The Corporate Transparency Act of 2020 … The Good, The Bad, and the Ugly

Corporate Transparency Act – There’s much that is Good, but there’s also some things that are Bad and other things that are downright Ugly

Many people are touting the proposed Anti-Money Laundering Act of 2020 (“AMLA2020”) and one of the titles of that Act, the Corporate Transparency Act, as the biggest change to American efforts to fight crime and corruption since the USA PATRIOT Act of 2001.

And they’re right. As a whole, the AMLA2020 will ultimately have the effect of shifting the US AML/CFT regime from a domestic-focused, regulator-versus-regulated, compliance inputs-based regime to an international, collaborative public/private sector, threat-focused, outputs-driven regime.

Just like Clint Eastwood in the classic Western “The Good, the Bad, and the Ugly”, that is all Good.

But like Lee Van Cleef, there is also some Bad, and unfortunately for the AMLA2020 (but fortunately for Eli Wallach) there is also some Ugly things that will reduce the impact and effectiveness of this new AML law. In fairness, regulations have yet to be issued, and regulations often address some of the bad and even ugly things in statutes.

This article looks at all aspects of the Corporate Transparency Act of 2020: the concept of “ultimate beneficial owner” and the so-called “Matryoshka doll” problem; the definitions of beneficial owner, applicant, and reporting company, and how those definitions differ from the current beneficial ownership rule; the new FinCEN identifier; the time that reporting companies have to report to FinCEN’s new database; the required information for beneficial owners and applicants; and who has access to the database.

The Good – the US gets a centralized, national registry of beneficial ownership information

Advocates celebrate major US anti-money laundering victory

This headline from a December 11, 2020 International Consortium of Investigative Journalists (ICIJ) Article is a good example of the Good of the Corporate Transparency Act. That article describes it well:

The long-sought reforms, effectively ending anonymous shell companies, were included in an annual defense spending bill approved by both houses of Congress with veto-proof margins. Landmark laws to thwart the use of U.S. shell companies by terrorists, human traffickers, arms dealers and kleptocrats are set to be enacted after more than a decade of lobbying and politicking with rare bipartisan support. The sweeping anti-money laundering reforms hitched a lift in the annual defense spending bill that passed the Senate 84-13 today, and was approved by the House 355-78 earlier this week. The Corporate Transparency Act requires U.S. companies to report their true owners to the Treasury Department’s Financial Crimes Enforcement Network, known as FinCEN — largely ending anonymous shell companies in the country.

Welcoming the clampdown, Transparency International’s U.S. director Gary Kalman said, “It is rare for such a simple measure to promise such an enormous impact.” Kalman added that the long sought anti-corruption reforms would “move us into a new era of enforcement.” The new legislation will allow law enforcement agencies and financial institutions to request company ownership information from FinCEN. The data will not be publicly available.

The Bad – Why exclude Money Transmitters and “Tall, Dark, and Handsome” Companies?

Under this new law, money transmitters have been added to the list of exempt entities (up to twenty-four from the current sixteen) that do not have to report their beneficial owner(s) or applicant. The rationale seems to be that they have to register with FinCEN already, so why register again? I discuss below why this doesn’t make sense and may create a loophole a money launderer can drive a truck through.

“Tall, Dark, and Handsome” is a reference to another new exception created by this law: a corporation or LLC that has 20 or more employees and more than $5 million in revenues and a physical office in the United States. These (very few, as it turns out) companies are the legal entity equivalent of (very rare!) men who are tall, dark, and handsome. Why they are not required to disclose their ultimate beneficial owners isn’t obvious to me: it’s discussed below.

(This is the second article I’ve written that includes the phrase “Tall, Dark, and Handsome” (see https://regtechconsulting.net/uncategorized/tall-dark-or-handsome-the-new-special-inspector-general-for-pandemic-recovery/). And this phrase, with its two commas, is an example of the use of the “Oxford comma”: the comma used after the penultimate item in a list of three or more items, before ‘and’ or ‘or’, to clearly indicate three items rather than two. I’ve also written an article on Oxford commas, see https://regtechconsulting.net/uncategorized/grave-danger-and-oxford-commas-words-and-punctuation-matter/).

The Ugly – There is very limited, and difficult, access to the central registry

Even if money transmitters and the “Tall, Dark, and Handsome” companies had to report their beneficial owners and applicant, there would still be very little transparency into those owners, or any other beneficial owners in the proposed FinCEN database. Financial institutions’ access to the database is severely restricted, and the punishing requirements imposed on federal, State, and Tribal government agencies to gain access to the information in the database may dissuade many of them from using it at all. Also ugly is the creation of the FinCEN identifier as a replacement for a Social Security Number, Drivers License number, or Passport number. I’m hedging on how ugly this actually is, though: regulations may turn what appears to be ugly into something pretty attractive.

Caution – the AMLA2020 Hasn’t Been Enacted Yet

The Corporate Transparency Act is one title (of five) within the AMLA2020, the AMLA2020 is one division (of seven) of the National Defense Authorization Act for Fiscal Year 2021 (the “NDAA”). The NDAA has been passed by the House and Senate with veto-proof majorities, and was sent to the President for his consideration on December 11th. As of this writing (December 20th) the President has not signed the NDAA and continues to indicate he will veto it. If he does veto it, it’s not known whether the House and Senate will have the votes or the time to override the veto.

Note: This article focuses only on the beneficial ownership or corporate transparency title of the AMLA2020. I have written an article describing all other aspects of the AMLA2020 (with a short section on beneficial ownership: see https://regtechconsulting.net/aml-regulations-and-enforcement-actions/aml-act-of-2020-renewing-americas-aml-cft-regime/).

