Over $5.5 trillion of assets under management (AUM) by U.S. investment advisors is exempt from customer identification program (CIP) obligations, customer due diligence (CDD) requirements, and the filing of suspicious activity reports (SARs), which are essential aspects of the federal defense mechanism against criminal and terrorist organizations. Why is this so? Because the U.S. money laundering detection laws, which are found within the Bank Secrecy Act (BSA), apply to financial institutions and investment advisors, they are not within the scope of that term.

Investment advisors come in different shapes and sizes, thus with varying profiles of risk based on size of AUM, the type of clients, and the type of investments. Some investment advisors are departments of large financial institutions, and as such are within the BSA’s scope. Some are broker-dealers registered with FINRA, and FINRA has robust BSA-aligned rules that it can actually enforce. Some are pension investment advisors – subject to ERISA and IRS rules. Some are family office investment advisors. Investment advisors with $100 million or more in AUM generally must register with the SEC, and the SEC has BSA-aligned rules but not really enforcement power. The SEC and FINRA are both responsible for regulating to protect investors. Thus, there is some trade-off of resource time between enforcing AML reporting rules versus ‘checking the books’ and investment marketing.

However, about 23,000 investment advisors are ‘Exempt Reporting Advisers’ (ERAs). State-registered investment advisers are generally prohibited from registering with the SEC because they do not exceed the $100 million threshold. Thus, these investment advisors are registered and supervised by one of the fifty States’ relevant authority. And not within scope of the BSA record keeping and SAR reporting rules By the end of 2022, 17,063 State-registered investment advisers reported approximately $420 billion in AUM. But $5.2 trillion is managed by 5,846 ERAs who are statutorily exempt from registering with the SEC because the ERA: (1) is an adviser solely to one or more venture capital funds; or (2) is an adviser solely to one or more private funds and has less than $150 million AUM in the United States. Private funds, including private hedge funds, private equity funds, and venture capital funds, among others, do not register with the SEC. 

FinCEN analyzed 12,000 SARs filed over a seven-year period by financial institutions within scope of the BSA reporting rule. FinCEN found that just over 15 percent of registered investment advisors (RIAs) and ERAs were associated with or referenced in at least one SAR filed between 2013 and 2021. Investment advisers were identified either as the subject of the SAR or in the narrative section of the SAR about the suspicious financial activity. Certain investment advisers were found to manage billions of dollars ultimately controlled by U.S.-sanctioned entities and persons.

The U.S. Treasury Department’s FinCEN (the Financial Crimes Enforcement Network) crafted a proposed rule to bring most, but not all, investment advisors as of January 1, 2026, within the scope of the BSA by categorizing them as financial institutions. Industry responded. FinCEN reconsidered its position and issued a revised final rule (link is here) in December 2024, explaining why it chose to disregard specific comments. Investment advisors were generally unhappy with any rule, as rules often incur compliance costs. Smaller investment advisors, though with fewer clients to comply about, still, it’s a burden in time and costs. Anyway, that rule was the last administration’s FinCEN.

This administration’s FinCEN renounced the rule (see link) on July 21, 2025. Why? One size doesn’t fit all. FinCEN now stated that any rule would need to be effectively tailored to the diverse business models and risk profiles of the investment adviser sector. FinCEN also said it intends to walk back its proposed rule requiring each investment advisor to maintain a customer identification program (a ‘know your client’ or ‘KYC’ rule). See Customer Identification Programs for Registered Investment Advisers and Exempt Reporting Advisers.

Is bringing investment advisors with the scope of ‘know your client’ rules and requirements to file a suspicious activities report too much or much needed?

Let me walk through a scenario and provide some thoughts. A client indeed undertakes due diligence of the investment advisor before wiring, say $20 million, into the investment advisor’s fund account. Is my investment safe? What is the investment return history? Will the advisor look the other way and not ask (many) questions about where my money and wealth originate? This last question, of course, is FinCEN’s concern.

