Start Planning Now to Reduce Your Increased Money Laundering, Sanctions, and Conflicts of Interest Risks
The introduction and use of generative artificial intelligence (GenAI) and predictive data analytics (PDAs) by registered and exempt investment advisers (IAs) will dramatically increase their money laundering, terrorist financing, and conflicts compliance risks.
IAs should begin planning for and addressing these potential risks now, especially as major anti-money laundering (AML) and conflicts of interest proposals will significantly affect them.
IAs’ compliance risks today
Thousands of IAs oversee the investment of trillions of dollars into the U.S. economy. Despite their importance, IAs today are lightly regulated as compared to banks, dealers, and other financial institutions. This is because IAs do not handle money[1], unlike financial institutions.
IAs today meet registration and disclosure rules, and light-touch Labor Department conflicts rules to meet their clients’ best interests. However, IAs are not required to implement granular compliance risk assessments, automated surveillance, and risk metrics.
The way forward
This current landscape will change dramatically because IAs could soon be subject to proposed US Treasury/Financial Crimes Enforcement Network’s (FinCEN) AML[2] requirements and the US Securities and Exchange Commission’s (SEC) more prescriptive conflicts management rules[3].
IAs should holistically address a common risk: Generative AI
Many IAs are analyzing FinCEN’s AML and SEC’s conflicts proposals and risks as mutually exclusive.
Understanding GenAI risks enable IAs to implement risk-based AML and conflicts compliance programs concurrently. Doing so will in turn protect the best interests of their clients more effectively, while preserving their hard-earned reputation.
GenAI and IAs
Granted, IAs’ use of GenAI promotes greater portfolio optimization, deeper and faster analytics of markets and clients’ investment patterns, natural language processing to analyze unstructured data, and produces predictive analytics.
However, there are also yet-unknown compliance risks to IAs with GenAI and PDAs.
AI Exacerbates Money Laundering, Sanctions, and Terrorist Financing Risks
Lawyers, accountants, and IAs are viewed as vulnerable or willful “enablers” of financial crimes. Compounding this, the hasty embrace of GenAI and PDAs by IAs increases the following risks:
- Complex GenAI algorithms can outpace IAs’ understanding of rapidly changing trends, “generative output”, and client activities. This enables criminals to mask illicit transactions within larger legitimate ones.
- Sanctioned Iranian entities can hack and inject false data to manipulate unsecured AI algos and then hide behind legitimate or multi-layered shell companies.
- Sanctioned Russian oligarchs could hide behind non-sanctioned family offices or alter “deep fake” identities.
- Sophisticated players can alter or overwhelm surveillance models to evade money laundering and sanctions red flags, particularly for IAs.
- Biased input and output, opacity of data and analytics, client data leaks, corrupted data, cyber-crimes, output hallucination, unidentified flaws, etc. each
The absence in the meantime of definitive AML rules for large and small IAs makes it difficult to implement a robust AML compliance program including:
- Know your customer and other policies and procedures;
- Training;
- Board-appointed BSA/AML officer;
- Independent testing and robust surveillance to investigate and file suspicious activity reports; and
- Due diligence processes to validate IAs clients’ true identity and risk profile.
AI, the SEC, and DoL Conflicts Rules
If uncontrolled, IAs’ use of AI technologies could create unique investment strategies which inadvertently enables IA profits over investors’ best interests. The SEC proposes a more prescriptive oversight framework than existing Labor Department rules. The former will require detailed policies and procedures and recordkeeping to ensure AI and PDAs do not create greater conflicts. For example:
- Predictive models encouraging clients to keep assets in an advisory account instead of 401(k) or retirement accounts;
- Revenue sharing for investment products creating incentives for advisers to favor those investments; and
- AI software promoting a firm’s proprietary products over other products (regardless of the best interests of the customer).
AI-driven AML and conflicts of interest rules affecting IAs are very likely
over the next 12 months, especially because the Congressional “ENABLERS” Act will likely pass, subjecting lawyers, accountants, and investment advisers to the BSA Act and AML regulations. The SEC conflicts rule, despite major pushback from IAs, could also be adopted over the same period.
Recommended next steps for IAs: PREPARE NOW
- Risk assess, understand proposed or in-place AI strategies, uses, and underlying algorithms, i.e., establishing governance standards over AI development, revising the Software Development Life Cycle (SDLC) process to incorporate AI best practices and NIST AI principles.
- Consider the importance of integrating next steps for an effective AML compliance[4] and more robust conflicts management compliance program, especially if AI is or will be part of your business model.
- Don’t forget the fundamental compliance programs components for investment advisers including training and awareness, policies, and procedures, while anticipating how generative AI and PDA technology, together with off-channel communications will add complexities to your program.
- Evaluate the benefits of working with a third-party consultant to assist with the planning, design, and implementation of robust GenAI, PDA, AML, and conflicts management compliance program.
Planning ahead to address major GenAI, money laundering, sanctions, and conflicts management compliance risks holistically and simultaneously will enable investment advisors to manage these risks efficiently and give IAs the necessary lead time to build the proper policies and procedures, training programs, and critical systems to continue to grow safely and profitably.
[1] “Financial institutions” lend, safeguard, transmit fiat or digital “money” as a medium of exchange, representing a measure of value, and a means of payment. IAs advise or manage clients’ portfolios only.
[2] FinCEN Proposes Rule to Combat Illicit Finance and National Security Threats in Investment Adviser Sector | FinCEN.gov.
[3] Proposed Rule: Conflicts of Interest Associated with the Use of Predictive Data Analytics by Broker-Dealers and Investment Advisers (sec.gov)
[4] Including terrorist financing and sanctions compliance.