Private fund managers are heading into a new compliance era—one defined by tighter regulations, deeper diligence, and zero tolerance for blind spots. To help firms get ahead of these changes, we hosted a deep dive into Passthrough’s 2025 Private Markets Financial Crime Report, built from data of 120+ funds and 10,000+ investors and beneficial owners.
If you’re leading fund operations, compliance, or investor relations, this data isn't just informative—it’s essential. Our panel broke down where the biggest financial crime risks are hiding, why many firms are more exposed than they realize, and how to take action before year-end AML deadlines hit.
Watch the full video below and read on for a summary:
Key takeaways:
1. Sanctions exposure is real—and closer than you think.
Sanctioned individuals aren't just hypotheticals. On average, firms hit their first sanctioned investor by the time they onboard ~415 LPs. Even smaller funds have a ~70% chance of exposure with just 250 investors. This isn’t theoretical risk, it’s operational reality.
2. Entities dominate investor lists and they come with hidden complexity.
63% of investors are entities, not individuals. Each one brings 3-5+ beneficial owners who must also be screened. If you're only looking at the entity name, you're missing most of the risk. Knowing your LP means knowing who actually controls the capital.
3. Manual KYC doesn’t scale, especially retroactively.
Manually reviewing 1,000 investors takes ~1,800 hours. The volume of alerts, name matches, and document reviews is too much for spreadsheets and SharePoints. Technology is no longer a nice-to-have. It’s the only way to be both compliant and efficient.
4. “U.S. based investors” doesn’t mean low risk.
91% of screened names were in low-risk jurisdictions like the U.S. or countries in Western Europe, but they still accounted for 90% of true matches. Why? Regulatory actions, political exposure, and negative media. Risk comes from activity, not just geography.
5. Legacy KYC processes are leaving blind spots.
Most firms believe they’re covered until retroactive screening uncovers issues. Manual OFAC-only checks or fund admin driven reviews miss deeper risk signals. If you haven’t reviewed your past investor base with today’s standards, you may be exposed.
6. The new AML rules are coming fast and they’re serious.
By Jan 1, 2026, RIAs and ERAs must implement AML/CFT (combatting the financing of terrorism) programs under the Bank Secrecy Act. That includes designating a compliance officer, developing policies, and conducting retroactive investor reviews. Waiting isn’t a strategy—it’s a liability.
To download the full report, visit here.
And if you're looking to tackle KYC/AML and 31 CFR compliance for your firm ahead of the 2026 deadline, talk to one of our experts today.
Your Privacy Choices