FinCEN and the SEC Propose Customer Identification Programs for Advisers


Ginny Voos

Publish Date


Compliance Alert

  • AML and Financial Crime
  • SEC

In February, the Financial Crimes Enforcement Network (FinCEN) and the U.S. Securities and Exchange Commission (SEC) jointly issued a proposed rule that would require registered investment advisers (RIAs) and exempt reporting advisers (ERAs) to implement Customer Identification Programs (CIP). If adopted, the February proposal would include RIAs and ERAs in the Bank Secrecy Act’s definition of “financial institution,” subjecting them to customer identity verification requirements that are consistent with requirements currently imposed on broker-dealers and mutual funds.

On May 13, FinCEN and the SEC issued a companion proposal detailing the requirements for those customer identification programs.

CIP requirements for investment advisers

An essential component of anti-money laundering (AML) programs, CIPs seek to prevent illicit actors from using financial institutions as an entry point to the U.S. financial system. The proposed rule would require RIAs and ERAs to establish, document, and maintain risk-based CIPs that are appropriate for their size and business activities.

Required customer information

The proposed rule would require advisers opening a new client account to obtain, at a minimum, the client’s name, address, date of birth or formation, and identification number. In the case of non-U.S. entities that do not have an identification number, advisers would be obligated to obtain alternative government-issued documentation. This requirement information is different from current CIP requirements for mutual funds and broker-dealers to account for changes in how institutions are now verifying identities of non-U.S. entities.

The requirement for the adviser to gather customer information would be subject to two proposed exceptions.

First, verification procedures would not be required for an existing client opening a new account if the previous verification did not uncover any risks.

Second, advisers may rely on other entities that meet the Bank Secrecy Act (BSA) definition of “financial institution” to confirm the identities of their customers (U.S. brokers and custodians), provided that:

  • Such reliance is reasonable under the circumstances
  • The service provider is required to establish customer identification procedures under the BSA and is regulated by a federal functional regulator
  • The service provider contracts in writing with the adviser to certify annually that it has implemented its AML program and that it will perform the adviser’s responsibilities under the adviser’s CIP

The SEC and FinCEN are careful to note, however, that the adviser would remain responsible for ensuring compliance with the rule.

Verification requirements

Under the proposed rule, advisers would be required to verify the accuracy of the client’s information within a “reasonable time.” (The proposal floats verification within 30 days of account opening as a possibility for a reasonable time).

The proposed rule also specifies verification methods. Advisers would be required to:

  • Consult documents, such as unexpired government-issued identification cards for individuals, or certified articles of incorporation, government-issued business licenses, or other organizational documents for businesses.
  • Use non-documentary methods, such as criminal and credit checks through third-party resources, reference checks, and adverse media searches, to verify the client’s identity. (Notably, the SEC and FinCEN are encouraging (but not requiring) advisers to use documentary and non-documentary methods due to recent increases in identify theft).
  • Compare the information they gather about the identities of their clients with lists of known or suspected terrorists or terrorist organizations such as OFAC and future government lists designated by the Treasury in coordination with the Federal Government. Compare the information they gather about the identities of their clients with lists of known or suspected terrorists or terrorist organizations such as OFAC and future government lists designated by the Treasury in coordination with the Federal Government.

Policy and procedure requirements

The proposed rule would require advisers to implement procedures that describe when an adviser should not open an account or when an adviser should close an existing account after attempts to verify a customer’s identity have failed and establish the circumstances in which a suspicious activity report (SAR) should be filed.

Regardless of whether a client passes the CIP verification process, advisers would be required to retain records of the information gathered, as well as descriptions of verification methods used for five years after the account is closed or the record is made.

Closing a money laundering gap in the U.S. financial system

At the May, 2024 SIFMA AML Conference introducing the CIP proposal, FinCEN Director Andrea Gacki reported that the investment adviser sector is a key entry point into the U.S. financial system, facilitating the investment of tens of trillions of dollars, yet it lacks the comprehensive AML/countering the financing of terrorism (CFT) controls required in other parts of the U.S. financial system. She cited the Treasury Risk Assessment published in February 2024 which reported that gaps in the AML/CFT controls of investment advisers have allowed bad actors to invest the proceeds of crime and terrorist funding in the U.S. financial system and that state actors, including China and Russia, are using U.S. venture capital firms to gain access to emerging technologies and services with implications for U.S. national security. Not incidentally, the joint CIP proposals would help conform U.S. regulation to international standards and respond to deficiencies in U.S. regulation cited by the Financial Action Task Force (FATF).

In his remarks at the SEC’s May 13, 2024 meeting approving the CIP proposal, SEC Chairman Gary Gensler echoed the FinCEN director, stating “I support this rule because it could reduce the risk of terrorists and other criminals accessing U.S. financial markets to launder money, finance terrorism, or move funds for other illicit purposes.”

The SEC’s 60-day comment period began once the proposal was published in the Federal Register on May 21, 2024.

Our guidance

The proposal presents the new requirements as likely to be minimally burdensome because many advisers have already adopted procedures to vet their customers for anti-money laundering purposes. To test that assumption, advisers may wish to estimate the additional costs they would incur to comply with the proposal and share that information either with the Commission in the form of a comment on the proposal or with the trade association that represents them to the Commission.

How we help

ACA’s AML and Financial Crimes practice offers advisory services and solutions to assist financial services firms in addressing threats and regulatory obligations associated with financial crime. We work with investment advisers to assess risk, develop policies and procedures, and perform independent tests and gap analyses.

Our support can incorporate our ComplianceAlpha® regulatory technology and managed services to help your firm meet its data screening, ongoing monitoring, remediation and reporting needs.

Reach out to your ACA consultant, or contact us to find out how ACA can help you meet your AML requirements. 

Contact Us