Lack of Beneficial Ownership Information: a “Glaring Hole in our System” Says Treasury Secretary

On February 12, 2020, Treasury Secretary Mnuchin testified before the Senate Finance Committee on the President’s Fiscal Year 2021 budget. At the 75:22 mark of the hearing, Senator Mark Warner (D. VA) began a series of statements and questions about the lack of beneficial ownership information. Senator Warner observed that the just-submitted (February 6th) 2020 National Strategy for Combating Terrorist and Other Illicit Financing – National Strategy  – indicated that the number one vulnerability facing the U.S. efforts to combat terrorism, money laundering, and proliferation financing was the lack of beneficial ownership requirements at the time of company formation.

Senator Warren noted that “one of the key vulnerabilities identified in the report is the lack of a legally binding requirement to collect beneficial ownership at the time of company formation.” At the 76:50 mark, the Senator posed the following question:

Mr. Secretary, do you agree that one of our most urgent national security and regulatory problems is that the US Government still has no idea who really controls shell companies?

At the 77:25 mark Secretary Mnuchin replied:

“This is a glaring hole in our own system.”

What did the National Strategy have to say about lack of beneficial ownership information?

2020 National Strategy for Combating Terrorist and Other Illicit Financing – Key Vulnerability is Lack of Beneficial Ownership Information

The National Strategy listed 10 vulnerabilities. In the “Vulnerabilities Overview” section (page 12), the first of the “most significant vulnerabilities in the United States exploited by illicit actors” was “the lack of a requirement to collect beneficial ownership information at the time of company formation and after changes in ownership.” The Strategy goes on:

“Misuse of legal entities to hide a criminal beneficial owner or illegal source of funds continues to be a common, if not the dominant, feature of illicit finance schemes, especially those involving money laundering, predicate offences, tax evasion, and proliferation financing.


More than two million corporations and limited liability companies (LLCs) are formed in the United States every year. Domestic shell companies continue to present criminals with the opportunity to conceal assets and activities through the establishment of a seemingly legitimate U.S. businesses. The administrative ease and low-cost of company formation in the United States provide important advantages and should be preserved for legitimate investors and businesses. However, the current lack of disclosure requirements gives both U.S. and foreign criminals a method of obfuscation that they can and have repeatedly used, here and abroad, to carry out financial crimes. There are numerous challenges for federal law enforcement when the true beneficiaries of illicit proceeds are concealed through shell or front companies. Money launderers and others involved in commercial activity intentionally conduct transactions through corporate structures in order to evade detection, and may layer such structures, much like Matryoshka dolls, across various secretive jurisdictions. In many instances, each time an investigator obtains ownership records for a domestic or foreign entity, the newly identified entity is yet another corporate entity, necessitating a repeat of the same process. While some federal law enforcement agencies may have the resources required to undertake complex (and costly) investigations, the same is often not true for state, local, and tribal law enforcement.


To address a major aspect of this recognized vulnerability, FinCEN issued a Customer Due Diligence (CDD) Rule, which became fully enforceable for covered financial institutions on May 11, 2018. This rule requires, among other things, more than 23,000 covered financial institutions to identify and verify the identities of beneficial owners of legal entity customers at the time of account opening and defined points thereafter.


While the CDD Rule addressed the gap of collecting beneficial ownership information at the time of account opening, there remains no categorical obligation at either the state or federal level that requires the disclosure of beneficial ownership information at the time of company formation. Treasury currently does not have the authority to require the disclosure of beneficial ownership information at the time of company formation without legislative action. The CDD
Rule is an important risk-mitigating measure for financial institutions and an equally important resource for law enforcement, but it is not a comprehensive solution to the problem and a crucial gap remains.

The United Sates is traditionally the global leader on AML/CFT. But the lack of a legally-binding requirement to collect beneficial ownership information at the time of company formation hinders the ability of all regulated sectors to mitigate risks and law enforcement’s ability to swiftly investigate those entities created to hide ownership. Crucially, this deficiency drives significant costs and delays for both the public and private sectors. The 2016 Financial Action Task Force (FATF) Mutual Evaluation Report (MER) underscored the seriousness of this deficiency. Indeed, this gap is one of the principal reasons for the United States’ failing grade regarding the efficacy of its mechanisms for beneficial ownership transparency.” (citations omitted)

Key Priorities of the US Government in Combating Terrorism, Money Laundering, and Proliferation Financing

After setting out the threats and vulnerabilities, the 2020 National Strategy turned to the US Government’s three key priorities in fighting terrorist and other illicit financial activity:

