A robust independent review of an anti-money laundering (AML) program for open-end investment companies (Funds) is crucial to meet relevant regulations and prevent money laundering and terrorist financing. The Bank Secrecy Act (BSA), as amended by the USA PATRIOT Act of 2001 and all applicable regulations, imposes the independent review requirement1 on Funds and delineates aspects of the independent review in an interim final rule effective April 24, 2002.2 This article examines the requirements, best practices and other key perspectives regarding independent reviews.
The independent review should be documented in the form of a written report or assessment specific to a Fund’s AML program. Recommendations for correcting deficiencies and enhancing existing areas that result from the independent review should be promptly implemented and/or shared with a Fund’s board for consideration.3 Ultimately, a rigorous independent review should produce a reasonable understanding of the effectiveness of a Fund’s AML program to deter, detect and report money laundering and terrorist financing.
The BSA only goes so far to prescribe that a Fund’s review frequency must be “periodic.”4 Thus, the review frequency should be determined by a Fund’s AML compliance officer (AMLCO) with input from the Fund’s board based on a Fund’s risk factors.
During the development of a Fund’s AML program, the AMLCO should seek to establish a set review frequency and periodically evaluate the need to adjust that frequency as a Fund’s risk factors evolve. Importantly, AMLCOs should reference their Fund’s AML program to ensure the review frequency is being followed. A Fund’s AML program may be specific, e.g., every year or every other year, or it may allow for greater discretion as to when independent reviews are conducted, e.g., periodic.
Who can/should perform the review?
The BSA stipulates that personnel performing the independent review must be knowledgeable of BSA requirements and may not be involved in the operation or oversight of the Fund’s AML program.5 Reviewers can be sourced internally, e.g., internal audit, legal or compliance personnel, or externally (e.g., auditors, law firms or compliance consulting firms). In relevant situations, Funds should also be cognizant of its service providers’ personnel performing the independent review and their potential indirect role in the operation or oversight of the Fund’s AML program.
Service Providers’ Roles
The Fund’s AML responsibilities that are delegated to service providers, e.g., transfer agents and principal underwriters, are generally an important aspect of the independent review. A Fund may delegate crucial components of its AML program such as customer identification and verification; suspicious activity monitoring, detecting and filing of reports; enhanced due diligence on foreign correspondent accounts and private banking accounts; Office of Foreign Assets Control and sanctions compliance; record retention; etc. However, the Fund must retain written consent from the service provider before delegating such responsibility and the Fund remains ultimately responsible for assuring compliance with the BSA.6
The independent review should examine the Fund’s appropriate delegation of its AML responsibilities as outlined in the Fund’s AML program and applicable contractual services agreement. In turn, the independent review should then analyze the relevant service provider’s assumption and implementation of the delegated responsibilities consistent with BSA requirements.7 The independent review’s recommendations, findings and discussions may offer insightful opportunities for a Fund to enhance its Rule 38a-1 review of service providers with respect to AML.
What about other pooled vehicles?
Exchange-traded funds’ (ETFs) AML programs must also provide for an independent review. While ETFs may present a lower risk profile than traditional open-end mutual funds, ETFs are still subject to BSA and independent review requirements as ETFs fall within the category of “open-end company” as defined under Section 5(a)(1) of the Investment Company Act of 1940.
Closed-end investment companies and private funds, e.g., hedge funds, venture capital funds and private equity funds, are not required to establish an AML program based on current interpretation of the rules.8 Of course, these funds, as a best practice, may choose to develop an AML program and seek an independent review to address potential exposure to money laundering and terrorist financing risks presented by their specific business model.
Engaging an independent reviewer may feel daunting for some fund managers; however, independent reviews come in all shapes and sizes. The key is to find a reviewer who can tailor the review and apply a developing landscape of AML requirements to the Fund’s unique structure and risk factors.
- “31 C.F.R. § 1024.210,” Government Publishing Office, 2011, https://www.govinfo.gov/content/pkg/CFR-2016-title31-vol3/pdf/CFR-2016-title31-vol3-sec1024-210.pdf
- “Mutual Fund AML Compliance Program Rule Release,” Federal Register, April 29, 2002, https://www.sec.gov/about/offices/ocie/amlmf/67fr21117.pdf
- Ibid, p. 21,119.
- Ibid, p. 21,117.