Introduction to the Corporate Transparency Act – Title LXIV of the AMLA2020 adding 31 USC s. 5336

Section 6401 simply states “this title may be cited as the ‘Corporate Transparency Act’.” The comments to the conference report provide that “Division F is substantially similar to H.R. 2513, the Corporate Transparency Act of 2019, introduced by Representative [Carolyn] Maloney [Democrat] of New York.” In fact, Rep. Maloney has introduced a corporate transparency bill in every Congress since 2009: HR 6098 (111th Congress), HR 3416 (112th Congress), HR 3331 (113th Congress), HR 4450 (114th Congress), HR 2089 (115th Congress), and HR 2513 (116th Congress). Our collective thanks to Representative Maloney and her staff for their courage and perseverance.

Why has Rep. Maloney, and so many others, been pushing for corporate transparency? Among other reasons, Recommendation 24 of the Financial Action Task Force (FATF) requires legal entity transparency, including the disclosure of beneficial ownership. Since its first FATF Mutual Evaluation in 1996, and in every subsequent evaluation (2006 and 2016), the United States has been criticized for failing to meet this recommendation. Since at least 2008, with Senator Carl Levin’s (D. MI) Incorporation Transparency and Law Enforcement Assistance Act (S. 2956), corporate transparency bills have been introduced in Congress seeking to satisfy the FATF recommendations. They have all failed – until now. A good summary of why they’ve failed, and why this version of the Corporate Transparency Act is still quite limited in its scope and will be quite limited in its impact, is included in the comments of Congressman Patrick McHenry in Appendix A, below.

Section 6402 is the “Sense of Congress” section. This section provides, in part, that “most or all” of the 50 states that create about 2 million corporations and LLCs each year “do not require information about the beneficial owners”, that “malign actors seek to conceal their ownership” and that money launderers layer corporate structures across various secretive jurisdictions “much like Russian nesting ‘Matryoshka’ dolls.” With that ominous beginning, the section then continues with a statement that the beneficial ownership information “will be directly available only to authorized government authorities” and the database is intended to be “highly useful to national security, intelligence, and law enforcement agencies and Federal functional regulators”. There is no mention of making the information directly available to financial institutions or even having it benefit financial institutions.

The result is a national, centralized registry that is not accessible to the public and has limited value to financial institutions. The table to the right summarizes a review done by Transparency International on the types of national registries, as of October 2020: those with a central registry that is publicly accessible with no restrictions (green); central registry that is publicly accessible but is behind a paywall or with other restrictions (yellow); central registry that is not publicly accessible (yellow); no central registry but concrete steps are being taken to develop one (orange); and no central registry (red). I did not include all the countries listed in the “nothing” category as there are more than 150 that do not have such a registry. Currently, the United States is one of those lagging countries. With the AMLA2020 it will move form the lowest (red) tier up to the category of having a central registry that is not publicly accessible (yellow).

Ultimate Beneficial Owner – The Matryoshka Doll Problem

As Congress noted in section 6402 (above), most or all of the 50 states do not require information about the beneficial owners of the corporations and LLCs they create and register. So it currently isn’t difficult to mask the beneficial owner of a US-created or US-registered legal entity. But skilled and experienced money launderers and other criminal actors will create many layers that cross multiple jurisdictions in a bid to mask the true owners as much as possible. This is the “Matryoshka” doll visual – as seen by the (actual) Russian Matryoshka doll I have on my office bookshelf. In this visual, the “reporting company” is the largest doll on the left; the legal owner is the doll immediately to its right; and the ultimate beneficial owner, or UBO, is the smallest doll on the far right:

Figure 1 is taken from a March 2019 OECD “Beneficial Ownership Toolkit”. That toolkit provides “beneficial owners are always natural persons who ultimately own or control a legal entity or arrangement, such as a company, a trust, a foundation, etc. Figure 1 demonstrates how the use of a legal entity or arrangement can obscure the identity of a beneficial owner.” Figure 2 of the OECD toolkit show a more complex, nested series of arrangements that further distance the ultimate beneficial owner from the legal entity.

As Congress did in the Corporate Transparency Act, the OECD has identified these “nested” layers of entities that make it very difficult to identify the ultimate beneficial owner of a legal entity.[1] As explained below, however, Congress may have missed addressing this problem, or even made it worse by allowing ultimate beneficial owners of certain companies and money transmitters to be masked by intervening corporate entities. 

Beneficial Owner

The FATF has established the following definition of beneficial ownership:

“Beneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement.”

The proposed definition of Beneficial Owner is in 31 USC s. 5336(a)(3). It defines Beneficial Owner as an individual who “directly or indirectly, through any contract, arrangement, understanding, relationship, or otherwise, (i) exercises substantial control or (ii) owns or controls not less than 25 percent of the ownership interests”. This is slightly different than the definition of beneficial owner in 31 CFR 1010.540(d), which begins with the so-called ownership prong, which is “25 percent or more of the equity interests of a legal entity customer” and then follows with the control prong: “a single individual with significant responsibility to control, manage, or direct a legal entity customer” including a CEO, CFO, or similar position. In addition, the current regulation includes the trustee of a trust that is a legal owner: the AMLA2020 does not include a trustee. Regulations to be promulgated within one year will need to reconcile these different definitions.

