FinCEN’s Final AML Rule for Investment Advisers: Key Updates and Compliance Implications

In August 2024, the U.S. Financial Crimes Enforcement Network (FinCEN) issued a Final Rule imposing Bank Secrecy Act (BSA) anti-money laundering and countering the financing of terrorism (AML/CFT) requirements on investment advisers for the first time. This long-anticipated rule brings certain SEC-registered investment advisers (RIAs) and exempt reporting advisers (ERAs) into the definition of “financial institution” under the BSA and mandates that they establish AML programs, report suspicious activities, and adhere to recordkeeping rules by the compliance deadline of January 1, 2026. The rule closes a significant regulatory gap – previously, most investment advisers had no direct AML program obligations – and aligns U.S. practices with global standards by addressing a weakness identified by the Financial Action Task Force (FATF) in the U.S. framework. This article provides a comprehensive update on the Final Rule’s latest developments (including important clarifications since its adoption), expert commentary from regulators and industry leaders, and strategic guidance to help RIAs position themselves for compliance and financial crime prevention success.

The August 28, 2024 Final Rule: Overview and Recent Updates

Summary of Requirements: FinCEN’s Final Rule requires “covered” investment advisers (generally, SEC-registered RIAs and certain ERAs) to implement risk-based AML/CFT compliance programs, file Suspicious Activity Reports (SARs), and comply with funds transfer recordkeeping and Travel Rule obligations, among other BSA duties. In practice, this means an adviser must have written AML policies, a designated compliance officer, ongoing staff training, independent program testing, and procedures for customer due diligence (CDD) and ongoing monitoring. Advisers must also report any suspicious transactions of $5,000 or more to FinCEN via SAR, and file Currency Transaction Reports (CTRs) for cash transactions over $10,000. FinCEN extended the compliance deadline to January 2026 to give firms time to prepare, and explicitly delegated examination authority to the SEC to oversee adherence, leveraging the SEC’s expertise in supervising broker-dealers and funds for BSA compliance. Notably, FinCEN has made a few key revisions and clarifications in the Final Rule (compared to its earlier proposal) that industry stakeholders should understand:

• Removal of the U.S. Personnel Requirement: In a significant change, the Final Rule no longer requires that AML program responsibilities be carried out solely by personnel located in the United States. FinCEN dropped the proposed “duty provision” that would have mandated U.S.-based staff perform and oversee the AML program. This update recognizes the global nature of many advisory firms – non-U.S. offices or service providers can now handle aspects of AML compliance – but with a crucial caveat: the adviser remains fully responsible for the program and must ensure that regulators can access all records and information regardless of where compliance tasks are performed. FinCEN explicitly permits delegation of AML duties to foreign affiliates or third-party providers (e.g. overseas fund administrators), so long as there are risk-based oversight controls and contractual arrangements in place to guarantee compliance and regulator access. Removing the U.S.-personnel restriction gives large international advisers flexibility to leverage global compliance teams, while still holding the U.S.-regulated entity accountable for meeting BSA obligations.
• Clarification of Travel Rule Obligations: The “Travel Rule” – which requires transmitting financial institutions to include certain originator and beneficiary information with fund transfers ≥ $3,000 – will technically apply to covered investment advisers, but FinCEN clarified how it works in common RIA scenarios. The Final Rule adds investment advisers to the list of financial institutions subject to the BSA’s funds transfer recordkeeping and Travel Rule requirements, treating advisers similar to banks and broker-dealers. In practice, however, many RIAs use qualified custodians (such as banks or broker-dealers) to actually hold and move client assets. FinCEN has confirmed that if an RIA simply instructs a qualified custodian to execute a wire or funds transfer on behalf of a client, the RIA “generally” will not be required to independently comply with the Travel Rule for that transfer. The custodian – already subject to BSA obligations – would handle the required recordkeeping and information transmittal. This scenario is expected to cover a large portion of retail investment adviser transactions. By contrast, if an adviser has authority and discretion over client funds (as is common with private fund managers) and initiates transfers itself, then the adviser is considered the transmitting institution and must comply with the Travel Rule (i.e. collect and send required identifying information with the payment). In short, FinCEN’s guidance narrows when an RIA must perform Travel Rule duties – many will rely on their custodial banks for compliance – but advisers cannot ignore this requirement entirely. Every covered adviser should assess its role in fund transfers to determine if and when it falls under the Travel Rule and ensure procedures are in place to gather and transmit required information for qualifying transfers. Additionally, advisers are now explicitly responsible for retaining records of transmittal orders and related messages, even if exempt from including information because the transfer is between two BSA-regulated institutions.
• Technical Corrections: After publishing the Final Rule, FinCEN issued technical corrections in the Federal Register to fix minor errors in the regulatory text (such as cross-references and drafting nuances). These adjustments, published in late 2024, did not change the substance of the rule but clarified the text for accuracy. Compliance teams should ensure they are referencing the corrected final rule language as consolidated in the Code of Federal Regulations. FinCEN’s prompt corrections underscore the complexity of the new regulations and the importance of reading the official final text closely.