“To make this 21st century AML/CFT regime a practical reality, the U.S. government will continue to review and pursue the following key priorities: (1) modernize our legal framework to increase transparency and close regulatory gaps; (2) continue to improve the efficiency and effectiveness of our regulatory framework for financial institutions; and (3) enhance our current AML/CFT operational framework. This will include the supporting actions discussed below.” (page 39)

Priority 1: Increase Transparency and Close Legal Framework Gaps

This first priority has four supporting actions: (i) require collection of beneficial ownership information by the government at time of company formation and after ownership changes; (ii) minimize the risks of the laundering of illicit proceeds through real estate purchases; (iii) extend AML program obligations to certain financial institutions and intermediaries currently outside the scope of the BSA; and (iv) clarify or update our regulatory framework to expand coverage of digital assets.

Supporting Action: Require the Collection of Beneficial Ownership Information by the Government at Time of Company Formation and After Ownership Changes

Currently, there is no categorical obligation at the state or federal level that requires the disclosure of beneficial ownership information at the time of company formation. Also, Treasury does not have the authority to require the disclosure of beneficial ownership information at the time of company formation without legislative action. Having immediate access to accurate information about the natural person behind a company or legal entity is essential for law enforcement and other authorities to disrupt complex money laundering and proliferation financing networks. However, this must be balanced with individual privacy concerns and not be unduly burdensome for small businesses.

The Administration believes that congressional proposals to require the collection of beneficial ownership information of legal entities by FinCEN, including the Corporate Transparency Act represents important progress in strengthening national security, supporting law enforcement, and clarifying regulatory requirements. The Administration is working with Congress. The aim—pass beneficial ownership legislation in 2020. It is important that any law enacted should closely align the definition of “beneficial owner” to that in FinCEN’s CDD Rule, protect small businesses from unduly burdensome disclosure requirements, and provide for adequate access controls with respect to the information gathered under this bill’s new disclosure regime.

The ILLICIT CASH Act – A Solution to the Beneficial Ownership Vulnerability

The 2020 National Strategy refers to congressional proposals. One of those was mentioned by Senator Warren, who referred to the bipartisan support that exists in Congress for addressing this vulnerability through a Senate bill, the ILLICIT CASH Act, S.2563 before the Senate Banking Committee. Senator Warren noted that the ILLICIT CASH Act, or Improving Laundering Laws & Increasing Comprehensive Information Tracking of Criminal Activity in Shell Holdings Act (clearly one of the great “backronyms” of all time!) had the support of 4 Democrats and 4 Republicans. Title IV of that bill set out “Beneficial Ownership Disclosure Requirements”, and included provisions to establish beneficial ownership reporting requirements. Although there is bipartisan and Administration support for the bill, not everyone is as supportive: the American Bar Association, for one, opposes the bill.

The American Bar Association – Supportive of Reasonable Measures to Combat Money Laundering, But Not the ILLICIT CASH Act

The American Bar Association – ABA Position on Combating Financial Crime  – “supports reasonable and necessary domestic and international measures designed to combat money laundering and terrorist financing. However, the Association opposes legislation and regulations that would impose burdensome and intrusive gatekeeper requirements on small businesses or their attorneys or undermine the attorney-client privilege, the confidential attorney-client relationship, or the right to effective counsel.” With respect to the ILLICIT CASH Act, the ABA opposes key provisions, and expressed that opposition in a June 19, 2019 letter to the Chairman and Ranking Member of the Senate Banking Committee. ABA Letter Opposing the ILLICIT CASH Act. And on their webpage:

“The ILLICIT CASH Act would require anyone involved in a real estate purchase or sale to file a detailed report with the Treasury Department containing the name of the natural person purchasing the real estate, the amount and source of the funds received, the date and nature of the transaction, and other data. Because attorneys often represent clients in real estate transactions, the ILLICIT CASH Act would compel many attorneys to disclose confidential client information to the government, a result plainly inconsistent with state court ethics rules.”

Conclusion – Courage to Compromise Is Needed if We Are to Make Inroads in the Fight Against Terrorism, Money Laundering, and Proliferation Financing

The ABA’s concerns about burdensome and intrusive requirements and undermining the attorney-client privilege are understandable. The Treasury Department’s concerns about the vulnerabilities of, and need to amend, the broken beneficial ownership regime are understandable. Democrats and Republicans in the House and Senate, and Republicans in the White House, will need to come together to draft, pass, and enact laws to fix the broken beneficial ownership regime. All of these groups, and more, will need the courage to compromise if we are to fill the most glaring hole in our AML system.