And both the existing regulation – 31 CFR section 1010.230(d)(3) – and the new law – 31 USC section 5336(b)(2)(B) – exempt certain types of legal entities from having to provide beneficial ownership information (these are discussed below). If any of these exempt entities directly or indirectly own 25 percent or more of the equity interests of a legal entity customer or reporting company, respectively, they are not required to identify their owners. The current regulation exempts sixteen categories of entities from providing any beneficial ownership information, and two categories of entities only need to provide the name of one “control” person. The proposed law exempts twenty-four categories of entities from providing any beneficial ownership information. As mentioned above and described in more detail below, the addition of money transmitters and the “Tall, Dark, and Handsome” companies to the list of exempt entities will mask the beneficial owners of some potentially high risk entities. 

Applicant

The current beneficial ownership regulation does not include an “applicant”; rather, it includes the individual providing the beneficial ownership information to the financial institution and certifying that the information is complete and accurate. And that individual is only required to provide their name and position with the legal entity customer.

Subsection 5336(a)(2) defines an applicant as an individual who files an application to form a corporation, LLC, or similar entity with a State or Indian Tribe, or to register a foreign corporation, LLC, or similar entity with a State or Indian Tribe. Most states allow a “registered agent” to file the formation/registration documents, and most registered agents are companies. The individual is often a clerk working for that registered agent. Like the beneficial owner(s), the individual applicant must provide their full legal name, date of birth, current residential or street address, and either an identifying number like a SSN or a FinCEN identifier.

These differences must be reconciled in the new regulations.

Reporting Company

The definition of Reporting Company in 31 USC s. 5336(a)(11) is the same as the definition of “legal entity customer” in the current regulation. However, the exceptions (and, in the case of legal entity customers, the exemptions) are different, and, in some cases, materially different. A side-by-side comparison is set out in an Appendix B to this article, but the notable differences are the AMLA2020’s exceptions for (1) the Tall, Dark, and Handsome companies and LLCs – those with more than 20 FTE, more than $5 million in gross revenues (as reported to the IRS in the previous year), and with an operating presence in the United States (section 5336(a)(II)(B)(xxi))[2]; and (2) money transmitters registered with FinCEN (section 5336(a)(II)(B)(vi)), which include virtual currency exchanges.

Why did Congress carve out larger companies and money transmitters? Congressional staffers have told me that their primary focus was on the types of privately-held companies that can be used as shell companies: new companies without employees, with little or no revenue, and without a physical presence or office. That makes sense – if legal vehicles used to launder money were only shell companies. But larger companies with actual employees, revenue, and physical locations are also perfectly suited to generate, hide, and move illicit proceeds. And now with these companies being exempt from providing beneficial ownership information, they will be used to layer and hide the ownership of otherwise transparent shell companies. It would have been simpler and more effective to include all privately-held, non-financial institution companies and LLCs in the definition of “reporting company”. 

A similar reason was given for money transmitters (a form of Money Services Business, or MSB, and which include virtual currency exchanges): they are required to register with FinCEN (using Form 107) and as part of that registration, disclose their owner. Some of those who have commented on this, such as the pre-eminent law firm Sullivan & Cromwell, have noted that money transmitters “are already required to disclose beneficial ownership information publicly or to federal regulators … and exempting them from the reporting requirement does not appear to represent a gap in coverage.” See https://www.sullcrom.com/files/upload/sc-publication-anti-money-laundering-act-2020.pdf at page 7.

I disagree. First, there is nothing in the AMLA2020 that ties the ownership information contained in the Form 107 (MSB registration form) to the new beneficial ownership information. Second, MSBs do not have to disclose up to four legal owners and one control person – they only need to disclose one owner or controlling person – so FinCEN will not have complete beneficial ownership information on one of the highest risk business types. The instructions to the MSB registration form require that an “Owner or Controlling Person” submit the form, and that person is described in the instructions to the form as:

Any person who owns or controls a money services business is responsible for registering the MSB. Only one registration form is required for any business in any registration period. If more than one person owns or controls the business, they may enter into an agreement designating one of them to register the business. The designated owner or controlling person must complete Part III and provide the requested information [full name, date of birth, address, and identifying number]. In addition, that person must sign and date the form as indicated in Part VII … An “Owner or Controlling Person” includes the following: Sole Proprietorship – the individual who owns the business; Partnership – a general partner; Trust – a trustee; Corporation – the largest single shareholder. If two or more persons own equal numbers of shares of a corporation, those persons may enter into an agreement as explained above that one of those persons may register the business. If the owner or controlling person is a corporation, a duly authorized officer of the owner-corporation may execute the form on behalf of the owner-corporation.[3]

The Act includes a provision that this list of exemptions is subject to ongoing review by Treasury and, if a determination is made that an exempted category is being used to facilitate financial crime, Treasury may remove it from the list or impose other administrative actions. I hope that both money transmitters and “Tall, Dark, and Handsome” companies and LLCs are eventually remoted from the list of exempt entities. The loopholes they create are too tempting for professional money launderers and the gatekeepers (lawyers and accountants) who facilitate so much financial crime.

Time to Report

There are three time frames for reporting companies to report to FinCEN. All three begin when the regulations for this section are promulgated, which must be within one year of the passage of the Act. Companies in existence at the time of the regulations have (a very generous) two years to report. New companies created or registered after the regulations shall report at the time of formation (that is aggressive: money services businesses have 180 days from formation to register with FinCEN under 31 USC s. 5330(a)(1)). Changes in beneficial ownership must be reported within a year of the change.

How Many Companies Will Need to Report?

How many reporting companies will need to register their beneficial ownership information, and when? The most recent US Census Bureau data (2017) suggests there are 6 million businesses in the United States.[4] When adding in sole proprietorships and other single-persons doing business, other data suggests ~30 million businesses. This Act indicates that 2 million new companies and LLCs are being formed every year. There are ~3,000 publicly-traded companies, and ~100,000 regulated financial institutions, public accounting firms, etc., that are excluded from the definition of reporting company.