By addressing public comments and refining the rule in these ways, FinCEN aimed to balance burden and benefit – focusing the AML mandate on higher-risk adviser activities while giving firms practical flexibility in implementation. As a result, the Final Rule targets the investment advisory sector’s vulnerabilities (such as private funds being used to launder money) without unnecessarily hampering low-risk activities or small advisers.

Scope of Coverage: Which Advisers Are (and Aren’t) Covered

Covered Advisers: The rule applies to SEC-registered investment advisers as well as Exempt Reporting Advisers (ERAs) who file reports with the SEC under the private fund adviser exemptions (Sections 203(l) or 203(m) of the Advisers Act). In FinCEN’s view, including ERAs closes a potential loophole – otherwise, illicit actors could simply route funds through an adviser claiming ERA status to avoid AML scrutiny. Thus, both full registrants and most ERAs are considered “investment advisers” under the BSA and must comply, unless specifically exempted.

Exemptions: To address concerns about regulatory burden on smaller entities, FinCEN carved out several categories of advisers from the definition of “covered investment adviser.” Advisers that register with the SEC only because they fall into certain categories are not covered by this rule. These exempted categories include:

• Mid-sized advisers (those with $25–100 million AUM who are permitted to SEC-register in lieu of state registration).
• Multi-State advisers (advisers required to register in 15+ states, allowed to SEC-register).
• Pension consultants that only register due to advising on large plans.
• Advisers that report zero assets under management on Form ADV (e.g. certain financial planners or newsletter publishers with no discretionary assets).
• Additionally, FinCEN confirmed that state-registered investment advisers are not covered, nor are advisers that qualify as “foreign private advisers” exempt from SEC registration, or family offices. These types of firms either fall under other regulatory regimes or pose different risk profiles, so they remain outside FinCEN’s AML rule scope.

Foreign Located Advisers: Importantly, non-U.S. investment advisers that are required to register with the SEC (or file as an ERA) are considered covered “investment advisers” – FinCEN did not exempt foreign-based firms outright. However, the rule limits its application to such a foreign adviser’s U.S.-related business. If an adviser’s principal office and place of business is outside the United States, the Final Rule applies only to the adviser’s advisory activities that either (1) occur in the U.S. (including through any U.S. personnel of the adviser), or (2) involve U.S. clients or investors. In other words, a foreign adviser must implement an AML program for the portions of its operations that touch U.S. markets or persons. For example, if a London-based fund manager has no U.S. office but advises a fund with American investors, its services to that fund are subject to the rule. Conversely, purely non-U.S. activity with no U.S. nexus would not trigger the BSA requirements. FinCEN’s inclusion of foreign-located advisers on this limited basis reflects a risk-based approach: illicit finance threats are addressed wherever U.S. personnel or clients are involved, but advisers won’t be forced to apply U.S. AML controls to wholly foreign business lines. Foreign advisers should carefully map out which aspects of their operations fall within U.S. jurisdiction under these criteria. Notably, if a foreign adviser does come under the rule, it enjoys the same flexibility regarding non-U.S. compliance staff – the AML program does not have to be run by U.S. employees, as discussed above.