Does the investment advisor know the client? Typically, yes, when it is an individual. After all, the advisor wants to establish a comprehensive investment strategy and foster a good client relationship to sustain business and generate new investor leads. Or the investment advisor has targeted an investor for a private equity fund, and the investment requires a significant amount of legal work and confidence-building in the investment advisor. But then I recall my binge weekend of watching Breaking Bad.

Walter White, a middle-aged high school chemistry teacher, earned $100 million or more during the five seasons. He should have retired after he clearly had ‘enough’ ($20 million?) and let the investment industry invest his wealth for his family to live on after the cancer took him (wouldn’t have made for a really engrossing series if he didn’t spiral out of control though and go out in a Butch Cassidy blaze of glory). In the Ozark version of Breaking Bad, Walter White contacts an investment advisory firm and lives off the investment returns from his $20 million meth earnings for the next 10 years – then passes the estate to his wife.

Does the investment advisor find Walter White’s story of a dead uncle in Scotland who left him $20 million a bit suspicious? Even if so, is that investment advisor going to kibosh $20 million of new business by asking to see the estate letters and other due diligence when not required? And what to do with the suspicion because the investment advisor is not registered with FinCEN to report SARs? On the other hand, should not the investment advisor be able to rely on the larger financial institutions in the system to ask these questions, gather the necessary documentation, and file the SARs when required? For the investment advisor to receive a $20 million wire, a financial institution had to first onboard Walter White and receive $20 million in deposits. Would not FinCEN’s rule be an unnecessary, costly regulatory overlap?

Walter White, the chemistry teacher, does not have $20 million in the following scenario. Instead, he introduces his lawyer, Saul Goodman, to an investment advisor, who represents a Delaware LLC that has $20 million to invest (whose shareholders are two Panamanian foundations). Saul tells the curious advisor that the money, sitting in an account of a large financial institution, originated from a wealthy but very private Hong Kong family with real estate investments. But it didn’t. It’s Walter’s meth earnings. How did it end up in the large financial institution? Spend a weekend bingeing Ozark to watch its laundering operation. Same question as before: should the advisor be able to rely on that large financial institution regarding the origin of the $20 million?

The soon-to-be-revised or buried FinCEN rule would have required most investment advisors to file a Currency Transaction Report (CTR) for transactions involving a transfer of more than $10,000 in currency by, through, or to the investment adviser. Investment advisors already have to file a CTR if a client brings in $10,000 or more of cash, so from FinCENs perspective, what’s a few more filings? From an investment advisor’s perspective, how many is a few? And how does providing this data to FinCEN help fight crime?

I’m of the (perhaps naive) belief that most financial advisors do not want to facilitate investment of criminals’ proceeds. How would my ethical investment advisor even inform law enforcement if, for example, a Walter White becomes a client with a mere $500,000, but then his dead uncle gifts him $20 million? Then he introduces a friend who also inherited $20 million from a dead uncle. A BSA exempt investment advisor is prevented from participating in law enforcement information sharing programs and thus cannot provide helpful information on suspected illicit finance activity to law enforcement or to other financial institutions. Moreover, attempting to do so exposes the investment advisor to civil liability for violating the client’s right to privacy. The BSA affords protection from civil liability (a safe harbor) to a financial institution that files an SAR about a client or potential client. Even though an investment adviser could, in theory, file a voluntary SAR to FinCEN, without this BSA safe harbor, the civil liability legal risk from customers or other counterparties would weigh against it.

If I am correct that most financial advisors want to be part of the ‘good guys’, then FinCEN needs to convene investment advisor workgroups based on their shapes and sizes and ask them how to best achieve the mutual goal of a lowest-cost, liability-risk-free process, for investment advisor SAR reporting. If I am wrong, then it will take a lot of enforcement resources to compel investment advisors to ‘do the right thing,’ when the right thing may not even be fit for its purpose.

I am confident that this topic warrants a scholarly paper. But it’s time for me to get back to updating and revising my Think Advisor/Tax Facts books for financial advisors for the 600+ pages of OBBBA tax changes. Meanwhile, let me know your thoughts: Is bringing investment advisors with the scope of ‘know your client’ rules and requirements to file a suspicious activities report too much or much needed?