This leaves the “Tall, Dark, and Handsome” companies that will be excluded: those with more than 20 FTE, more than $5 million in gross revenues (as reported to the IRS in the previous year), and with an operating presence in the United States. Using Census Bureau information that suggests the average small business generates $100,000 in revenue per employee, the ~650,000 businesses the Census Bureau’s SUSB has identified, and analyzing the 5.2 million PPP loan recipients, it appears that approximately 2% of privately-owned small businesses have more than 20 employees, more than $5 million in annual revenue, and have a physical office in the United States (leaving 98% as “reporting companies”). The result is likely:

  • At least 5 million and as many as 20-30 million existing companies and LLCs will need to report their beneficial ownership information to FinCEN from January 2021 to January 2023; and
  • 2 million companies and LLCs per year will need to report their beneficial ownership information to FinCEN when they are created, beginning in January 2021.

The regulations for the FinCEN database of beneficial ownership information that will need to be issued, and the systems and procedures that will need to be designed, need to take into account the initial surge in reporting, as well as the 2 million or more new reports filed each year, and the revisions to existing reporting company records.

Required Information for Beneficial Owners and Applicants

Section 6403 is the main section for the new beneficial ownership information reporting requirements. It creates a new section in title 31 – section 5336. Subsection 5336(2) sets out the required information. There are some interesting, and perhaps some confusing, aspects about this subsection.

First is subsection 5336(2)(A). It provides:

(A) IN GENERAL.—In accordance with regulations prescribed by the Secretary of the Treasury, a report delivered under paragraph (1) shall, except as provided in subparagraph (B), identify each beneficial owner of the applicable reporting company and each applicant with respect to that reporting company by – (i) full legal name; (ii) date of birth; (iii) current, as of the date on which the report is delivered, residential or business street address; and (iv)(I) unique identifying number from an acceptable identification document; or (II) FinCEN identifier in accordance with requirements in paragraph (3).

With this, the report submitted to FinCEN shall identify from one to five beneficial owners and each applicant (defined as the individual who filed the application to create or register the reporting company with the state or Indian Tribe) by their full name, date of birth, address, and either their SSN or driver’s license number or Passport number or a FinCEN identifier. Allowing beneficial owners and applicants to be identified by the FinCEN identifier, and not by the commonly used SSN, drivers license, or passport number, could make the registry effectively unusable and/or ineffective (as explained below).

Subparagraph 5336(b)(2)(B) is the exception set out in (A), above, to providing a report that identifies the beneficial owner(s) and applicants of a reporting company. It provides:

(B) REPORTING REQUIREMENT FOR EXEMPT ENTITIES HAVING AN OWNERSHIP INTEREST. If an exempt entity described in subsection (a)(11)(B) has or will have a direct or indirect ownership interest in a reporting company, the reporting company or the applicant – (i) shall, with respect to the exempt entity, only list the name of the exempt entity; and (ii) shall not be required to report the information with respect to the exempt entity otherwise required under subparagraph (A).

This section mirrors the current regulation at 31 CFR s. 1010.230(d)(3). But the addition of money transmitters and “Tall, Dark, and Handsome” companies and LLCs to the list of exempt entities creates an interesting result. The box to the right shows an example of two of the listed exempt entity types: the so-called “Tall, Dark, and Handsome” companies, and money transmitters that are registered with FinCEN. The effect of this subsection, and subsection 5336(b)(3)(C), described below, may be that the Reporting Company must still disclose the Applicant (the person who filed the registration papers with the State or Indian Tribe that created the entity or registered it, if a foreign company, to do business in the State or Indian Tribe), but need not disclose the individuals that own or control the exempt company that owns the Reporting Company. In the example above, a reporting company owned by a money transmitting business only needs to list the name of the Applicant and the name of the money transmitting company as its beneficial owner: there is no “drill down” requirement as there is in the current beneficial ownership regulation. And because of the Form 107 limitation of listing only one person who own or controls the money transmitter, FinCEN has little information on one of the riskiest business types. One of the stated purposes of this new section was to address layered corporate structures “much like Russian nesting ‘Matryoshka’ dolls …” (section 6402(4)). This appears to be exactly that – a layered corporate structure involving money transmitters and privately-owned companies – which the law should have included.[5]

FinCEN Identifier

Section 5336(b)(3) is the FinCEN Identifier subsection. It provides:

(3) FINCEN IDENTIFIER. (A) ISSUANCE OF FINCEN IDENTIFIER. –

(i) IN GENERAL. – Upon request by an individual who has provided FinCEN with the information described in paragraph (2)(A) pertaining to the individual, or by an entity that has reported its beneficial ownership information to FinCEN in accordance with this section, FinCEN shall issue a FinCEN identifier to such individual or entity.

(ii) UPDATING OF INFORMATION. – An individual or entity with a FinCEN identifier shall submit filings with FinCEN pursuant to paragraph (1) updating any information described in paragraph (2) in a timely manner consistent with paragraph (1)(D).

(iii) EXCLUSIVE IDENTIFIER. – FinCEN shall not issue more than 1 FinCEN identifier to the same individual or to the same entity (including any successor entity).

From this, it appears that once an individual or reporting entity is named in a Beneficial Owner Information Report, they/it can request to have issued to them/it a unique FinCEN Identifier. The required information from subsection (2) – for individuals, that is their full legal name, DOB, current residential or business street address – will remain, but their identifying number, such as SSN, will be replaced by the FinCEN Identifier. This either/or approach is clear from the “required information” section[6] as well as subsection 5336(b)(3)(B): “USE OF FINCEN IDENTIFIER FOR INDIVIDUALS. – Any person required to report the information described in paragraph (2) with respect to an individual may instead report the FinCEN identifier of the individual.”