Preparing for the Customer Identification Program (CIP) Rule in 2025

One conspicuous element not included in the Final Rule is a requirement for investment advisers to implement formal Customer Identification Programs (CIPs). Banks and broker-dealers, for instance, have long been obligated under separate rules to verify the identities of their customers at onboarding (the CIP rule, pursuant to USA PATRIOT Act §326). FinCEN chose to address CIP for advisers through a separate joint rulemaking with the SEC, which was proposed in May 2024 and is expected to be finalized before the AML rule’s effective date. The anticipated CIP rule for RIAs would require covered advisers to: (1) establish written procedures to verify each customer’s identity within a reasonable time of account opening, including collecting identifying information (e.g. name, DOB, address, identification number) and confirming it through documentary or non-documentary methods; and (2) maintain records of the verification information and methods used. The proposal also seeks to extend beneficial ownership due diligence to advisers, aligning with FinCEN’s existing CDD Rule for banks, so that advisers will eventually need to identify the controlling persons and 25% owners of legal entity clients (once FinCEN updates the CDD Rule to integrate new Beneficial Ownership Information data in 2025). Essentially, the full vision is that advisers will perform the same KYC (Know-Your-Customer) steps that other financial institutions do: verifying who their customers (and the customers’ owners) are as a baseline control against fake or anonymous accounts.

Timeline and Alignment: FinCEN has signaled that the final CIP rule will be coordinated with the AML program rule’s schedule – ideally taking effect by January 1, 2026 so that advisers can build customer identification into their new compliance programs from day one. However, as of early 2025, the CIP rule was still pending and not yet finalized, leading to some uncertainty in the industry. The Investment Adviser Association (IAA) and other commentators have raised concerns about this sequencing. Because the CIP proposal’s comment period closed before the Final AML Rule was published, advisers did not have the benefit of seeing the final AML requirements when weighing in on CIP. The IAA has formally urged FinCEN and the SEC to reopen the comment periods or delay enforcement so that the AML program rule and the forthcoming CIP rule can be considered together. In a January 2025 letter, the IAA even recommended that FinCEN postpone the AML rule’s effective date until the CIP rule is finalized, aligning both compliance dates, to avoid a scenario where firms implement an AML program in 2025 only to significantly adjust it once CIP obligations arrive. It remains to be seen whether regulators will heed this call. FinCEN to date has not delayed the AML rule; the January 2026 deadline still stands. This means that unless we hear otherwise, advisers should proceed under the assumption that they must comply with AML program and SAR requirements by the start of 2026, and be prepared to integrate CIP requirements on a similar timeline if (and when) the joint rule is finalized. We do know FinCEN considers CIP a “critical component” of an effective AML regime for advisers, and the agencies are actively working on final rules. In practical terms, RIAs should start building customer identification processes now – even if in provisional form – so they can readily incorporate the final CIP mandates when they drop. An example best practice is to begin collecting and verifying basic IDs for new clients and identifying beneficial owners of entity clients as part of your onboarding, mirroring bank requirements. This way, you won’t be caught flat-footed by the CIP rule, and you contribute to the spirit of the AML regime from the outset.

SEC Oversight and Enforcement Expectations

FinCEN has entrusted the U.S. Securities and Exchange Commission (SEC) with front-line oversight of investment advisers’ compliance with these new AML regulations. The Final Rule formally delegates examination authority to the SEC – just as FinCEN does for other federally regulated financial institutions like broker-dealers and mutual funds – meaning that SEC examiners will review RIA/ERA AML programs and BSA compliance as part of their routine exams. We can anticipate that the SEC’s Division of Examinations (formerly OCIE) will develop exam modules to inspect adviser AML programs, request relevant records, and test firms’ implementation of required controls. FinCEN indicated it may coordinate with the SEC on publishing exam guidance or an examination manual specific to investment advisers’ AML obligations, which could help firms understand examiners’ expectations.

From an enforcement standpoint, both FinCEN and the SEC will play roles. FinCEN remains the administrator of the BSA and can bring enforcement actions (and hefty civil penalties) against advisers for AML program failures or egregious violations, just as it does with banks. In parallel, the SEC can bring its own enforcement cases against advisers who fail to comply with BSA requirements. In fact, the SEC has a history of penalizing broker-dealers for AML failures under Securities Exchange Act Rule 17a-8 (which requires compliance with BSA regulations). We may see similar approaches for advisers – for example, the SEC could charge an RIA with failing to reasonably supervise or causing violations if the firm ignores its AML duties. The upshot is that AML compliance will become an examination and enforcement priority for the SEC, and advisers should treat it with the same seriousness as any SEC rule. The SEC’s enforcement authority has effectively been broadened to encompass AML program compliance in the advisor space, filling a gap in the SEC’s investor protection mandate. FinCEN’s delegation also means advisers will primarily interact with the SEC (their familiar regulator) on AML matters, but firms must remember that ultimate accountability lies with FinCEN’s rules. In preparation, CCOs at advisory firms should update their SEC examination response plans to include AML program documentation. Expect that after January 2026, any SEC exam of a medium or large adviser will include requests for your AML policies, risk assessment, training records, SAR filings, and more. Being “exam-ready” for AML is now as important as being exam-ready for custody or marketing rule compliance.

