RIAs Face "Added Burdens" As Deadline For New AML Rule Looms

Charles Paikert

14 July 2025

Yes, it’s summertime and the living is easy. But an important – and potentially burdensome – regulatory deadline is looming for wealth managers and multi-family offices.

In less than six months RIAs with over $110 million in assets will have to significantly overhaul their due diligence and compliance functions to meet a slew of new requirements imposed by the final Anti-Money Laundering Rule from the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN).

The rule, which takes effect January 1, 2026, will be overseen by the who heads the firm’s regulatory monitoring. “This may require manual reviews, manipulation of custodial reports or purchasing additional technology.”

What’s more, “the added burdens of operational requirements, identifying red flags and performing Office of Foreign Assets Control reviews may place RIAs at a disadvantage,” Yates added.

The requirement to timely file SARs (suspicious activity reports), may be the biggest initial difficulty for RIAs, according to Joel Cohen, global chair of the white collar and investigations practice at . Nor do they have the internal resources to search for clients “who might be required to be reported to authorities” under the information sharing provisions of Section 314(a) of the USA Patriot Act, Chen added.

"Begin building out immediately"
Even firms who have already adopted Know-Your-Customer (KYC) best practice policies will be required to comply with the new rule, albeit having a head start. But for RIAs without these policies in place, the AML/CFT compliance obligation will create “a large shift in the way the RIA operates and will require significant time and attention,” according to a White & Case alert.

Wealth managers should begin building out reporting infrastructure and train staff on suspicious activity identification immediately, Chen said. Developing oversight and red flag monitoring should also be priorities, according to Yates. RIAs need to “determine how to obtain reports that provide the necessary details to identify risk areas such as third-party money movement and offshore accounts and transactions,” Yates said.

RIAs shouldn’t simply import the full range of anti-money laundering controls and processes that non-RIA institutions are obliged to follow, Cohen stressed.

That’s because the AML rule has exceptions that reduce the RIAs’ regulatory burden, he explained. For example, the rule excludes bank and trust company sponsored collective investment funds from compliance obligations and does not include a customer identification program (CIP) requirement, nor the collection of beneficial ownership, data and information for an advisor's “legal entity customers.”

“Training critical”
Training office staff will also be critical for meeting the rule requirements, experts agreed.

“RIAs will need to designate a person responsible for implementing the program, and providing supplemental training for the appropriate personnel, which means identifying which personnel that includes, and implementing risk-based customer due diligence,” Cohen said.

If possible, the designated AML Officer, should be “assisted by a delegate,” Yates said. “These individuals need training and education, so that they can adequately assess the firm’s specific risk profile based on client base, services, products, geography and operational structure, with the goal to tailor AML policies and procedures appropriately and, hopefully, make implementation manageable.”

Reduced role for custodians
The new rule also means less RIA reliance on custodians, who the Treasury Department felt weren’t adequately monitoring and controlling AML risk. “Advisors can’t blindly rely on their custodians anymore,” said attorney Brian Hamburger, CEO of .

"A hotbed of enforcement activity"
So far, “very few RIAs have gotten very far in preparing for compliance with the new rule,” according to Chen.

Dan Bernstein, chief regulatory counsel for MarketCounsel agreed, but while urging advisors not to wait until the last minute to have requirements in place. He also noted that “there’s no reason to be first. There may be more guidance coming and additional third-party providers. The SEC doesn’t expect firms to be perfect on January 1, but they better not have nothing in place either.”

Initial enforcement of the rule may be rocky, Cohen said. “The SEC does not have a history of doing this kind of oversight and so they will be learning on the job as well,” he explained. “That can lead to confusion, and sometimes to early days of clumsy over enforcement. Patience will be critical.”

Indeed, under the Bank Secrecy Act, which spawned the new rule for RIAs, AML compliance “has been a hotbed of enforcement activity,” according to Debevoise & Plimpton, “with banks and broker-dealers being subjected to significant monetary penalties for technical non-compliance with AML/CFT requirements.”

Under the Treasury Department’s final rule for RIAs, those penalties may include criminal sentences for non-compliant advisors.

Part Two of this series will cover RIA reaction to the forthcoming AML Rule and a “cheat sheet” outlining what advisors need to do.