Like the money transmitter example above (the exception in 5336(b)(2)(B)) and subsection 5336(b)(3)(C)), this appears to allow an opaque “Matryoshka doll” of layered corporate entities. It provides:

(C) USE OF FINCEN IDENTIFIER FOR ENTITIES. – If an individual is or may be a beneficial owner of a reporting company by an interest held by the individual in an entity that, directly or indirectly, holds an interest in the reporting company, the reporting company may report the FinCEN identifier of the entity in lieu of providing the information required by paragraph (2)(A) with respect to the individual.

Once a beneficial owner and/or a reporting company obtains a FinCEN identifier, they/it can update any existing report or submit any new report using that FinCEN Identifier instead of the beneficial owner’s SSN or drivers license number or passport number and not even identify the actual beneficial owners going forward. Are those individuals thereafter “masked” from law enforcement unless FinCEN also maintains the SSN or other identifying number that would be known to law enforcement, and can cross-reference the law enforcement request? In the example above, as long as Reporting Company C has a FinCEN identifier, Reporting Company A may report that FinCEN identifier in lieu of providing the names and information of the beneficial owners (in this example, Messrs. Mossack and Fonseca).

Also, it is unclear how law enforcement will query, and how FinCEN will search, the beneficial ownership information database using FinCEN identifiers. For example, assume Al Capone is named as a beneficial owner of Reporting Company A. He provides his full name, SSN, etc. He then requests a FinCEN Identifier, and updates that report with his Identifier. Later, Reporting Company B submits a report and lists Al Capone with Al’s Identifier, but not his SSN. Law enforcement is later interested in Al Capone and queries FinCEN with “do you have Al Capone, SSN 010-56-1234?” and FinCEN replies “nope, nobody with that name matching that SSN. We’ve got 7 other ‘Al Capones’ with different SSNs or FinCEN identifiers.”

Access to the Database – None for the Public, Limited for Financial Institutions, Difficult for Law Enforcement

Subsection 5336(c) provides for the retention and disclosure of beneficial ownership information. The key is the disclosure provisions. The new FinCEN central registry of beneficial ownership information is not publicly accessible. Financial institutions can only query the database “with the consent of the reporting company to facilitate compliance … with CDD requirements”. And the procedures for law enforcement and other federal agencies are daunting enough that they may be discouraged from accessing the database.

Subsection 5336(c)(2)(B) lists five situations where FinCEN may disclose beneficial ownership information:

(i)(I) upon receipt of a request from “a federal agency engaged in national security, intelligence, or law enforcement activity, for use in furtherance of such activity”;

(i)(II) upon receipt of a request from a State, Tribal, or local law enforcement agency with a court order;

(ii) a request from a federal agency on behalf of a foreign government pursuant to a treaty, mutual legal assistance treaty, etc.;

(iii) upon receipt of “a request made by a financial institution subject to customer due diligence requirements, with the consent of the reporting company, to facilitate the compliance of the financial institution with customer due diligence requirements under applicable law”; and

(iv) upon receipt of a request from a Federal functional regulator.

And the “appropriate protocols” for requesting and releasing beneficial ownership information, set out in subsection 5336(c)(2)(C) are daunting: each request by a federal agency must include “the specific reason or reasons why the beneficial ownership information is relevant” to the investigation; the agency must have procedures and training in place to handle and restrict the information, the agency must keep auditable records, and be audited by the agency and annually by Treasury.

The biggest issue with the central registry of beneficial ownership information may be the limitations placed on financial institutions’ access and use. Examples of these limitations are:

  1. By limiting requests to those made with the consent of the reporting company, financial institutions cannot query the database without “tipping off” the reporting company, so financial institutions may only be able to use the database for onboarding due diligence or updating general due diligence, and not for investigations of unusual or possible suspicious activity;
  2. It is not clear whether financial institutions can perform due diligence on individuals by querying the database to determine if an individual customer is a beneficial owner of the institution’s new or proposed customer (a legal entity customer under the current rules, or a reporting company under the AMLA2020). In the example of Al Capone, above, it does not appear that a financial institution can submit a request to FinCEN to search the database for “Al Capone”;
  3. It is not clear what information FinCEN will return in response to a request for beneficial ownership information: will it release the PII of the applicant and beneficial owner(s), or just the name(s) and address(es)? What utility, if any, will FinCEN identifiers be to financial institutions?
  4. The database won’t be fully populated with the ~5-30 million existing reporting companies until 2023: what will financial institutions do if they get a “null return” from FinCEN for a company the financial institution knows should be registered? What will financial institutions be expected to do when the information they have in their files is different than what is returned by FinCEN?

Why was access to the beneficial ownership registry limited to the extent it was? The answer to that question could be found in comments made by Congressman Patrick McHenry, (R. NC 10). His floor comments from December 8, 2020, as captured in the House Congressional Record, are included in Appendix A, below. His comments bear particular weight, as Congressman McHenry is the Ranking Member on the House Financial Services Committee.

Only Part of the Current Beneficial Ownership Rule Remains

Congressman McHenry commented that this new reporting rule “rescinds the current beneficial ownership reporting regime set out in 31 CFR 1010.230 (b)–(j), which is costly and burdensome to small businesses.” However, it may not be as cut-and-dried as he states. The section that Rep. McHenry is referring to is 6403(d). That section provides:

Section 6403(d) REVISED DUE DILIGENCE RULEMAKING.