(On a technical note, as mentioned earlier, FinCEN’s late-2024 Federal Register notice issued small technical corrections to the final rule text. Advisers should ensure they consult the updated regulatory text (31 C.F.R. §§ 1010.100, 1021.210, etc. as amended) as the basis for their compliance efforts. While these fixes were minor, accuracy is key when designing controls to meet each regulatory requirement.)

Why These Updates Matter: Strategic and Operational Implications

For compliance officers and executive leadership at investment advisers, FinCEN’s AML rule and its recent updates represent a paradigm shift in how the advisory industry approaches financial crime risk. Here’s why these developments are strategically significant:

• Closing a Vulnerability in the Financial System: Investment advisers have historically not been subject to the same AML laws as banks or brokerages, which made the sector a tempting back-door for bad actors. Treasury’s 2024 risk assessment highlighted cases where sanctioned individuals and corrupt officials exploited advisory accounts and private funds to launder money. By mandating AML controls, FinCEN is closing this gap. RIAs will now need to proactively detect and report suspect activity, bringing the industry in line with global AML standards and strengthening the integrity of the U.S. financial system. In strategic terms, firms that embrace these controls are not just avoiding penalties – they are contributing to national security and the prevention of financial crime.
• Operational Impact and Resource Needs: Implementing a full-scale AML/CFT compliance program is a significant operational undertaking for advisers that have never done it before. New policies and procedures must be written; client onboarding processes will need enhancement (to include identity verification and risk profiling); transaction monitoring and screening systems may be required; and staff must be trained on recognizing red flags and escalating issues. This comes with costs – both in technology and personnel. Many mid-sized advisers will need to either hire dedicated AML compliance staff or outsource functions to consultants or compliance technology providers. FinCEN’s rule changes, such as allowing foreign personnel and third-party delegation, can help distribute the workload, but the ultimate responsibility still falls on the adviser’s senior management. From a budgeting and staffing perspective, 2025 will likely be a year of investment in compliance infrastructure for covered RIAs. Forward-looking firms are already assessing gaps and securing resources so that they can meet the deadline.
• Data Management and Reporting Complexity: Compliance with SAR, CTR, and Travel Rule requirements introduces new data management challenges. Advisers will need to track cash transactions and electronic funds transfers in ways they may not have before. They will also need protocols to review transactions for suspicious patterns and a secure mechanism to file SARs with FinCEN. This necessitates robust recordkeeping and potentially new software tools. The clarification around the Travel Rule means firms must coordinate closely with custodians – roles and responsibilities should be clearly defined in custodial agreements to ensure that either the custodian or the adviser transmits required information for wire transfers. Advisers with discretionary fund authority must be prepared to capture sender/recipient data for any transfers they initiate. Strategically, this is a good time for firms to upgrade their data systems and consider integrated compliance platforms that can handle transaction monitoring and reporting across all these requirements.
• Risk Management and Culture: Perhaps most importantly, these AML obligations will push investment advisers to adopt a more risk-aware culture. Identifying the “source of funds” and “source of wealth” of clients, understanding the purpose of accounts, and monitoring for anomalies will become standard practice. Firms that treat this as more than a rote compliance task stand to benefit. For example, conducting thorough due diligence on investors can reveal reputational risks or legal issues that the firm would want to avoid irrespective of the rule. Likewise, having strong AML controls can protect an adviser from inadvertently facilitating fraud or being implicated in a scandal. There’s also a business upside: a robust compliance framework can be a selling point for institutional clients. Demonstrating to investors (and regulators) that your firm has state-of-the-art safeguards builds trust. Some industry experts note that early adopters of advanced AML compliance may gain a competitive edge, using compliance as part of their governance ethos and value proposition to clients. In an environment where regulators and investors are increasingly focused on ESG and governance practices, being proactive on financial crime compliance showcases a commitment to ethical conduct.
• Regulatory Risk of Non-Compliance: Finally, the stakes for getting this wrong are high. FinCEN has levied multi-million dollar penalties on financial institutions that failed to implement effective AML programs. The SEC, too, will not hesitate to bring enforcement actions if advisers ignore these requirements. Beyond fines, the reputational damage of a public enforcement action can be devastating for an adviser’s business. Management should view compliance not just as a legal obligation, but as critical risk management. The rule’s effective date may be Jan 2026, but any transactions or clients taken on in 2025 could still be scrutinized later. FinCEN has even hinted that strong SAR reporting by advisers ahead of the deadline would be welcome in helping achieve the rule’s objectives. In sum, these updates matter because they require a mindset shift – RIAs must integrate financial crime compliance into their day-to-day operations and long-term strategy. Those who do so intelligently will minimize regulatory risk and safeguard their business from abuse.

