Reported by Charles Paikert

(Summary featured below. To read full report, go to: https://www.familywealthreport.com//printarticle.php?id=205003)

New AML Rule Brings Major Compliance Overhaul for RIAs

A significant regulatory deadline looms for Registered Investment Advisors (RIAs) managing over $110 million in assets. Effective January 1, 2026, the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) will require these firms to implement a host of new Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) measures. Overseen by the SEC, the rule includes mandatory suspicious activity reporting (SARs), written policies, transaction monitoring, OFAC reviews, staff training, and independent program testing. Legal and compliance experts warn that these sweeping changes could pose serious operational challenges for many RIAs, especially those lacking the required technology or infrastructure.

Technology Gaps and Operational Strain Ahead

Industry professionals warn that many RIAs are ill-equipped to comply. According to compliance experts, the lack of integrated technologies for transaction monitoring and SAR detection may force firms to resort to inefficient manual processes. Advisors must also grapple with OFAC checks and red flag identification, tasks traditionally outside the RIA domain. This shift puts RIAs at a potential disadvantage compared to more regulated institutions like banks, which have long operated under stringent AML frameworks. The new requirements also present a steep learning curve for firms unfamiliar with SAR obligations and the strict confidentiality rules around them.

Proactive Preparation is Crucial

Experts strongly advise RIAs to begin preparing immediately. Even firms with existing Know-Your-Customer (KYC) policies will need to enhance their systems, while those without will face a complete overhaul of operations. Building out reporting infrastructure, training staff on red flag detection, and establishing oversight protocols should be prioritized. Notably, RIAs must tailor their programs rather than replicate controls from banks or broker-dealers, as the rule provides some exemptions—like no requirement for customer identification programs or collecting beneficial ownership data for legal entities.

Training and Accountability Key to Compliance

Training will be a cornerstone of compliance. RIAs must designate an AML Officer and potentially a delegate, both of whom need education on tailoring risk-based policies specific to the firm’s structure and client base. Identifying which employees require training is also essential. The rule shifts more AML responsibility onto RIAs themselves, reducing reliance on custodians. Advisors must implement independent oversight mechanisms and cannot defer compliance duties to third-party providers, though such vendors can support execution.

Slow Start and Uncertain Enforcement Landscape

Despite the looming deadline, most RIAs are still in early stages of preparation. While enforcement may be gradual, regulatory attorneys caution firms not to wait. The SEC, new to this form of AML oversight, is expected to experience a learning curve—possibly leading to inconsistent early enforcement. However, advisors shouldn’t assume leniency; under the Bank Secrecy Act, even minor technical failures have led to large fines for banks and broker-dealers. For RIAs, non-compliance could bring similar penalties or even criminal consequences. With January fast approaching, action—not perfection—is the immediate priority.