REAL ID Act of 2005 … REAL Beneficial Owners Act of 2019?

Can something like the REAL ID Act of 2005 be used to solve the beneficial ownership issue?

Without a national registry of beneficial ownership (BO) information, banks can collect BO information, but have no way to verify it

The REAL ID Act of 2005 compelled the 50 states to have their citizens’ state-issued identification documents meet certain minimum requirements and issuance standards … could a similar thing be done to compel the 50 states to have their state-created legal entities meet certain minimum requirements for beneficial ownership information?

The REAL ID Act of 2005 established minimum security standards for state-issued driver’s licenses and identification cards by prohibiting Federal agencies from accepting non-compliant state-issued driver’s licenses and identification cards that do not meet the Act’s minimum standards. The REAL ID Act was a way for the Federal Government to compel (sort of) the fifty states to meet certain standards for their drivers’ licenses. The Federal Government essentially told the fifty states “you have the power to issue state drivers’ licenses, and you can do what you’d like, but if you want those licenses to be used for any federal purposes, such as accessing Federal facilities, entering nuclear power plants, and, notably, boarding federally regulated commercial aircraft, then they have to meet our standards.”

The REAL ID Act’s genesis was the attacks of 9/11. It enacted recommendations from the July 2002 National Strategy for Homeland Security and the July 2004 9/11 Commission Report that the Federal Government “set standards for the issuance of sources of identification, such as driver’s licenses.” The REAL ID Act was included in the Emergency Supplemental Appropriation for Defense, the Global War on Terror, and Tsunami Relief Act of 2005 (PL 109-13, 119 Stat. 231 at 302), and the actual ID provisions are in Title II, Improved Security for Drivers’ Licenses and Personal Identification Cards, section 202, “minimum document requirements and issuance standards for federal recognition.” (Section 204 provides for grants to states to implement the document requirements and issuance standards).

The main part of section 202 provides:

REAL ID Act regulations weren’t finalized until January 2008, at which time it was clear that it would take billions of dollars and many years to get states into compliance. States were originally required to be compliant by May 2008 (the regulations weren’t published until January 2008). That deadline was extended multiple times to 2009, then 2011, then 2013, then 2015, and extended again to January 22, 2018. As of April 2018, only thirty states were compliant and the remaining twenty had obtained extensions. For those with non-compliant driver’s licenses issued by compliant states, they have until October 1, 2020 to get a compliant driver’s license.

To find out more about the REAL ID Act requirements, California’s DMV site has a good section: CA DMV on REAL ID Act

Can’t Board an Airplane … Can’t Bid on Federal Contracts

How could something like the REAL ID Act help banks with the beneficial ownership issue? Like driver’s licenses, creation of legal entities is left to each state, and (anecdotally) only three states currently require the collection and verification of beneficial ownership information.

Like they did to effectively compel the fifty states to issue individuals’ driver’s licenses that met federal standards, the federal government could pass a law that would prevent entities created in states that do not meet certain Beneficial Ownership standards from bidding on and winning federal government contracts. In other words, those states would not be compelled to collect, verify, and maintain accurate beneficial ownership information on state-incorporated legal entities, but would need to have an incorporation regime that did so if it wanted those legal entities to be able to bid on federal government contracts.

This might be a radical idea, full of legal and regulatory pitfalls. There might be dozens of reasons why it can’t work. But it might work. Or something similar could work (it doesn’t have to be about bidding on federal contracts).  But there must be something that could work. As Arthur C. Clarke wrote, “new ideas pass through three phases: it can’t be done; it probably can be done, but it’s not worth doing; I knew it was a good idea all along!”

One word of further caution. It will have taken fifteen years for all states to comply with the REAL ID Act of 2005 requirements. Hopefully it wouldn’t take states fifteen years to comply with the REAL Beneficial Owners Act of 2019.

FinCEN Director Ken Blanco testifies on the new CDD/Beneficial Ownership Rule

House Financial Services Committee – FinCEN Director Blanco Written Testimony 5-16-18

What is interesting is what Director Blanco did not have to testify about the enforcement of the new rule. He wrote, in part:

“Although we expect covered institutions to be ready on May 11, 2018, to begin timely and effective implementation of the policies, procedures, and controls required under the CDD Rule—and we are pleased to have heard from many in industry that they were ready—we also understand that institutions, regulators and other stakeholders may need a little extra time to smooth out any wrinkles. This is the case whenever we issue a new rule, the purpose of which is always to enhance our AML regime and not to serve as a vehicle for punishing financial institutions. There is always an understandable expectation that industry’s fine-tuning of its implementation, and the government’s fine-tuning of the examination process itself, takes time and that new questions often emerge after implementation begins. We have spoken with our counterparts, including the Federal Banking Agencies, the U.S. Securities and Exchange Commission, and the Commodity Futures Trading Commission, to discuss these issues. We are all committed to ensuring that covered financial institutions are able to implement the rule effectively, and in a way that makes practical sense.

