For RIAs and others trying to make sense of new US anti-money laundering rules, this publication spells out the main points of legislation, how the rules work and what managers must do.

The following details are part of a series of stories we are publishing to illustrate what the US wealth management sector is doing to prepare for new anti-money laundering rules that take effect from the start of 2026. To see previous articles, click here and here. We hope readers find this information useful; for any feedback, email the editor at tom.burroughes@wealthbriefing.com

Requirements of the Final Rule from the US Treasury Department  Financial Crimes Enforcement Network (FinCEN) 

The rule requires RIAs to: 
-- Implement a risk-based and reasonably designed Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT program;
-- File certain reports, such as Suspicious Activity Reports (SARs), with FinCEN; 
-- Keep certain records, such as those relating to the transmittal of funds (i.e. comply with the Recordkeeping and Travel Rules); and
-- Fulfill certain other obligations applicable to financial institutions subject to the Bank Secrecy Act and FinCEN’s implementing regulations, such as special information sharing procedures.

Basic tenets of an AML compliance program from FINRA
Firms must comply with the Bank Secrecy Act and its implementing regulations ("AML rules"). The purpose of the AML rules is to help detect and report suspicious activity including the predicate offenses to money laundering and terrorist financing, such as securities fraud and market manipulation.

FINRA reviews a firm’s compliance with AML rules under FINRA Rule 3310, which sets forth minimum standards for a firm’s written AML compliance program.

1.    The program must be approved in writing by a senior manager.
2.    It must be reasonably designed to ensure the firm detects and reports suspicious activity.
3.    It must be reasonably designed to achieve compliance with the AML rules, including, among others, having a risk-based customer identification program (CIP) that enables the firm to form a reasonable belief that it knows the true identity of its customers.
4.    It must be independently tested to ensure proper implementation of the program.
5.    Each FINRA member firm must submit contact information for its AML compliance officer through the FINRA Contact System (FCS).
6.    Ongoing training must be provided to appropriate personnel.
7.    The program must include appropriate risk-based procedures for conducting ongoing customer due diligence, including (i) understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and, (ii) conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information, including information regarding the beneficial owners of legal entity customers.

Next step recommendations
Debevoise & Plimpton law firm
“New Anti-Money Laundering Requirements For Investment Advisors”

-- Review the Final Rule for gaps in current AML/CFT programs or processes.
-- Assess the scope of the firm’s advisory activities and customers that will be subject to the Final Rule;
-- Update AML/CFT programs, policies, procedures and controls to comply with the Final Rule as necessary, including refreshing or documenting any risk-based AML/CFT approaches or determinations, in preparation for heightened regulatory scrutiny and examinations;
-- Consider whether changes to investor onboarding documentation or processes may be necessary;
-- Review and amend AML/CFT delegation arrangements with custodians, broker-dealers, fund administrators or other service providers to determine the appropriate scope of AML/CFT responsibilities to be delegated and provide for appropriate oversight measures;
-- Ensure appropriate AML/CFT staffing, technology, resources, training and oversight are in place by the effective date, as well as a process for periodic independent testing; and
-- Inform appropriate stakeholders of the new AML/CFT obligations and additional compliance measures to be implemented.

Morgan Lewis law firm
“Deciphering FinCEN’s New Anti-Money Laundering Rules for Advisers”

-- Identify exposure to AML risks; take inventory of current AML capabilities, if any;  
-- To the extent that covered RIAs already have an AML/CFT infrastructure and program in place, they should consider closely analyzing their programs to ensure that they are consistent with and meet the requirements of the Final Rule; 
-- Sort out which customers/entities are already subject to AML programs (e.g. broker-dealers) and which are not (e.g. holding companies in a private fund structure); 
-- For advisors with offshore operations, consider which parts of their business are subject to the Final Rule. Advisors with their primary place of business outside of the US should assess their US touchpoints/offices to determine whether the Final Rule applies. They should also assess whether they have US investors in their foreign-located private funds;  
-- Build AML/CFT infrastructures, including by developing tailored AML/CFT programs that account for the risks associated with their specific business and clients. Covered RIAs may want to consider beginning to onboard professionals with AML/CFT experience; 
-- Search for outsourced solutions, including changes to fund subscription documents and other enhanced diligencing of investors/clients; 
-- Considering how the Final Rule could impact how private fund investors, perform due diligence and the information they request from private fund advisors; 
-- Establish an approach for SAR filing; and 
-- Develop procedures for the upkeep/maintenance of the AML/CFT program, such as ongoing monitoring of compliance with the program and training of firm personnel.

If you have questions about these articles and want to respond, email the editor at tom.burroughes@wealthbriefing.com