On 12/21/23, FinCEN issued a final rule implementing the access and safeguard provisions of the Corporate Transparency Act (CTA) (the “Access Rule”). The Access Rule aims to ensure that: (1) only BOI authorized recipients have access to BOI; (2) BOI authorized recipients use that access only for purposes permitted by the CTA; and (3) BOI authorized recipients only re-disclose BOI in ways that balance protecting its security and confidentiality with the CTA objective of making BOI available to a range of users for authorized purposes. The regulations also provide a robust framework to ensure that BOI reported to FinCEN, and received by BOI authorized recipients, is subject to strict cybersecurity controls, confidentiality protections and restrictions, and robust audit and oversight measures.
FinCEN may disclose BOI to these Authorized Recipients under the Access Rule as authorized by the CTA:
- Federal agencies engaged in national security, intelligence, or law enforcement activity if the requested BOI is for use in furtherance of such activity. “Law enforcement activity” includes both criminal and civil investigations and actions, such as actions to impose civil penalties, civil forfeiture actions, and civil enforcement through administrative proceedings. Prior to requesting BOI, Federal agency users will be required to certify that the agency is engaged in a national security, intelligence, or law enforcement activity and that the information requested is for use in furtherance of that activity. They will also be required to provide the specific reasons why the requested information is relevant to the activity.
- State, local, and Tribal law enforcement agencies if “a court of competent jurisdiction” has authorized the law enforcement agency to seek the information in a criminal or civil investigation. Prior to requesting BOI, State, local, and Tribal law enforcement agency users must certify that a court of competent jurisdiction has authorized the agency to seek the information in a criminal or civil investigation and that the requested information is relevant to the criminal or civil investigation. Such users must also provide a description of the information the court has authorized the agency to seek.
- Foreign requesters provided their requests meet certain criteria. Specifically, the foreign request for BOI must be on behalf of a law enforcement agency, prosecutor, or judge of another country, or on behalf of a foreign central authority or foreign competent authority, and: (1) come to FinCEN through an intermediary Federal agency; (2) be for assistance in a law enforcement investigation or prosecution, or for a national security or intelligence activity, authorized under the laws of the foreign country; and (3) either be made under an international treaty, agreement, or convention, or, when no such instrument is available, be an official request by a law enforcement, judicial, or prosecutorial authority of a trusted foreign country.
- Financial institutions using BOI to facilitate compliance with customer due diligence requirements under applicable law, provided the financial institution requesting the BOI has the relevant reporting company’s consent for such disclosure. The final Access Rule broadens the definition of “customer due diligence requirements under applicable law” to include “any legal requirement or prohibition designed to counter money laundering or the financing of terrorism, or to safeguard the national security of the United States, to comply with which it is reasonably necessary for a financial institution to obtain or verify beneficial ownership information of a legal entity customer.” Such requirements may include AML (anti-money laundering)/CFT (countering the financing of terrorism) obligations under the Bank Secrecy Act (BSA) — including AML program, customer identification, Suspicious Activity Report filing, and enhanced due diligence requirements — as well as, for example, compliance with sanctions imposed by Treasury’s Office of Foreign Assets Control, provided it is reasonably necessary to obtain or verify BOI of legal entity customers to satisfy those requirements. General business or commercial use of BOI is not authorized.
- Federal functional regulators and other appropriate regulatory agencies acting in a supervisory capacity assessing financial institutions for compliance with customer due diligence requirements. In keeping with the CTA, such regulators may only access BOI that financial institutions they supervise received from FinCEN, and may only use the information to assess, supervise, enforce, or otherwise determine the compliance of those financial institutions with customer due diligence requirements as defined above.
- Treasury personnel. The CTA provides Treasury with a unique degree of access to BOI, making the information available to any Treasury officer or employee (1) whose official duties require BOI inspection or disclosure, or (2) for tax administration. As authorized by the CTA, Treasury will establish internal policies and procedures governing Treasury officer and employee access to BOI. FinCEN anticipates that the security and confidentiality protocols in those policies and procedures will include elements of security and confidentiality requirements applicable to other domestic agencies. Treasury expects to use BOI for appropriate purposes, such as tax administration, enforcement actions, intelligence and analytical purposes, use in sanctions investigations and designations, and identification of property blocked pursuant to sanctions, as well as for administration of the BOI framework, such as for audits, enforcement, and oversight.
BOI reporting provisions of the CTA are designed to protect the US financial system from illicit use and impede malign actors from abusing legal entities, including shell companies, to conceal proceeds of corrupt/criminal acts. Moreover, the CTA brings the U.S. into coordination with international AML/CFT standards, sets a clear federal standard for incorporation practices, protects vital U.S. national security interests, protects interstate and foreign commerce, and enables critical national security, intelligence, and law enforcement efforts to counter money laundering, the financing of terrorism, and other illicit activities.
Who is your Corporate Governance Advisor? ©