Our goal in this rule is to gain the transparency needed to protect the U.S. financial system and to prevent, deter, detect and disrupt money laundering, terrorist financing, and other serious crimes. It is important for us to continue to work with our regulatory partners, their examiners and financial institutions to achieve these objectives through compliance with the rule. It is equally important, however, to understand that seamless implementation does not happen
overnight and, for some areas, we all will need time to benefit from cumulative practical experiences with the new rule as part of the process. In the meantime, we would encourage financial institutions to alert their examiners to any issues early on, and to share such concerns with FinCEN. We will continue to work with industry and regulators to understand and help address any concerns.”

This passage needs to be read carefully. Essentially, there is an expectation that financial institutions’ programs are ready on May 11th, but those institutions and their regulators “may need a little extra time to smooth out any wrinkles.” And that “new questions often emerge after implementation begins” and “we will all need time to benefit from cumulative practical experiences with the new rule”.  But what does not appear? Any statement that there will be a period of forbearance. Based on a strict reading of this testimony, covered financial institutions should expect that their programs will be judged as of May 11, and like with everything in BSA/AML, that judgment will be impacted by the environment the financial institution finds itself in at the time of judgment, not the environment it was in at the time of implementation. So beware! When being audited or examined in 2019 or 2020 for your compliance with the CDD Rule, look to the environment at that time – not as it was in May 2018 – for how your program will be judged as it was in May 2018.

Beneficial Ownership – a Centralized Registry is the Key!

Requiring financial institutions to collect the (one to five) names and PII of what may or may not be the beneficial owners of a legal entity customer, as well as the name and “certification” of the representative of the legal entity that those are, indeed, the beneficial owner(s) of the legal entity, is a positive step. But without a centralized registry of beneficial ownership, it is an incomplete exercise.

A great blueprint for a centralized registry can be found in a December 2017 paper written by Mora Johnson of Publish What You Pay Canada. In “Building a Transparent, Effective Beneficial Ownership Registry: Lessons Learned and Emerging Best Practices From Other Jurisdictions”, Ms. Johnson provides a succinct list of the eight features a beneficial ownership registry must have. Her focus is on Canada, which has 14 provincial and territorial company registries, so much can be learned from this in applying it to the 50 state registries in the United States. Those eight features are:

  1. All legal entities
  2. Centralized registry
  3. Open to the public
  4. Verified information
  5. Skilled, empowered registrar(s)
  6. Prompt information updates
  7. Adequate data standards
  8. Intelligent design considerations (e.g., drop-downs and legal entity identifiers)

The report is available at http://www.pwyp.ca/images/documents/PWYP-Canada-CRBO-Policy-English-INTERACTIVE.pdf

Beneficial Ownership is less than a month away

I’m predicting some chaos, lots of gnashing of teeth and wringing of hands, Media and Social Media !WTF?! and Congressional !Calls to Action! as we hit the formal implementation date of May 11th. It’s then (by the way, May 11th is a Friday) that unsuspecting small business owners (and the bookkeepers of those owners) will descend upon confused and unprepared bankers across the country and be asked to fill in a form listing as many as four owners as well as (or) the single person who has effective control of the company (won’t THAT conversation be interesting in some mom-and-pop businesses?).

This requirement has been in the works for more than 20 years – in the mid-1990s there was a call for obtaining beneficial ownership information in the private banking space (Congressional hearings and the New York Fed’s 1997  “Guidance on Sound Practices Governing Private Banking Activities”) and for high risk accounts (such as the 1999 National Money Laundering Strategy that called for a study to provide recommendations to Treasury on “how to assure that [high risk] accounts are traceable to their beneficial interest holders”). We saw beneficial ownership get picked up in the Patriot Act in 2001 (notably the second “Special Measure” in section 311 and for private banking due diligence in section 312), and we saw the U.S. get buffeted in its 2006 FATF Mutual Evaluation results for failing to meet the requirements of Recommendations 33 and 34. All of which led to the 2012 ANPRM, the 2014 NPRM, and the 2016 Final Rule which gave us until May 11, 2018 to implement a beneficial ownership regime.  We’re one month away … it is going to get very interesting … and my notes will get a little thicker:

Next Generation of AML?

