Historically, RIAs and ERAs were not classified as “financial institutions” under the BSA and thus were not subject to its AML obligations. While some firms voluntarily adopted AML measures, there was no uniform regulatory requirement, leading to inconsistencies in AML practices across the investment advisory industry.

The urgency of this regulatory shift stems from FinCEN’s identification of significant vulnerabilities within the investment advisory sector. The lack of standardized AML controls has made it easier for illicit actors to exploit these firms to launder money or finance terrorism. By bringing RIAs and ERAs under the BSA’s purview, FinCEN aims to close these gaps and enhance the integrity of the U.S. financial system.

With the compliance deadline set for January 1, 2026, RIAs and ERAs have a limited window to assess their current compliance frameworks, identify gaps, and implement the necessary AML/CFT programs. This paper outlines the regulatory background, implications of the final rule, and practical steps firms can take to transition effectively

Background: Who Are RIAs and ERAs?

Registered Investment Advisers (RIAs) are individuals or firms that are registered with the Securities and Exchange Commission (SEC) or state regulators to provide professional investment advice to clients. Their client base typically includes high-net-worth individuals, institutional investors, pension funds, and endowments. These firms operate under a fiduciary duty, meaning they are legally obligated to act in the best interest of their clients.
Exempt Reporting Advisers (ERAs), on the other hand, are advisers that are not required to register fully with the SEC due to the nature of their clientele and investment vehicles but must still report certain information to the SEC. ERAs generally advise private funds and venture capital firms, serving accredited investors and sophisticated market participants.

Current Regulatory Landscape

Currently, RIAs and ERAs are not subject to the Bank Secrecy Act (BSA) or its AML obligations. Their compliance frameworks have focused on fiduciary responsibilities and disclosure requirements rather than the detection of financial crimes. This regulatory gap has led to vulnerabilities in identifying and reporting suspicious transactions. While other financial institutions have developed robust AML programs, RIAs and ERAs may operate without comparable controls, leaving the sector exposed to potential abuse by illicit actors.

FinCEN’s Proposed Rule: Key Highlights

The proposed rule by FinCEN introduces several critical changes to how RIAs and ERAs must operate. First, it extends the BSA requirements to cover both RIAs and ERAs, effectively bringing them into alignment with banks and broker-dealers under federal AML obligations. Under the rule, firms must develop and maintain risk-based AML/CFT programs that are tailored to their size, structure, and client base. This includes both firms and individuals operating as RIAs or ERAs who are engaged in investment advisory services. Whether structured as entities or sole practitioners, all advisers falling within the scope of the rule will be required to comply.

The rule sets forth several specific compliance requirements that RIAs and ERAs must meet by January 1, 2026:

• Develop and implement a risk-based AML/CFT program that aligns with the firm’s size, structure, client base, and services.
• File Suspicious Activity Reports (SARs) for relevant transactions identified on or after the compliance date.
• Comply with the BSA’s Recordkeeping and Travel Rules¹, which require retention and transmission of key information (e.g., originator and beneficiary details) for qualifying fund transfers.
• Appoint an AML Compliance Officer responsible for overseeing the development, implementation, and maintenance of the AML program.
• Conduct independent testing of the AML program to evaluate effectiveness and adherence to regulatory expectations.
• Provide regular AML training to relevant employees to ensure they understand their roles, obligations, and procedures for identifying and reporting suspicious activity.

Industry Scope and Impact

As of 2024, the U.S. investment advisory industry continues to play a pivotal role in the financial ecosystem. According to the Securities and Exchange Commission (SEC), there are 15,441 SEC-registered investment advisers managing approximately $128.8 trillion in regulatory assets under management (RAUM), marking a 10.4% year-over-year increase. This growth underscores the industry’s expanding influence and the increasing reliance of clients on professional investment advice.
The proposed FinCEN rule extending AML requirements to RIAs and ERAs will have a far-reaching impact across this expansive industry. Firms of all sizes will need to develop and implement comprehensive AML compliance programs. The scale of the industry, combined with its growth, underscores the importance of timely and effective adoption of these regulatory changes to safeguard the financial system against illicit activities.

Risks and Compliance Challenges

Failure to comply with the proposed AML requirements poses substantial risks. Under the Bank Secrecy Act (BSA), firms may face civil penalties for non-compliance. Specifically, any person who fails to comply with the registration requirements may be liable for a civil penalty of up to $5,000 for each violation. Each day a violation continues is considered a separate violation. Additionally, the Secretary of the Treasury may bring civil action to anyone engaging in the violation. As a result, the reputational damage resulting from enforcement actions could undermine client trust and long-term viability.​
Many RIAs and ERAs may not have the systems, personnel, or expertise to build effective AML programs from the ground up. They may also be faced with the challenge of educating employees on how to detect and escalate suspicious activity. Finally, the first step toward compliance, conducting a risk assessment, can be complex for firms that have never analyzed their exposure to money laundering threats.

Strategic Actions for Compliance

To meet the expectations outlined in the proposed rule, RIAs and ERAs may consider taking a number of strategic steps. First, firms should conduct a formal risk assessment to identify their specific AML exposure based on the types of clients they serve, the investment strategies they employ, and their transaction volumes. Next, they should develop comprehensive AML/CFT policies and procedures that reflect the findings of this risk assessment.
Appointing an AML Compliance Officer is essential to ensure day-to-day oversight and long-term accountability. Firms should also work to embed AML processes into their broader compliance programs so that efforts are streamlined and consistent. Regular training for employees and
periodic independent audits are also key components of a successful AML program and are explicitly required by the new rule.

How Matrix Can Support AML Readiness

Matrix is uniquely positioned to help RIAs and ERAs prepare for FinCEN’s expanded AML requirements. As firms face the challenge of building AML/CFT programs from the ground up, Matrix offers specialized support that spans strategy, implementation, and ongoing compliance.
Our team begins by conducting comprehensive AML risk assessments to help firms understand their exposure based on client profiles, transaction volumes, and investment strategies. We then work closely with stakeholders to develop tailored policies and procedures that meet regulatory expectations while fitting seamlessly into existing operations.
Matrix also supports the implementation of practical AML programs by embedding the necessary controls, workflows, and documentation. We help firms establish internal processes for identifying red flags and filing Suspicious Activity Reports (SARs) and offer guidance on meeting ongoing recordkeeping and reporting requirements.
An additional part of our approach may include system implementation and optimization. Matrix helps firms evaluate and deploy AML technology platforms to support case management, transaction monitoring, and SAR filing. We bring experience integrating tools that automate investigative workflows, flag high-risk activity, and ensure audit-ready documentation across your compliance ecosystem.
To support ongoing compliance, Matrix conducts independent testing and program reviews that provide clear, objective insights and practical recommendations for improvement. We also design and deliver customized AML training programs tailored to each firm’s structure and employee roles, ensuring teams are equipped with the knowledge and confidence to fulfill their responsibilities effectively.
With deep regulatory expertise and a practical, hands-on approach, Matrix serves as a strategic partner in helping investment advisers meet FinCEN’s new standards with confidence and efficiency.

Conclusion

FinCEN’s proposed rule marks a pivotal shift in the regulatory landscape for RIAs and ERAs. While the compliance requirements may be new for many firms, proactive planning and expert support can ensure a smooth transition. Firms that move quickly to align with the rule will be
better positioned to safeguard their clients and reputations in an increasingly risk-sensitive financial environment.