(1) IN GENERAL. – Not later than 1 year after the effective date of the regulations promulgated under section 5336(b)(4) of title 31, United States Code, as added by subsection (a) of this section, the Secretary of the Treasury shall revise the final rule entitled “Customer Due Diligence Requirements for Financial Institutions” (81 Fed. Reg. 29397 (May 11, 2016)) to –

(A) bring the rule into conformance with this division and the amendments made by this division;

(B) account for the access of financial institutions to beneficial ownership information filed by reporting companies under section 5336, and provided in the form and manner prescribed by the Secretary, in order to confirm the beneficial ownership information provided directly to the financial institutions to facilitate the compliance of those financial institutions with anti-money laundering, countering the financing of terrorism, and customer due diligence requirements under applicable law; and

(C) reduce any burdens on financial institutions and legal entity customers that are, in light of the enactment of this division and the amendments made by this division, unnecessary or duplicative.

(2) CONFORMANCE.

(A) IN GENERAL. – In carrying out paragraph (1), the Secretary of the Treasury shall rescind paragraphs (b) through (j) of section 1010.230 of title 31, Code of Federal Regulations upon the effective date of the revised rule promulgated under this subsection.

(B) RULE OF CONSTRUCTION. – Nothing in this section may be construed to authorize the Secretary of the Treasury to repeal the requirement that financial institutions identify and verify beneficial owners of legal entity customers under section 1010.230(a) of title 31, Code of Federal Regulations.

(3) CONSIDERATIONS. – In fulfilling the requirements under this subsection, the Secretary of the Treasury shall consider—

(A) the use of risk-based principles for requiring reports of beneficial ownership information;

(B) the degree of reliance by financial institutions on information provided by FinCEN for purposes of obtaining and updating beneficial ownership information;

(C) strategies to improve the accuracy, completeness, and timeliness of the beneficial ownership information reported to the Secretary; and

(D) any other matter that the Secretary determines is appropriate.

Some, But Not All, of the Current Beneficial Ownership Rule Will Change

The current Beneficial Ownership rule is set out in 31 CFR section 1010.540(a) – (j):

(a) “Covered financial institutions are required to establish and maintain written procedures that are reasonably designed to identify and verify beneficial owners of legal entity customers” and to include those procedures in their overall 31 USC s. 5318(h) programs

(b) Identification and verification of beneficial owners when a new account is opened unless excluded pursuant to (e) or exempt pursuant to (h)

(c) Definition of “account”

(d) Definition of “beneficial owner” to be (1) each individual, if any, who, directly or indirectly, through any contract, arrangement, understanding, relationship, or otherwise, owns 25 percent or more of the equity interest of a legal entity customer [the so-called “ownership prong”]; and (2) a single individual with significant responsibility to control, manage, or direct a legal entity customer (including CEO, CFO, etc.) [the so-called “control prong”]; and (3) if a trust is the legal owner, the trustee.

(e) Definition of Legal Entity Customer – includes a list of exceptions and entities subject to only the control prong

(f) Definition of “Covered Financial Institution”

(g) Definition of “New Account”

(h) Exemptions

(i) Recordkeeping requirements

(j) Reliance on other financial institutions

The AML Act provides that “the Secretary of the Treasury shall rescind paragraphs (b) through (j) of section 1010.230 of title 31, Code of Federal Regulations upon the effective date of the revised rule promulgated under this subsection”. The result is that financial institutions will still be required to have procedures to identify and verify beneficial owners, but how that is done will be determined by new rules and regulations. So the new rules will be similar to the current beneficial ownership rule.

The current beneficial ownership rule provides financial institutions with more information on more legal entities sooner and requires them to use that information for not only onboarding due diligence, including customer risk rating, but ongoing due diligence (investigations of potential suspicious activity). It also gives financial institutions immediate access to existing legal entities’ beneficial ownership information where those entities open new accounts.

The new beneficial ownership information registration requirement only includes the smallest legal entities, existing legal entities have two years to provide their owners’ information, and, most importantly, financial institutions have limited access to the registry as they need their customer’s approval to access the customer’s information. The differences between the existing rule and new law are recognized in subsection (B), which directs the Secretary to “account for the access of financial institutions to beneficial ownership information filed by reporting companies under section 5336 … in order to confirm the beneficial ownership information provided directly to the financial institutions to facilitate the compliance of those financial institutions with” AML, CFT, and CDD requirements.

Conclusion

There is so much that is good about the Corporate Transparency Act. I’m hoping that by raising what appear to be, but may not be, bad and even ugly things about the Act, we will have more transparency into those aspects of the Act and we will be able to address them in regulations or even amendments to the Act itself.

 

Appendix A – Corporate Transparency Act – Congressional Comments

House Congressional Record from December 8, 2020 CREC-2020-12-08-pt1-PgH6919-3.pdf (congress.gov) at pages H6932-6933 (bold red font has been added for emphasis, and the footnote has been added from the original text):

Mr. MCHENRY. Mr. Speaker, I rise in support of the conference report to the National Defense Authorization Act for fiscal year 2021. Combating illicit finance and targeting bad actors is a nonpartisan issue. However, Congress’ actions must be thoughtful and data driven. An example of this is H.R. 2514, the COUNTER Act, which is included in this conference report. Division G is a compilation of bipartisan policies that will modernize and reform the Bank Secrecy Act and anti-money laundering regimes. These policies will strengthen the Department of Treasury’s financial intelligence, anti-money laundering, and counter terrorism programs.