There is a lot of media attention around the need for a new way to tackle financial crimes risk management. Apparently the current regime is “broken” (I disagree) or in desperate need of repair (what government-run program isn’t in need of repair?).

  1. Customer- and account-based transaction monitoring is a thing of the past: relationship-based interaction monitoring and surveillance is the NextGen.
  2. Single entity SAR filers are a thing of the past: 314(b) associations and joint filings are the NextGen.
  3. A lot of FinTech companies really want AML to be like classical music, where every note is carefully written, the music is perfectly orchestrated, and it sounds the same time and time again regardless of who plays it … but AML is more like jazz: defining, designing, tuning, and running effective anti-money laundering interaction monitoring and customer surveillance systems is like writing jazz music … the composer/arranger (FinTech) provides the artist (analyst) a foundation to freely improvise (investigate) within established and consistent frameworks, and no two investigations are ever the same.
  4. The federal government has the tools in its arsenal: it simply needs to use them in more courageous and imaginative ways. Tools such as section 311 Special Measures and 314 Information Sharing are grossly under-utilized.
  5. CTRs are the biggest resource drain in BSA/AML. Because of regulatory drift, CTRs are de facto SAR-lites … get back to basic CTRs and redeploy the resources used in the ever-expanding aggregation requirements to better SARs.
  6. And remember the “Clash of the Titles” … the protect-the-financial-system (filing great SARs) requirements of Title 31 (Money & Finance … the BSA) are trumped by the safety and soundness (program hygiene) requirements of Title 12 (Banks & Banking), and financial institutions act defensively because of the punitive measures in Title 18 (Crimes & Criminal Procedure) and Title 50 (War … OFAC’s statutes and regulations). There is a need to harmonize the Four Titles and how financial institutions are examined against them. BSA/AML people are judged on whether they avoid bad TARP results (from being Tested, Audited, Regulated, and Prosecuted) rather than being judged on whether they provide actionable, timely intelligence to law enforcement. As the great Hugh MacLeod wrote: “I do the work for free. I get paid to be afraid …”

FinCEN publishes FAQs on the new Customer Due Diligence/Beneficial Ownership Rule

FinCEN published the long-awaited, and much-anticipated, FAQs on the new customer due diligence/beneficial ownership rule, which comes into effect on May 11th.  Brett Wolf, writing for Thomson Reuters, included the following in a story titled “U.S. Treasury releases beneficial­ ownership guidance as rule looms”:

“One  noteworthy  omission  from  the  FAQ  document  was  guidance  on  interaction  with  the  so-­called  legal  entity  customer representative, the person who ‘walks into the branch to open the account,’ and who is to attest to the accuracy of the beneficial ownership information provided to the bank, said Jim Richards, who recently left his position as the Bank Secrecy Act officer at Wells Fargo.  The  idea  was  that  the  attestation,  a  signature,  would  provide  prosecutors  with  ‘someone  to  go  after’ if  false  ownership information were provided to banks, said Richards, who has founded RegTech Consulting LLC. It remains unclear what the consequences would be, and how banks are required to react, if a legal entity customer representative were to refuse to sign the attestation, he said.

“‘I thought the FAQs would say something about that, because if you look at the preamble to the final rule, there is a reference to the Department of Justice seeing that attestation as a significant part of the form,’ Richards said.”

“He added that the FAQs related to Currency Transaction Reports (CTRs) ‘are a trap for those that fail to consider beneficial owners when aggregating cash transactions for CTR purposes.’”


Take a close look at Questions 32 and 33 – if the bank has knowledge, then it must include beneficial owners in the CTR when they are or appear to be the actual beneficiaries of the cash transactions. This standard – if the bank has knowledge – is a trap for banks that are struggling with aggregating all cash transactions across all delivery channels (branches, ATMs, cash vaults) across multiple accounts. Be cautious! And make sure you are on the same page as your auditors and examiners when it comes to whether you have actual knowledge.

Another interesting answer was to Question 30 – the meaning of the word “equipment” for the so-called “leased equipment” exemption. In what could be an omission or miss by FinCEN is the inclusion of aircraft in the type of equipment that is exempt from beneficial ownership information. This seems to be the opposite of what some of those in Congress that are looking for more transparency with aircraft ownership. See, for example, the Aircraft Ownership Transparency Act of 2017, HR 3544 introduced by Rep Stephen Lynch (D. MA). That bill requires full and clear beneficial ownership information for all FAA registered aircraft.

More to come on beneficial ownership … and expect some chaos as the May 11 implementation date draws near, and the public (and media and Congress) become aware of what banks will be asking for.