On December 7, 2021, the Financial Crimes Enforcement Network (“FinCEN”) issued a Notice of Proposed Rulemaking (NPRM or “Proposed Rule”) to implement the beneficial ownership information (BOI) reporting provisions of the Corporate Transparency Act (CTA), which was contained in the Anti-Money Laundering Act of 2020 (AMLA). The Proposed Rule addresses comments that FinCEN received in response to its April 5, 2021 Advance Notice of Proposed Rulemaking (ANPR). FinCEN asserts that collecting and providing BOI to law enforcement, financial institutions, and other authorized users will help combat corruption, money laundering, terrorist financing, tax fraud, and other illicit financial activity. The agency is accepting comments on the NPRM until February 7, 2022.
This is the first of three rulemakings to implement the CTA, and FinCEN will issue additional rules on (1) persons authorized to access BOI and for what purposes, and the safeguards imposed to protect BOI; and (2) revisions to the Customer Due Diligence rule (“CDD Rule”), which only applies to financial institutions.
Many U.S. states authorize a company’s formation without requiring the disclosure of BOI. This resulted, over the years, in the United States becoming a breeding ground for shell companies engaging in illicit financial activity. This risk was highlighted in the leaked Panama Papers, the Paradise Papers, the FinCEN Files, and more recently, the Pandora Papers. For example, the Pandora Papers revealed that numerous foreign officials use Wyoming as a tax shelter for illicit funds. These officials include, among others, a controversial Russian oligarch, an Argentinian family embroiled in money laundering and industrial waste scandals, and the money manager for a Dominican dictator. The CTA is a long-overdue crackdown on this practice.
The NPRM details government efforts dating back to 2000 to combat shell companies, from FinCEN, the U.S. Department of the Treasury, other government agencies, and the Financial Action Task Force. Among other actions, these efforts included advisories warning about the risks of shell companies and joint-agency guidance on regulatory expectations for obtaining BOI for certain accounts and customer relationships. The first substantial regulatory action dates back to 2016, when FinCEN published the CDD Rule, which requires certain financial institutions to identify and verify the identity of the beneficial owners of legal entity customers upon account opening.
But the CDD Rule, which has been in effect since 2018, is not as robust as the CTA and the Proposed Rule. The CDD Rule imposes certain requirements for covered institutions, which include U.S. banks, mutual funds, brokers and dealers in securities, futures commission merchants, and introducing brokers in commodities. The covered entities are required to establish policies and procedures to identify and verify the identity of the beneficial owners of legal entity customers that own, control, or profit from the company. This is required when these companies open new accounts.
The Proposed Rule establishes who would have to report BOI, what information must be reported, and when.
BOI reporting requirements would be imposed on reporting companies and their beneficial owners and company applicants.
FinCEN chose not to further define “other similar entity,” but to leave the definition of reporting company based on the filing requirement characteristic. This is to avoid using broad parameters (e.g., entities that are legally distinct from their natural person owners) that might vary by state, and also to maintain the full scope of coverage that Congress intended.
Reporting companies would likely include limited liability partnerships, limited liability limited partnerships, business trusts, and most limited partnerships, which are typically created by a filing with a secretary of state or similar office. Certain trusts may be excluded, since they do not require such a filing, and FinCEN asks for further comment on this issue.
The Proposed Rule retains the 23 types of exempt entities listed in the CTA, which entities are subject to substantial federal or state regulation that may already require the disclosure of their BOI. FinCEN only made clarifications to these exemptions. FinCEN invited comment on the appropriateness of FinCEN requiring exempt entities to voluntarily file reports detailing their applicable exemption. The current CDD Rule exempts financial institutions from collecting BOI on only 16 types of customers, including, e.g., other banks, investment advisors, and entities registered with the Securities and Exchange Commission.
A beneficial owner would be defined as “any individual who, directly or indirectly, either exercises substantial control over such reporting company or owns or controls at least 25 percent of the ownership interests of such reporting company.”