I would like to thank Chairman CLEAVER and Ranking Member STIVERS for their work on this bill and the language included in Division G. In addition to Division G, the conference report contains an amendment replacing the text of H.R. 2513, the Corporate Transparency Act, with new legislation. H.R. 2513, which passed the House on October 22, 2019, and again as an amendment to H.R. 6395 on July 21, 2020, attempted to establish a new beneficial ownership information reporting regime to assist law enforcement in tracking down terrorists and other bad actors who finance terrorism and illicit activities. But, it did so to the detriment of America’s small businesses.

Beneficial ownership information is the personally identifiable information (PII) on a company’s beneficial owners. This information is currently collected and held by financial institutions prior to a company gaining access to our financial system.

However, bad actors and nation states, such as China and Russia, are becoming more proficient in using our financial system to support illicit activity. As bad actors become more sophisticated, so to must our tools to deter and catch them. One such tool is identifying the beneficial owners of shell companies, which are used as fronts to launder money and finance terrorism or other illicit activity. Beneficial ownership information assists law enforcement to better target these bad actors.

Although well-intentioned, H.R. 2513 had numerous deficiencies in its reporting regime. First, H.R. 2513 placed numerous reporting and costly reporting requirements on small businesses. It lacked protections to properly protect small businesses’ personal information stored with a little-known government office within the Department of Treasury—known as FinCEN. The bill authorized access to this sensitive information without any limitation on who could access the information and when it could be accessed. Finally, it failed to hold FinCEN accountable for its actions.

The text of H.R. 2513 is replaced with new language that I negotiated, along with Senate Banking Committee Chairman CRAPO. This substitute, which is reflected in Division F of the conference report, is a significant improvement over the House-passed bill in three key areas.

First, Division F limits the burdens on small businesses. Unlike H.R. 2513, the language included in the conference report protects our nation’s small businesses. It prevents duplicative, burdensome, and costly reporting requirements for beneficial ownership data from being imposed in two ways. It rescinds the current beneficial ownership reporting regime set out in 31 CFR 1010.230 (b)–(j), which is costly and burdensome to small businesses. Rescinding these provisions ensures that it cannot be used in a future rule to impose another duplicative, reporting regime on America’s small businesses. In addition, Division F requires the Department of Treasury to minimize the burdens the new reporting regime will have on small businesses, including eliminating any duplicative requirements.

House Republicans ensured the directive to minimize burdens on small businesses is fulfilled. Division F directs the Secretary of the Treasury to report to the House Committee on Financial Services and the Senate Committee on Banking annually for the first three years after the new rule is promulgated. The report must assess: the effectiveness of the new rule; the steps the Department of Treasury took to minimize the reporting burdens on reporting entities, including eliminating duplicative reporting requirements, and the accuracy of the new rule in targeting bad actors. The Department of Treasury is also required to identify the alternate procedures and standards that were considered and rejected in developing its new reporting regime. This report will help the Committees understand the effectiveness of the new rule in identifying and prosecuting bad actors. Moreover, it will give the Committees the data needed to understand whether the reporting threshold is sufficient or should be revised.

Second, Division F includes the strongest privacy and disclosure protections for America’s small businesses as it relates to the collection, maintenance, and disclosure of beneficial ownership information. The new protections set out in Division F ensure that small business beneficial ownership information will be protected just like an individual’s tax return information. The protections in Division F mirror or exceed the protections set out in 26 U.S.C. 6103, including:

  1. Agency Head Certification. Division F requires an agency head or designee to certify that an investigation or law enforcement, national security or intelligence activity is authorized and necessitates access to the database. Designees may only be identified through a process that mirrors the process followed by the Department of Treasury for those designations set out in 26 U.S.C. 6103.
  2. Semi-annual Certification of Protocols. Division F requires an Agency head to make a semi-annual certification to the Secretary of the Treasury that the protocols for accessing small business ownership data ensure maximum protection of this critically important information. This requirement is non-delegable.
  3. Court authorization of State, Local and Tribal law enforcement requests. Division F requires state, local and tribal law enforcement officials to obtain a court authorization from the court system in the local jurisdiction. Obtaining a court authorization is the first of two steps state, local and tribal governments must take prior to accessing the database. Separately, state, local and tribal law enforcement agencies must comply with the protocols and safeguards established by the Department of Treasury.
  4. Limited Disclosure of Beneficial Ownership Information. Division F prohibits the Secretary of Treasury from disclosing the requested beneficial ownership information to anyone other than a law enforcement or national security official who is directly engaged in the investigation.
  5. System of Records. Division F requires any requesting agency to establish and maintain a system of records to store beneficial ownership information provided directly by the Secretary of the Treasury.
  6. Penalties for Unauthorized Disclosure. Division F prohibits unauthorized disclosures. Specifically, the agreement reiterates that a violation of appropriate protocols, including unauthorized disclosure or use, is subject to criminal and civil penalties (up to five years in prison and $250,000 fine).

Third, Division F contains the necessary transparency, accountability and oversight provisions to ensure that the Department of Treasury promulgates and implements the new beneficial ownership reporting regime as intended by Congress. Specifically, Division F requires each requesting agency to establish and maintain a permanent, auditable system of records describing: each request, how the information is used, and how the beneficial ownership information is secured. It requires requesting agencies to furnish a report to the Department of Treasury describing the procedures in place to ensure the confidentiality of the beneficial ownership information provided directly by the Secretary of the Treasury.

Separately, Division F requires two additional audits. First, it directs the Secretary of Treasury to conduct an annual audit to determine whether beneficial ownership information is being collected, stored and used as intended by Congress. Separately, Division F directs the Government Accountability Office to conduct an audit for five years to ensure that the Department of Treasury and requesting agencies are using the beneficial ownership information as set out in Division F. This is the same audit that GAO conducts as it relates to the Department of Treasury’s collection, maintenance and protection of tax return information. This information will ensure that Congress has independent data on the efficacy of the reporting regime and whether confidentiality is being maintained.

