On May 13, the US Securities and Exchange Commission (SEC) and the US Department of the Treasury’s (USDT) Financial Crimes Enforcement Network (FinCEN) jointly released a notice of proposed rulemaking (NPRM) which, if adopted, would require SEC-registered investment advisers (RIAs) and exempt reporting advisers (ERAs) to establish policies and procedures to verify the identities of their customers.
Background
This proposed rule follows on the heels of a previous rule proposed by FinCEN on February 13, which would include RIAs and ERAs in the definition of “financial institutions” under the Bank Secrecy Act (BSA). More information about that rule can be found here. Both rules are efforts to prevent illicit funds from being invested into the US economy. SEC Chair Gary Gensler explained that the recently proposed rule is designed to “reduce the risk of terrorists and other criminals accessing US financial markets to launder money, finance terrorism, or move funds for other illicit purposes.”
Proposed Rule
The SEC and FinCEN have proposed a rule which would require investment advisers to create and maintain customer identification programs (CIPs). This rule would align investment advisers with other financial institutions, such as banks and mutual funds, which are required to maintain CIPs. Under this rule, a “customer” is defined as any natural person or legal entity that opens an account with the investment adviser.
Information Collection
The proposed rule would require investment advisers to collect at least the following information from each of their customers:
- Full legal name and any aliases.
- Date of birth for an individual or date of formation for an entity.
- Address.
- Identification number (such as a taxpayer identification number, passport number and country of issuance, or other government-issued documentation).
If this information is insufficient for the investment adviser to form a reasonable belief regarding the customer’s true identity, the adviser is required to collect any additional information necessary to form such a belief.
CIP Formation
Under the proposed rule, investment advisers must create and maintain a CIP that addresses the following:
- How and when the adviser will collect relevant information from their customers.
- How the adviser will determine that additional information is needed to confirm their customer’s identity, and the subsequent manner of collection.
- How the adviser will manage situations in which their customer is unable to provide the requested information.
- How the adviser will verify customer information.
- How the adviser will maintain records of collected information.
- How the adviser will determine that they cannot form a reasonable belief as to a customer’s true identity and what the procedure is following such a determination.
Information Verification
Investment advisers must then verify the information they have collected from their customers. They may do so using some combination of the following two methods:
- Documentation: The proposed rule lists various possible documents that may be used to verify a customer’s identity. Advisers are not required to verify the validity of documentation provided by their customers, except for cases in which the documents contain “indicators of fraud,” according to the explanation of the rule provided in the section-by-section analysis.
- Non-documentary methods: Given the possibility of fraudulent documentation, advisers are encouraged to utilize non-documentary methods of verification as well. The proposed rule includes examples such as contacting a customer directly, obtaining financial statements, and running customer information through a public database.
Takeaways
Interested parties may submit written comments until July 22. If the proposed rule is adopted, all RIAs and ERAs will be required to enact and follow a compliant CIP within 60 days of the effective date of the final rule.
ArentFox Schiff lawyers have extensive experience with SEC and FinCEN regulations and are available to assist advisers in creating CIPs, implementing rigorous verification procedures, and ensuring compliance with all applicable legal requirements.
Listen to this post
Clea Braendel contributed to this article