“Substantial control” would be defined to include:
The first three indicators of substantial control are specific: the first indicator identifies individuals with nominal authority, the second and third indicators focus on functional authority. The fourth indicator is a catch-all, designed to detect individuals exercising control in “novel and unorthodox” ways. In the NPRM, FinCEN acknowledges that a broad definition may engender confusion, and FinCEN therefore elaborates on the definition within the Proposed Rule (e.g., substantial control may be exercised through board representation). FinCEN notes, however, that daily managerial authority with respect to one aspect of a reporting company’s business does not, in isolation, make such person a beneficial owner, unless that person satisfies another element of the “substantial control” criteria.
“Ownership interests” would be defined to include, among other things, equity and stock or similar instruments, capital or profit interests, convertible instruments, warrants, rights, and other options privileges. Debt instruments may also be included if they enable the holder to exercise the same rights as one of the specified equity or other interests. The Proposed Rule includes a non-exhaustive list of examples of how an individual can own or control ownership interests, for example, by joint ownership or control of an entity along with another person in an undivided ownership interest in the company. In another example, FinCEN outlines when an individual may be deemed to have ownership interests in a trust, including when the individual has the right to demand a distribution of or withdraw substantially all of the trust’s assets.
Under the ownership prong of the current CDD Rule, only equity interests are relevant, joint ownership is not addressed, and assets in trust are deemed owned by trustees. While the CDD Rule approach is more straightforward, FinCEN indicates that the CDD Rule approach is not an appropriate standard and does not promote transparency into the ownership of complex structures. FinCEN believes that the new approach would provide a more comprehensive and accurate picture of ownership.
Five types of individuals would be excluded from the definition of a beneficial owner:
The Employee Exception
Under the Proposed Rule, FinCEN would amend the CTA’s definition of employee by adding the word “substantial” before control, to clarify that this refers to the same type of control over a reporting company that would trigger a beneficial ownership finding. FinCEN also specifically clarifies that a person acting as a senior officer of a reporting company is ineligible for this exception, since a senior officer does not act solely in the capacity of an employee, and because exempting senior officers would frustrate the CTA’s goal of unmasking individuals with substantial control over an entity.
The Inheritor Exception
The inheritor exception in the Proposed Rule adds the word “future” to the statutory text, to clarify that it refers to a “future interest” associated with a right of inheritance, and not a present interest that may be acquired by exercising a right. This is to emphasize that an ownership interest vests upon inheritance, but a future right to inherit does not constitute ownership.
The Creditor Exception
Being a creditor alone would not make an individual a beneficial owner, unless such creditor otherwise falls within the definition of a beneficial owner. The Proposed Rule clarifies that an exempt creditor is one whose rights or interests in the reporting company are solely for the payment of a predetermined sum of money (e.g., debt or the payment of interest on such debt). The Proposed Rule also clarifies that the right to convert such predetermined sum into an ownership interest would make a creditor ineligible for this exception. In the NPRM, FinCEN requests further comment on other security interests with equity-like attributes that should be considered for the creditor exception.
WHO REPORTS – THE TAKEAWAY
Under the Proposed Rule, entities may likely be required to disclose more beneficial owners than currently required under the control prong of the CDD Rule, which requires a financial institution to provide BOI for the one individual with a “significant degree of control over the entity.”
While many commenters on the ANPR asked FinCEN to retain the CDD Rule approach, FinCEN notes that its proposed approach is easier than determining a sole beneficial owner with significant control – reporting companies can simply report all persons in substantial control of the entity, without the need for further analysis. Moreover, the CTA actually instructed FinCEN to rescind and revise most of the current CDD Rule, which restricts FinCEN to collecting BOI on one individual. FinCEN also notes that its approach is consistent with the CTA’s objective of creating a comprehensive BOI database, and that artificially limiting the number of beneficial owners would run contrary to the CTA’s purpose. However, FinCEN did not propose the other extreme – a per se rule based on titles that would require all officers of a reporting company to submit BOI.
In addition to reporting companies and beneficial owners, the third category of persons subject to reporting requirements is the company applicant.
The CTA definition of “company applicant” did not include a requirement that included persons who directed or controlled the relevant filing. FinCEN included this to preclude easy reporting evasion, and because FinCEN indicates in the NPRM that this will provide highly useful information to law enforcement who may be able to find connections between seemingly unconnected companies, beneficial owners, and company applicants.
