Supporting Statement
OMB Control Number 1506 - XXXX
Proposal of Customer Identification Programs for Registered Investment Advisers and Exempt Reporting Advisors
1. Circumstances necessitating collection of information.
The Financial Crimes Enforcement Network (FinCEN) is issuing this statement to support its request that the Office of Management and Budget (OMB) approve a proposed collection of information in a notice of proposed rulemaking (NPRM) in support of the Bank Secrecy Act (BSA). In this NPRM, FinCEN and the U.S. Securities and Exchange Commission (SEC) have jointly proposed to require that SEC-registered investment advisers (RIAs) and exempt reporting advisers (ERAs) implement reasonable procedures to identify and verify the identities of their customers—among other requirements—in order to form a reasonable belief that RIAs and ERAs know the true identity of their customers. These requirements are commonly known as “Customer Identification Programs” (CIPs).
The legislative framework generally referred to as the BSA consists of the Currency and Foreign Transactions Reporting Act of 1970, Pub. L. 91-508 (Oct. 26, 1970), as amended by the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001, Pub. L. 107-56 (Oct. 26, 2001), and other legislation, including the Anti-Money Laundering Act of 2020 (AML Act).1 The BSA is codified at 12 U.S.C.1829b, 12 U.S.C. 1951–1960, and 31 U.S.C. 5311–5314 and 5316–5336, and includes notes thereto, with implementing regulations at 31 CFR chapter X.
The BSA authorizes the Secretary of the Treasury (Secretary) to, inter alia, require financial institutions to keep records and file reports that are determined to have a high degree of usefulness in criminal, tax, or regulatory matters, risk assessments or proceedings, or in the conduct of intelligence or counter-intelligence activities to protect against terrorism, and to implement anti-money laundering (AML) programs and compliance procedures.2 The authority of the Secretary to administer the BSA has been delegated to the Director of FinCEN.3
Under section 326 of the USA PATRIOT Act, which added subsection (l) to 31 U.S.C. 5318 of the BSA, the Secretary is required to prescribe regulations “setting forth the minimum standards for financial institutions and their customers regarding the identity of the customer that shall apply in connection with the opening of an account at a financial institution.”4 Further, 31 U.S.C. 5318(l)(4) requires that implementing regulations for certain types of financial institutions be prescribed jointly with the appropriate Federal functional regulator (as defined in section 509 of the Gramm-Leach-Bliley Act, Pub. L. 106-102 (Nov. 12, 1999)).5
FinCEN and the SEC issued this joint NPRM following a separate February 2024 NPRM6 issued by FinCEN that proposed to, among other things, include RIAs and ERAs in the definition of “financial institution” under the BSA, prescribe minimum standards for anti-money laundering/countering the financing of terrorism (AML/CFT) programs to be established by such investment advisers, and require such investment advisers to report suspicious activity to FinCEN pursuant to the BSA. If the February 2024 NPRM is finalized and RIAs and ERA are thereby included in the definition of “financial institution,” the BSA would require the Secretary and the appropriate Federal functional regulator (which, for RIAs and ERAs, is the SEC) to jointly impose CIP obligations on RIAs and ERAs.7 The proposed rule related to this statement would fulfill this requirement.
CIP obligations are a long-standing foundational component of a financial institution’s AML/CFT program requirements. This NPRM is generally consistent with existing FinCEN rules requiring other comparable financial institutions, such as banks, broker-dealers, mutual funds, and futures commission merchants and introducing brokers in commodities (FCM-IBCs), to adopt and implement CIPs.8 Consistent with these previous CIP rulemakings and the requirements included in section 326 of the USA PATRIOT Act, RIAs and ERAs under this NRPM would be required to establish, document, and maintain a written CIP appropriate for their respective sizes and businesses. The CIP would include risk-based procedures for verifying the identity of each customer to the extent reasonable and practicable within a reasonable time before or after the customer’s account is opened. The procedures would have to enable the RIA or ERA to form a reasonable belief that it knows the true identity of each customer. RIAs and ERAs would be required to obtain certain identifying information with respect to each customer, such as the customer’s name, date of birth or date of formation, address, and identification number. The proposed rule would also include procedures for, among other things, maintaining records of the information used to verify a customer’s identity, notifying customers that the adviser is requesting information to verify their identities, and determining whether a customer appears on any list of known or suspected terrorists or terrorist organizations.
The similarity between this NPRM and previous CIP rules reflects the importance that FinCEN and the SEC assign to the harmonization of CIP requirements, including for the purposes of increasing effectiveness and efficiency for investment advisers that are affiliated with other financial institutions, such as banks, broker-dealers, or mutual funds that are already subject to CIP requirements. Further, to be consistent with the February 2024 NPRM, this proposal notes that an investment adviser may deem the CIP requirements included herein to be satisfied for any mutual fund it advises if the mutual fund has developed and implemented a CIP that is compliant with CIP requirements applicable to mutual funds.