Next Steps for RIAs: Best Practices and Action Plan

With the final compliance date on the horizon, registered investment advisers should act now to ensure they can meet the new requirements. FinCEN has emphasized that it expects firms to use the lead time to have fully operational programs by January 1, 2026. Below is a roadmap of key steps and best practices for RIA compliance teams and executives to undertake in light of the Final Rule:

1. Determine Your Coverage and Obligations: Immediately assess whether the FinCEN rule applies to your firm. Confirm if your RIA or ERA status makes you a “covered adviser” and review if any exemption might apply (e.g. solely state-registered, zero AUM, etc.). For foreign advisers, map out which client relationships or activities involve U.S. persons or U.S. location-based services – those will fall under the rule. Understanding the scope of coverage is fundamental to scoping your compliance program. If you conclude you are not covered (due to an exemption), document that analysis in case regulators inquire. Tip: Even if technically exempt, some small advisers choose to implement basic AML controls as a matter of sound practice or in preparation for future growth.
2. Build or Enhance Your AML/CFT Program: Design a written AML/CFT compliance program tailored to your firm’s risk profile, and get it approved by your board of directors or equivalent governing body, as required. Leverage the four pillars (internal policies, independent testing, designated compliance officer, ongoing training) as your program’s foundation. Start with a comprehensive risk assessment of your client base, investment products, and transaction types to identify areas of higher risk (e.g. foreign investors, complex private fund structures, use of third-party payment requests). Then craft policies and controls that mitigate those risks – for instance, enhanced due diligence procedures for high-risk clients or additional approvals for high-value or cross-border fund transfers. Make sure to incorporate procedures for ongoing customer due diligence (CDD), including understanding each client’s purpose and expected activity, so that unusual transactions can be detected. If your firm already had some voluntary AML procedures (as many did after past FinCEN proposals), perform a gap analysis against the new rule’s requirements to identify what needs updating. Common gaps might include formalizing SAR reporting processes or expanding training to broader staff. Document everything – regulators will want to see written policies and evidence that they are followed.
3. Prepare for SARs, CTRs, and Travel Rule Compliance: Establish clear internal processes for the required reporting and recordkeeping obligations. This means setting up a workflow to identify and investigate suspicious activities, with escalation protocols to your compliance officer and a mechanism to file SARs with FinCEN electronically. Personnel who review account activity (portfolio managers, operations staff, etc.) should be trained to spot red flags and funnel information to compliance. Similarly, ensure you can track cash transactions in or out of the firm so that any single-day cash movements over $10,000 can be aggregated and reported via a CTR. For the Travel Rule, coordinate with your custodians and portfolio management operations: if your qualified custodian will handle Travel Rule requirements for most transfers (as FinCEN expects in many cases), get that in writing and verify what data the custodian needs from you (such as originator information). Conversely, if you sometimes move funds directly (e.g. in a private fund context), implement a procedure to gather the required sender/recipient details and include them in payment instructions. Now is a good time to update client onboarding forms to capture any information that might be needed for Travel Rule or CTR reporting (such as legal entity identifiers, additional account holder details, etc.). Having detailed recordkeeping for all transfers – even those between BSA-regulated institutions – will position you to demonstrate compliance or answer examiner questions about how funds flow through your accounts.
4. Integrate Customer Identification (ahead of the CIP Rule): Even though the formal CIP rule is pending, advisers should not wait to introduce basic customer identification and verification steps. As a best practice, start collecting the key identifying data for each new client (and consider retroactively for significant existing clients): name, address, date of birth (for individuals), government ID numbers, and for entities, information on beneficial owners. Develop a process to verify those identifiers – for example, by reviewing driver’s licenses or passports for individuals, or obtaining corporate documents for entities. This proactive approach will make it much easier to comply when the CIP rule takes effect, and in the interim it enhances your knowledge of who you are dealing with (reducing risk). Also, be prepared to incorporate FinCEN’s Beneficial Ownership Information (BOI) database into your due diligence once it becomes available in 2024–2025. FinCEN’s forthcoming CDD Rule amendments will likely mandate advisers to collect and verify beneficial owners, so building that step into your onboarding now is wise. In summary, treat customer due diligence as an integral part of your AML program from the start, even if the exact regulatory requirements are still being finalized.