Under the Proposed Rule, the initial report to FinCEN would need to contain specific information on the reporting company, every beneficial owner, and the company applicant. The following information would be required:
For the reporting company:
a. A reporting company that hasn’t been issued a TIN may submit either a: (a) Dun & Bradstreet Data Universal Numbering System Number; or (b) a Legal Entity Identifier.
For each beneficial owner and company applicant:
a. For a company applicant acting in the course of his business as a corporate or formation agent, the business street address of such business; or
b. In all other cases, the residential street address that the individual uses for tax residency purposes;
c. A unique identifying number from one of the following:
i. A non-expired U.S. passport;
ii. A non-expired identification document issued to the individual by a State, local government, or Indian tribe;
iii. A non-expired state driver’s license; or
iv. Where the individual does not have one of the aforementioned documents, a non-expired passport issued by a foreign government; and
d. An image of the document from which the unique identifying number provided was obtained, which includes both the unique identifying number and a photograph, which are, respectively, legible and recognizable.
The CTA broadly requires reporting “a residential or business street address.” The Proposed Rule takes a more specific approach, as outlined above, rather than giving the reporting persons the choice of which address to report. FinCEN indicated that this approach will lead to more targeted and useful information for national security, intelligence, and law enforcement purposes
In addition to the information required above, a reporting company may voluntarily report the TIN of any beneficial owner or company applicant, provided that the reporting company notifies each such beneficial owner or company applicant and obtains the relevant individual’s consent on a form prescribed by FinCEN.
Under the Proposed Rule, the reports would need to be filed with FinCEN in the form and manner prescribed and each person filing such report shall certify that the report is accurate and complete. These forms and instructions are still being developed. FinCEN is also considering whether such certification should be one-time or periodic, and some commenters argued that FinCEN doesn’t have the statutory authority for this request.
While the effective date of the final regulation has not yet been determined, reporting companies created before such effective date would have one year from such date to file their initial reports. This is sooner than the two-year maximum allotted by the CTA, but FinCEN believes this approach balances the need for notice with the need for the timely collection of BOI. Reporting companies created or registered after the effective date would have 14 days after their formation to file. A foreign company would have 14 calendar days from the date it first becomes a foreign reporting company. For entities that were exempt from filing, but lose such exemption, reporting is required within 30 days of the date when the exemption ceases to apply.
Updates to previously filed reports would need to be filed within 30 days of the change, which is shorter than the one-year maximum set by the CTA. FinCEN believes the utility of the BOI database (which FinCEN plans to call the Beneficial Ownership Secure System, or BOSS) would be severely limited if updated BOI were reported only annually, and that the 30-day deadline minimizes the potential abuse of shelf companies (i.e., entities formed as generic corporations without assets and then effectively assigned to new owners).
The deadline to correct inaccurate reports would be 14 days after the entity became aware or has reason to believe that any information provided in a report filed by the reporting company is inaccurate. This does not affect the 90-day safe harbor from submission for inadvertent errors, which the CTA provides.
While past FinCEN releases highlight the threats of money laundering and terrorist financing, recent issuances, including the NPRM, have noticeably added an emphasis on combating corruption and strengthening democracy. This is in line with the Biden administration’s goals and its newly released, first-ever U.S. Government Strategy on Countering Corruption, which addresses the money laundering risks posed by anonymous shell companies, and the need to protect the international financial system from abuse by corrupt actors.
Whether combating money laundering or corruption, FinCEN remains committed to working with stakeholders to streamline the process. The NPRM contains a long list of questions, as FinCEN continues to actively solicit feedback, including on whether certain provisions require clarifications or additions. FinCEN also remains committed to minimizing burdens on reporting companies, and expects the initial report to cost a reporting company less than $50. The NPRM does not, however, address how financial institutions will collect and use BOI. Entities should consider how they may be significantly impacted by new developments from FinCEN. In addition to internal company changes that may be required, companies should share their opinions with FinCEN to have an active role in the development of the final rule.
 The Proposed Rule would add to the CTA that registration to do business in any U.S. state suffices as registration to business in the United States.
 For companies in existence for many years whose company applicants are deceased, FinCEN would permit the reporting company to note that the company applicant is deceased, and to report whatever identifying information is known.