The U.S. Department of the Treasury (Treasury) has identified material illicit finance risks involving investment advisers. Investment advisers, as gatekeepers to the U.S. financial system, have been used as an entry point by criminal actors to invest in U.S. assets, and by foreign adversaries to access sensitive information and technology from early-stage companies. Currently, thousands of investment advisers overseeing tens of trillions of dollars are generally not subject to comprehensive AML/CFT requirements. This rulemaking seeks to help prevent illicit finance activity involving the customers of investment advisers, by requiring that certain investment advisers take steps to verify the identifies of their customers.
2. Method of collection and use of data.
The proposed rule would require certain investment advisers (RIAs and ERAs) to establish, document, and maintain a written CIP as part of their AML/CFT programs under 31 U.S.C. 5318(h). The proposed rule would require that an investment adviser’s CIP be appropriate for its size and business and that the CIP, at a minimum, include:
implementing risk-based procedures for verifying the identify of a customer within a reasonable time before or after the customer’s account is opened;
obtaining minimum customer identification information, including (1) name, (2) date of birth for an individual, or date of formation for a person that is not an individual, (3) address, and (4) identification number;
implementing risk-based procedures for verifying the identity of each customer to the extent reasonable and practicable, such that the investment adviser is able to form a reasonable belief that it knows the true identify of the customer;
making and maintaining records relating to customer identity and verification;
determining whether the customer appears on any list of known or suspected terrorists or terrorist organizations provided by a government agency; and
providing notice to customers regarding these identity verification procedures.
The information on the customer’s identification maintained by RIAs and ERAs is made available to appropriate government authorities only upon request. Compliance with these requirements will be reviewed by Federal agencies during the course of BSA examinations.
3. Use of improved information technology to reduce burden.
FinCEN expects that compliance with the proposed requirements would necessitate the use of information technology systems to obtain identifying information from customers, verify the identity of each customer to the extent reasonable and practicable, make and maintain records relating to customer identity and verification, and determine whether customers appear on any government-provided lists of known or suspected terrorists or terrorist organizations. There is no specific government mandate to do so.
4. Efforts to identify duplication.
There are no Federal rules that directly and fully duplicate, overlap, or conflict with the proposed rule.
While investment advisers are not currently defined as financial institutions under the BSA and are therefore not subject to CIP requirements, certain investment advisers already perform AML/CFT functions, including those associated with a CIP, as a result of existing requirements.9 Specifically, an RIA or ERA may perform certain AML/CFT functions, including those associated with a CIP, if the entity is also a registered broker-dealer or a bank (i.e., a dual registrant), or is an operating subsidiary of a bank. Other investment advisers are affiliates of banks or broker-dealers, which may implement an enterprise-wide CIP-compliant AML/CFT program that would include investment advisers. Some investment advisers perform these functions via contract with a broker-dealer (e.g., if the investment adviser performs CIP functions for joint customers) or other financial institutions.
To avoid duplication of requirements, the proposed rule would provide that an investment adviser may deem these requirements satisfied for any mutual fund it advises if the mutual fund has developed and implemented a CIP that is compliant with CIP requirements applicable to mutual funds.
5. Methods to minimize burden on small businesses or other small entities.
By choosing to apply the requirements of the proposed rule to only RIAs and ERAs, FinCEN is proposing to cover what are considered “larger” investment advisers. Investment advisers who have $110 million or more in regulatory assets under management (AUM) are generally required to register with the SEC.10 FinCEN notes that over 70 percent of advisers covered by the proposed rule manage at least $110 million in customer assets.11 In contrast, the vast majority of investment advisers that are generally understood to be “smaller” investment advisers are generally registered with one or more state securities authorities and not with the SEC and are not covered by the proposed rule.12
FinCEN notes that the costs of the CIP requirements in the proposed rule are largely based on factors directly correlated with the size of an investment adviser, along with the risk profile of its advisory activities and customers. The requirements of the proposed rule therefore have some inherent flexibility whereby small entities serving a smaller number of customers are likely to have lower costs.
