For the better part of a year, the investment management industry has been in a state of strategic paralysis. After FinCEN finalized its sweeping anti-money laundering (AML) rule for investment advisers last August, a common sentiment took hold: "Let's wait and see."
With a new administration taking office, many advisers hoped—and some assumed—that the rule would be quietly rolled back or defanged. After all, the new administration had already shown a deregulatory stance by dismantling the domestic reporting requirements of the Corporate Transparency Act. For months, there was silence.
That silence has now been broken.
Through a series of decisive enforcement actions and policy statements, the new leadership at the Securities and Exchange Commission (SEC) and Department of Justice (DOJ) has sent an unmistakable signal: The AML rule for advisers is here to stay, and the consequences for inaction are significant. Any doubt about whether this rule would stick has been removed.
For fund managers: the waiting game is over. With a compliance deadline of January 1, 2026, now is the time to understand the new landscape and the significant reputational and business risks of being unprepared.
The first signal: enforcement is happening now, before the rule is even in effect
The most powerful evidence that the SEC is taking this seriously comes from its recent enforcement actions. The agency isn't waiting for the 2026 deadline; it is creatively using its existing anti-fraud authority to police AML-related failures today.
Two cases from early 2025, after the new administration was in place, stand out as critical warnings:
1. The "say-do" risk (Navy Capital): The SEC charged investment adviser Navy Capital not for violating the new AML rule—which wasn't yet in effect—but for making false and misleading statements in its offering documents.13 The firm told investors it was voluntarily following certain AML procedures but failed to do so consistently, including with an investor who had suspected ties to money laundering.14 The result was a $150,000 penalty.13 What you say to investors about your diligence process is a material statement, and you will be held to it. Expect the same with any representations you make to banking partners too.
2. The financial stakes (LPL Financial): Just days later, the SEC hit LPL Financial, a dually-registered broker-dealer and investment adviser, with an $18 million penalty for long-standing failures in its AML program.13 This case underscores the severe financial consequences of systemic AML breakdowns.
And in June 2025, the SEC laid out how it intended to modernize its AML framework. Rather than being deemphasized, these actions prove that the SEC views AML compliance as a core component of an adviser's duties to investors and will use the full scope of its existing powers to enforce it.
The broader regulatory chorus: A unified government front
This isn't just an SEC initiative. Recent announcements from the Department of Justice and FinCEN show a coordinated, government-wide focus on financial crime that reinforces the seriousness of these new obligations.
• The DOJ's new playbook: In May 2025, the head of the DOJ's Criminal Division announced a new enforcement philosophy of "Focus, Fairness, and Efficiency." The policy creates a clear "carrot and stick" approach: companies that proactively self-disclose and cooperate on criminal matters will receive unprecedented leniency, while those that don't will face a "laser focus" on the most urgent threats. This policy was immediately put into practice: in June 2025, the SEC publicly declined to prosecute an investment adviser precisely because the firm proactively self-reported and corrected a sanctions issue. If the Investment Advisor had been caught by surprise and reacting to an active SEC investigation instead, the Advisor would have dramatically different outcomes.
• FinCEN's targeted advisories: FinCEN continues to issue specific advisories to financial institutions, highlighting red flags for threats like Iranian sanctions evasion and fentanyl trafficking networks. This demonstrates that regulators expect firms to be vigilant against real-world criminal threats, not just theoretical risks.
The risk of illicit actors in private markets is not hypothetical. As our 2025 Private Markets Financial Crime report shows, there is a greater than 20% chance of finding a sanctioned investor in your first 100 LPs, and a typical fund will likely encounter its first confirmed match by its 415th investor. The government's renewed focus is a direct response to this reality.
The new reality: What compliance means for your firm
With the political uncertainty resolved, fund managers must now focus on the practical implications of the FinCEN rule. Here is what compliance will entail:
• A formal, written program: You are now required to develop and implement a formal, risk-based AML program. This isn't an informal checklist; it's a documented framework that must be approved in writing by your firm's board or equivalent governing body.
• The "five pillars": At a minimum, your program must include the five core components of AML compliance: (1) a system of internal controls (your written policies), (2) independent testing of the program, (3) a designated AML compliance officer, (4) ongoing employee training, and (5) risk-based customer due diligence (CDD).
• Accountability stays with you: A critical point for fund managers is that while you can delegate tasks to a third party, your firm remains fully responsible and liable for the program's compliance. You cannot outsource accountability. If that third party fails, it’s your firm that regulators will hold responsible. Choose your partners carefully.
• Your next SEC exam will be an AML exam: FinCEN has formally delegated its examination authority for this rule to the SEC. This is a crucial structural change that integrates AML compliance directly into the routine SEC exams that your firm already undergoes.
Your action plan: How to prepare now
The January 1, 2026, deadline is closer than it appears, and building a defensible AML program takes time. We’re already halfway through the year and waiting much longer brings execution risk to the table too.
It’s time to assess your readiness. Here are the essential first steps every fund manager should be taking:
1. Conduct a formal risk assessment: The foundation of any AML program is a thorough assessment of your firm's specific risks. Analyze your client base, investment strategies, geographic exposures, and distribution channels to identify potential vulnerabilities.
2. Review all investor-facing documents: In light of the Navy Capital case, immediately review your offering memoranda, marketing materials, and DDQs. Ensure any statements about compliance or due diligence are 100% accurate and reflect your actual practices.
3. Appoint an AML Officer: Designate a qualified individual to be responsible for developing, implementing, and overseeing your AML program.
4. Engage your partners: Start a dialogue now with your current and potential partners to develop a clear and coordinated implementation plan.
Building this program from scratch can be a daunting task. Passthrough offers a technology-enabled solution that addresses all of these requirements, from the initial risk assessment to the ongoing management of your AML program. Let us help you get compliant.
Your Privacy Choices