.

[11] See, e.g., IAA Petition for Rulemaking to Amend the Definition of “Small Entity” in Rule 0-7 under the Investment Advisers Act of 1940 for Purposes of the Regulatory Flexibility Act (Sept. 14, 2023). According to the IAA’s most recent report on the investment adviser industry – Investment Adviser Industry Snapshot 2025 – 92.7% of SEC-registered advisers reported having 100 or fewer non-clerical employees, which in our view is an appropriate measure for purposes of the Regulatory Flexibility Act analysis. The median number of employees was 8, and the median assets under management were $427.1 million. 68.5% of advisers have less than $1 billion in AUM.

[12] We note that the SEC has added “Updates to ‘Small Entity’ Definitions for Purposes of the Regulatory Flexibility Act” to its Spring 2025 regulatory agenda.

[13] We note that FinCEN recently published guidance for financial institutions on SAR filings. The FAQs clarify regulatory requirements relating to structuring SARs, continuing activity reviews, and a financial institution’s decision not to file a SAR.

Tags: AML, FinCEN, Treasury Department

You are now leaving Investment Adviser Association

The IAA provides links to web sites of other organizations in order to provide visitors with certain information. A link does not constitute an endorsement of content, viewpoint, policies, products or services of that web site. Once you link to another web site not maintained by the IAA, you are subject to the terms and conditions of that web site, including but not limited to its privacy policy.

You will be redirected to

Click the link above to continue or CANCEL

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.