6. Consequences to the Federal government of not collecting the information.
Treasury’s Investment Adviser Illicit Finance Risk Assessment, along with past national risk assessments, have identified the illicit finance and national security risks associated with RIAs and ERAs.13 The risk assessment notes that, first, the investment adviser industry has served as an entry point into the U.S. market for illicit proceeds associated with foreign corruption, fraud, and tax evasion. Second, certain advisers manage billions of dollars ultimately controlled by sanctioned entities including Russian oligarchs and their associates who help facilitate Russia’s illegal and unprovoked war of aggression against Ukraine. Third, certain RIAs and ERAs and the private funds that they advise are also being used by foreign states—most notably the People’s Republic of China (PRC) and Russia—to access certain technology and services with long-term national security implications through investments in early-stage companies. This rulemaking aims to help prevent and mitigate this illicit finance activity by requiring that RIAs and ERAs take minimum steps to identify and verify the identities of their customers—among other requirements—in order to form a reasonable belief that RIAs and ERAs know the true identity of their customers.
As proposed, the information obtained under an investment adviser’s CIP would be important predicates for other core AML/CFT practices and requirements, including the customer due diligence (CDD) requirement to identify and verify the beneficial owners of legal entity customer accounts. The February 2024 NPRM did not extend to RIAs and ERAs this obligation to identify the beneficial owners of legal entity customers in light of the anticipated forthcoming changes to the CDD regulations required by section 6403 the AML Act.14 FinCEN is working to revise these regulations in line with the statutory requirement.
The Federal government requires reporting of this information only upon request.
7. Special circumstances requiring data collection to be inconsistent with guidelines.
Under 31 CFR 1010.430(d), all records that are required to be retained must be retained for a period of five years. The records required by the proposed rule would be subject to this five-year retention period. This retention period is necessary to allow for verification of compliance with the recordkeeping requirement and because such records may relate to statutes of limitation longer than three years.
8. Consultation with individuals outside of the agency on availability of data, frequency of collection, clarity of instructions and forms, and data elements.
During the preparation of the Treasury Investment Adviser Illicit Finance Risk Assessment, Treasury—in coordination with the Federal Bureau of Investigation—conducted an analysis of certain BSA reports filed between 2013 and 2021. That analysis reviewed certain BSA reports associated with or referencing an RIA or ERA, and the extent to which AML/CFT obligations on banks, broker-dealers, and other BSA-defined financial institutions were already collecting and reporting information on illicit finance activity associated with investment advisers.
Treasury also consulted with the SEC on the information provided by RIAs and ERAs on Form ADV. Form ADV collects certain information about the adviser, including (depending on the adviser’s registration status) its AUM, ownership, number of clients, number of employees, business practices, custodians of client funds, private funds managed by the IA, affiliations, as well as certain disciplinary or material events of the adviser or its employees. ERAs who are not registered with the SEC or a state securities regulator are only required to file an abbreviated version of Form ADV—they are required to answer fewer client-related questions and provide less information about the services they provide. Form ADV does not require investment advisers to disclose the names of individual clients or investors.
FinCEN and the SEC are seeking public comment on these and other related topics in the NPRM, which was published in the Federal Register on May 21, 2024.15 The comment period ends on July 22, 2024. FinCEN and the SEC intend to incorporate into a final rule any pertinent information from comments received.
9. Explanation of decision to provide any payment or gift to respondents.
No payments or gifts were made to respondents.
10. Assurance of confidentiality of responses.
Information collected under 31 U.S.C. 5318(l)(2) may be made available to FinCEN and other appropriate law enforcement and supervisory agencies.
11. Justification of sensitive questions.
CIP requirements include—among other requirements—identity verification procedures for customers, including procedures for collecting identifying information for each customer, and recordkeeping procedures relating to customer identification and verification. Personally identifiable information, such as name, address, date of birth, and taxpayer identification number, are necessary to identify and verify the identity of a customer. Any personally identifiable information collected under the BSA is strictly controlled as outlined in FinCEN’s Privacy Act Systems of Records Notice.16
12. Estimated burden.
Frequency: As required; varies depending on the requirement.
Estimated Burden per Respondent: FinCEN estimates that the annual burden per respondent will be approximately 185.8 hours.17
Estimated Number of Respondents: 20,460 investment advisers. Of these, there are an estimated 14,914 SEC-registered investment advisers18 and 5,546 exempt reporting advisers.19
Estimated Total Annual Burden Hours: FinCEN estimates that the annual burden will be 3,800,990 hours for investment advisers.20
13. Estimated total annual cost burden.
|
Number of Respondents |
New Aggregate Annual Internal Hours Burden |
Wage Rate |
Internal Time Costs |
Annual External Cost |
RIAs |
14,914 |
249 |
$106.30 |
$394,754,191.80 |
$45,726,324.00 |
ERAs |
5,546 |
15.76 |
$106.30 |
$9,291,147.25 |
$2,720,645.76 |
Total IAs |
20,460 |
185.7 |
$106.30 |
$404,045,339.05 |
$48,446,969.76 |
|
|
|
Total Labor Costs21 |
$452,492,308.81 |
|
As described in the above table, FinCEN estimates that the annual cost burden will be approximately $452.5 million for investment advisers.