Division F also requires the Department of Treasury to issue an annual report on the total number of court authorized requests received by the Secretary to access the database. The report must detail the total number of court authorized requests approved and rejected and a summary justifying the action. This report to Congress will ensure the Department of Treasury does not misuse its authority to either approve or reject court authorized requests.

Finally, Division F requires the Director of FinCEN, who is responsible for implementing this reporting regime, to testify annually for five years. This testimony is critical. For far too long FinCEN has evaded any type of congressional check on its activities. Yet, it has amassed a great deal of authority. Now, Congress will shine a light on its operations. It is my expectation that FinCEN will provide Congress with hard data on its effectiveness in targeting bad actors, including the effectiveness of this new authority to collect, maintain, and use beneficial ownership information.

One final comment about the importance of FinCEN’s annual testimony. In the months leading up to the House’s consideration of H.R. 2513 last October, I sought data from FinCEN and from the Treasury Department, along with the Department of Justice, to better understand the need for this legislation. No such data was forthcoming. Rather, FinCEN gave anecdotes of very scary stories to justify the need for a new reporting regime. It is my expectation that FinCEN will provide Congress with the necessary data to justify this new reporting regime and the burdens it is placing on legitimate companies. I will conclude by thanking Chairwoman MALONEY for her work over the last twelve years on this issue and her willingness to work with me to strengthen this bill. I believe we have a better product. I urge my colleagues to support the conference agreement.

[1] Beneficial Ownership Toolkit (oecd.org)

[2] With the Oxford comma separating the three attributes, it is clear that these companies must have all three attributes. And there are very few companies or LLCs in the United States that have all three. They are in fact the corporate equivalent of a man who is tall, dark, and handsome – very rare.

[3] FinCEN FORM 107 (Rev. 8-2008) (irs.gov)

[4] The US Census Bureau’s Statistics of US Businesses, or SUSB, data available at 2017 SUSB Annual Data Tables by Establishment Industry (census.gov). This shows ~5.35 million businesses with 20 or fewer employees; ~550,000 with 20-99 employees; ~100,000 with 100-499 employees (these ~5,990,000 businesses are all “small businesses”. Note that the Paycheck Protection Program, limited to small businesses with 500 or fewer employees, resulted in ~5.2 million loans); and ~10,000 businesses with more than 500 employees.

[5] All money transmitters must register with FinCEN: it is a federal criminal offense for a licensed money transmitter not to be registered with FinCEN. See 31 USC s. 5330 and 18 USC s. 1960.

[6] This is clear from subsection 5336(b)(2)(A) which provides that each beneficial owner and applicant shall be identified by their full legal name, date of birth, current residential or business street address, and either an identifying number from an acceptable form of identification such as a SSN or drivers license or passport, or a FinCEN identifier.

Appendix B – Comparison of Legal Entities Subject to Beneficial Ownership

31 CFR s. 1010.230(e)(2) and (3) Legal Entity Customer ExceptionsProposed 31 USC s. 5336(a)(II)(B) Reporting Company Exceptions
(2)(i) financial institution with a federal functional regulator, or a state-regulated bank(iii) financial institution with a federal functional regulator
 (iv) federal or state credit union
(2) (ii) entity described in 31 CFR 1020.315(b)(2)-(5):     (2) department or agency of the US, state, or           subdivision thereof     (3) entity with governmental authority     (4) entity listed on the NYSE, NASDAQ, ASE     (5) subsidiary owned 51% or more of (4)(ii) same, but also includes Indian Tribe
(2) (iii) issuer of securities under sections 12 and 15(d) of the Securities Exchange Act(i) same
(2) (iv) SEC-registered investment company(x) same
(2) (v) SEC-registered investment advisor(x) same and (xi) same
(2) (vi) SEC-registered exchange or clearing agency(viii) same
(2) (vii) any other SEC-registered entity(vii) for broker dealers, and (ix) same
(2) (viii) CFTC-registered entity(xiv) same
(2) (ix) Sarbanes-Oxley registered Public Accounting Firm(xv) same
(2) (x) Bank or Savings & Loan Holding Company(v) same
(2) (xi) pooled investment vehicle operated by a financial institution(xviii) same
(2) (xii) insurance company(xii) same
(2) (xiii) Dodd-Frank financial market company(xvii) same
(2) (xiv) foreign financial institution (FFI) with a regulator that has a beneficial ownership information requirement for that FFI 
(2) (xv) Noon-US government agency that does only government-related work and no commercial activity 
(2) (xvi) any private banking legal entity customer that has an existing requirement to identify beneficial owners under 31 CFR 1010.620 
(3)(i) control prong only for a pooled investment vehicle other than (e)(xi) 
(3)(ii) control prong only for non-profit entities(xix) similar but also includes political organizations and non-profit trusts
 (vi) money transmitting businesses that are registered under 31 USC s. 5330
 (xiii) US-owned insurance producers
 (xvi) public utilities
 (xxi) any entity that (I) employs more than 20 employees on a full-time basis in the United States; (II) filed in the previous year Federal income tax returns in the United States demonstrating more than $5,000,000 in gross receipts or sales in the aggregate, including the receipts or sales of (aa) other entities owned by the entity; and (bb) other entities through which the entity operates; and (III) has an operating presence at a physical office within the United States
 (xxii) any subsidiary of (i) to (xxi) except (xvi) money transmitters
 (xxiii) any dormant (defined) entity not owned directly or indirectly by a foreign person
 (xxiv) any other entity determined by the Secretary