5. Train Your Team and Cultivate a Compliance Culture: A paper program is not enough – your firm’s personnel must know their responsibilities and the warning signs of potential illicit activity. Develop an AML training program for all relevant staff, to be conducted at least annually (and more frequently for high-risk areas). Training should cover the basics of the new regulations, the firm’s specific policies, and real-world case examples (e.g. how money launderers might attempt to use investment accounts, what suspicious behavior looks like in an RIA context). Portfolio managers, investor relations, operations, and senior management all need to be on the same page. Encourage a culture where compliance is valued – for instance, client-facing teams should understand that turning away a risky client is sometimes necessary and has full management support. Establish safe channels for employees to report concerns. Tone from the top is crucial: leadership should communicate that AML compliance is a firm-wide priority, not a check-the-box exercise. Remember that regulators will inquire about training and culture during examinations, so invest the time to get this right.
6. Leverage Technology and Expertise: Meeting these new obligations efficiently will likely require the help of technology solutions and external expertise. Consider deploying an AML compliance software platform that can integrate customer screening, transaction monitoring, case management, and regulatory reporting. For example, sophisticated platforms can automatically flag unusual transaction patterns, aggregate cash transactions for CTR filings, and generate draft SARs, significantly reducing manual workload. Automation will be especially helpful for firms with large volumes of transactions or complex fund structures. If developing in-house tools is not feasible, evaluate vendors that specialize in AML solutions for the investment sector. (Many RIAs are turning to compliance technology providers – e.g., Flagright’s platform – to streamline AML program implementation, given its ability to handle everything from ID verification to real-time transaction monitoring in one system.) Likewise, don’t hesitate to engage legal counsel or compliance consultants who have expertise in BSA/AML. They can assist with program design, independent testing, and regulator expectations. Peer networking is valuable too: industry associations like the IAA and compliance forums can be a source of insight and best practices as firms navigate this new terrain together.
7. Monitor Ongoing Developments and Remain Adaptive: Treat 2025 as a dynamic preparatory period. Stay updated on FinCEN and SEC guidance – FinCEN may release FAQs or interpretive guidance as questions arise, and the SEC could issue risk alerts or exam priorities shedding light on focus areas. Keep an eye out for the finalization of the CIP rule (and potentially a final beneficial ownership rule update), and be ready to adjust your program accordingly. Also watch for any technical amendments or corrections that FinCEN might publish (as they did in late 2024) to ensure your compliance policies always reflect the latest rule text. Internally, set a schedule for periodic progress reviews: for example, by mid-2025, conduct a mock audit of your AML program implementation to identify any weak spots while there’s still time to fix them. By Q4 2025, consider running a full test of your AML program – from customer onboarding to SAR filing – to ensure all components work as intended. Regulators will expect that by the January 2026 deadline, your program is not only documented but also fully operational. Being adaptive and proactive will also help your firm handle future changes; AML laws evolve (e.g. new predicate offenses, new sanctions, emerging typologies), so a nimble compliance function is an asset.

The countdown to January 2026 is underway. FinCEN’s AML/CFT Final Rule ushers in a new era of regulatory accountability for investment advisers, but it also offers an opportunity for firms to elevate their risk management and reinforce trust with clients and regulators. By taking the updates and requirements seriously – from the removal of the U.S. personnel constraint to the nuances of Travel Rule compliance and the forthcoming CIP obligations – RIAs can future-proof their compliance programs. The key is to act early and deliberately. As FinCEN and the SEC have made clear, there is no grace period for ignorance. The most successful advisers will be those who not only meet the bare minimum of the rule, but who leverage it to strengthen their operations. In a world of increasing financial complexity and threat, a strong AML compliance capability is fast becoming a hallmark of industry leadership and fiduciary integrity. Now is the time for RIAs to invest in that capability – through robust programs, skilled people, and smart technology – to ensure they can confidently meet the Final Rule’s mandate and turn compliance into a strategic advantage.