On May 13, the Securities and Exchange Commission (SEC) and the US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) jointly proposed to require that SEC-registered investment advisers (RIAs) and SEC-exempt reporting advisers (ERAs) adopt customer identification programs (CIPs), which include procedures to verify the identities of its customers (CIP Proposed Rule). CIPs are intended to aid in preventing, detecting and prosecuting money laundering and the financing of terrorism. 

The CIP Proposed Rule complements FinCEN's February rule proposal (previously written about) that would designate RIAs and ERAs as “financial institutions” under the Bank Secrecy Act, subjecting them to AML/CFT program requirements and obligations to file suspicious activity reports (AML Proposed Rule). The comment period on the AML Proposed Rule closed in April. 

Generally, the CIP Proposed Rule's requirements are consistent with the CIP requirements already applicable to other financial institutions, including banks and SEC-registered brokers and dealers. 

Customer Information Required

As proposed, the investment adviser must obtain, at a minimum, the following information before opening a customer’s account:

• Name;
• Date of birth or date of formation;
• Address (residential or business street address or principal place of business); and
• Identification number (taxpayer identification number or passport number).

Core Requirements

RIAs and ERAs would be required to:

• Implement reasonable procedures to identify and verify the identity of customers;
• Provide clients with adequate notice, before the account is opened, that the investment adviser is requesting information to verify their identities;
• Adopt reasonable procedures for determining whether a customer appears on any list by any government agency of known or suspected terrorists or terrorist organizations;
• Develop procedures for responding to circumstances in which the investment adviser cannot form a reasonable belief that it knows the true identity of a customer; and
• Incorporate procedures for making and maintaining records related to all information obtained and used to verify a customer’s identity.

Notable Exclusions

Under the CIP Proposed Rule, RIAs and ERAs:

• May exclude any account that the investment adviser acquires through any acquisition, merger, purchase of assets or assumption of liabilities;
• Are not required to verify the identity of certain clients, including banks and other regulated financial institutions, certain government entities and publicly traded companies, and existing clients if the adviser reasonably believes it knows the client's identity; and
• May generally deem the proposed requirements satisfied with respect to mutual funds that have already developed and and implemented a CIP. 

Final Thoughts

An investment adviser must design its CIP policies and procedures based on an assessment of the relevant risks, including those posed by the various types of accounts it maintains. Moreover, risk factors that will inform these procedures also include the types of money laundering and terrorist financing activities present in the adviser’s jurisdiction, the nature of the services offered by the adviser, and the extent of the adviser's reliance on third-party firms for identity verification procedures. 

FinCEN and the SEC did not establish different requirements for smaller advisers or provide an exemption for smaller advisers, citing their belief that the CIP Proposed Rule provides sufficient flexibility for advisers to tailor their procedures to the risks presented by their business and client base.  

The comment period will remain open for 60 days following publication of the CIP Proposed Rule in the Federal Register. Investment advisers would have to develop and implement their CIPs on or before six months from the rule's effective date.