Money Laundering, Terrorist Financing, and Investment Advisors – Yes, Financial Crime is Borderless and Legal Entity-Agnostic

Eric Young May 21, 2024

There is a growing acknowledgement that money laundering and terrorist financing is borderless and legal entity-agnostic, just as it is already known that cybercriminals and the means to commit cybercrimes continuously attack the weakest controls and points of entry. Indeed, these cybercrimes are a further means to launder the proceeds of crime including terrorism – particularly through “financial institutions.”

The role of investment advisors (IAs) as potential “enablers” of financial crimes is no secret to compliance officers. However, the laws and regulations to harmonize anti-money laundering (AML) and countering terrorist financing (CTF) to include IAs have been frustratingly slow and in the meantime, an open portal for these financial crimes to continue.

Even though advisors can be wittingly or unwittingly used to divert, layer, and enable the placement of illegal proceeds of crime into the financial payments system, IAs, hedge funds have been able to remain outside the formal AML definition of a “financial institution” and not required to implement and sustain a robust AML compliance program.

Until now.


The US Securities and Exchange Commission (SEC) and US Financial Crimes Enforcement Network (FinCEN) in May 2024 issued its latest in a series of proposals to require IAs to implement AML and CTF compliance programs comparable to those of banks, broker-dealers, mutual funds, and even casinos, jewelers and others already defined as a “financial institution”.

This means that if adopted, the SEC and FinCEN would require SEC-registered investment advisors (RIAs) and exempt reporting advisors (ERAs) to establish, document, and maintain written customer identification programs (CIP). A CIP requires firms to validate the true identity of investors and others, and that no beneficial owners behind them are threats to our national security because they are listed as sanctioned entities by the Office of Foreign Assets Control (OFAC), Department of Commerce (DoC) or their international counterparts. It also means that it must adopt rigorous, risk-based AML compliance risk assessments to identify and implement enhanced due diligence over higher risk clients and jurisdictions.


This joint SEC / FinCEN proposal complements FinCEN’s February 2024 proposal requiring IAs to implement:

  • Know your customer (“KYC”) and other policies and procedures
  • AML and CTF Training;
  • Board-appointed Bank Secrecy Act / AML officer;
  • Independent testing and robust surveillance to investigate and file suspicious activity reports; and
  • Due diligence processes to validate IAs clients’ true identity and risk profile.

Most importantly, IAs – whether registered with the SEC or not – must establish and maintain an AML / CTF compliance program which is robust, risk-based, and can demonstrate that it has the compliance support, culture, and technology to rigorously monitor, investigate, and ultimately report suspicious activities in a way that is credibly challenged by its board of directors, and documented fully to demonstrate an adequately budgeted compliance program which is working in practice.

With IAs building artificial intelligence (AI) algorithms to remain competitive with respect to its investment strategies and portfolios, IAs are increasingly vulnerable to major cyber-attacks, fiduciary conflicts of interest, and growing exposure to money laundering and terrorist financing.


This requires IAs to be prepared now to evaluate, design, and invest in the appropriate people, process, and technology to operationalize a robust, risk-based AML compliance program. Waiting or deciding not to do so could result in significant monetary penalties, and reputational damage to the IA and its clients.

It is highly recommended that IAs engage a third-party consultant to evaluate and help implement an overarching strategy to meet these requirements. A compliance expert offers IAs the advantage of specialized knowledge and experience in navigating the complex regulatory environment. These experts can provide tailored guidance and strategies to ensure that IAs not only meet but exceed the required AML compliance standards, thereby safeguarding against legal risks and enhancing the trust of their clients. Moreover, a compliance consultant can offer ongoing support to adapt to regulatory changes, ensuring that Investment Advisors remain proactive and compliant in a dynamic financial landscape.

Eric Young

Senior Managing Director

Eric T. Young advises highly regulated organizations on reengineering compliance, ethics, and regulatory technology programs to enable reputable and sustainable business growth. He has deep regulatory experience having spent close to 40 years in chief compliance officer roles at some of the world’s largest institutions, including five global banks. Throughout his career, Mr. Young has remediated and transformed corporate compliance programs and financial crime compliance programs including sanctions; integrated compliance and ethics cultures between regions, countries and companies to ensure consistency across enterprises; built compliance budgets; enhanced reporting; created governance frameworks and risk assessment, monitoring and testing programs; closed compliance gaps; restructured compliance teams; and mentored junior staff to create a pipeline of future compliance leaders and enable grassroots compliance ideas, solutions and digital upgrades.