14. Estimated annual cost to the Federal government.
The proposed rule does not foresee significant annual costs to the Federal government associated with this proposed rulemaking.
15. Reason for change in burden.
This is new proposed collection of information.
16. Plans for tabulation, statistical analysis, and publication.
The information will not be tabulated or compiled for publication.
17. Request not to display the expiration date of the OMB control number.
FinCEN requests that it not be required to display the expiration date so that the regulations will not have to be amended for the new expiration date every three years.
18. Exceptions to the certification statement.
There are no exceptions to the certification statement.
1 The AML Act was enacted as Division F, §§ 6001-6511, of the William M. (Mac) Thornberry National
Defense Authorization Act for Fiscal Year 2021, Pub. L. 116-283 (Jan. 1, 2021).
2 Section 358 of the USA PATRIOT Act expanded the purpose of the BSA by including a reference to reports and records “that have a high degree of usefulness in intelligence or counterintelligence activities to protect against international terrorism.” See 12 U.S.C. 1829b(a). Section 6101 of the AML Act further expanded the purpose of the BSA to cover such matters as preventing money laundering, tracking illicit funds, assessing risk, and establishing appropriate frameworks for information sharing. See 31 U.S.C. 5311.
3 Treasury Order 180-01 (Jan. 14, 2020).
4 31 U.S.C. 5318(l)(1).
5 31 U.S.C. 5318(l)(4) requires that any CIP requirement for financial institutions that engage in financial activities described in section 4(k) of the Bank Holding Company Act be prescribed jointly with each Federal functional regulator.
6 See FinCEN, Anti-Money Laundering/Countering the Financing of Terrorism Program and Suspicious Activity Report Filing Requirements for Registered Investment Advisers and Exempt Reporting Advisers, Notice of Proposed Rulemaking, 89 FR 12108 (Feb. 15, 2024) (hereinafter, the “February 2024 NPRM”).
7 31 U.S.C. 5318(l)(2).
8 See, e.g., 31 CFR 1020.220, 1023.220, 1024.220, 1026.220.
9 See 89 FR at 12112 (circumstances where some investment advisers implement AML/CFT measures).
10 See 17 CFR 275.203A-1.
11 Based on a Treasury review of Form ADV data filed as of July 31, 2023.
12 See 89 FR at 44592.
13 See Treasury, Investment Adviser Illicit Finance Risk Assessment, https://home.treasury.gov/system/files/136/US-Sectoral-Illicit-Finance-Risk-Assessment-Investment-Advisers.pdf; see also Treasury, 2022 National Money Laundering Risk Assessment 63-66, https://home.treasury.gov/system/files/136/2022-National-Money-Laundering-Risk-Assessment.pdf.
14 The requirement to update FinCEN’s CDD regulations is codified as a note to 31 U.S.C. 5311.
15 See FinCEN, Customer Identification Programs for Registered Investment Advisers and Exempt Reporting Advisers, Notice of Proposed Rulemaking, 89 FR 12108 (May 21, 2024) (hereinafter, the “May 2024 NPRM”).
16 FinCEN, Privacy Act of 1974, as Amended; System of Records Notice, 79 FR 20969 (Apr. 14, 2014).
17 Estimates herein assume that (1) the median number of customers per exempt reporting adviser is two and (2) the median number of customers per registered investment adviser is 100. These estimates were made based on the number of private funds reported by exempt reporting advisers in Schedule D, Section 7.B.1 of Form ADV and the number of clients reported by registered investment advisers in Item 5.D of Form ADV. The estimates were made using data current as of October 5, 2023.
18 This number is an estimate of all registered investment advisers with at least one client, based on responses to Item 5.D of Form ADV, as of October 5, 2023.
19 This number is an estimate of all exempt reporting advisers with at least one client, based on responses to Item 2.B of Form ADV, as of October 5, 2023.
20 This total includes the estimated time required to comply with 1032.220(a)(1)–(6). See Table 1: PRA Estimates at FinCEN and SEC, Customer Identification Program for Registered Investment Adviser and Exempt Reporting Advisers Joint Notice of Proposed Rulemaking, 89 FR 44590 (May 21, 2024).
21 For further explanatory data and notes, see Table 1: PRA Estimates at FinCEN and SEC, Customer Identification Program for Registered Investment Adviser and Exempt Reporting Advisers Joint Notice of Proposed Rulemaking, 89 FR 44590 (May 21, 2024).
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| Author | Mizzi, Shannon |
| File Modified | 0000-00-00 |
| File Created | 2024-07-22 |