Corporate Transparency Act’s Reporting Rules Will Challenge Banks

On Jan. 1, 2024, the first of three final rules implementing the Corporate Transparency Act’s (CTA) beneficial ownership information (BOI) requirements will go into effect.

The first rule will affect what the Act calls “reporting companies.” However, we know less about how the second final rule issued on Dec. 21, 2023, known as the access rule, will affect banks. Community banks can expect challenges — and chaos — as the CTA adds a layer of beneficial ownership information reporting requirements to the Financial Crimes Enforcement Network (FinCEN), rather than eliminating the current requirement that legal entities report BOI to banks. Thus, most business customers will have to report this information to both their banks and FinCEN.

In 2024, reporting companies must report identifying information about the company itself, the beneficial owners and the company applicant. Beneficial owners are defined as those individuals with a 25% ownership interest in the company, directly or indirectly, or those individuals with “substantial control,” which means senior officers, those who direct the company, or those who have appointment or removal authority. FinCEN expects at least one person with substantial control to be reported and indicates no limit on the number of people with substantial control. The company applicant is one or two individuals responsible for creating or registering a reporting company created on or after Jan. 1, 2024.

Any reporting company created before Jan. 1, 2024, will have to file BOI with FinCEN no later than Jan. 1, 2025. Reporting companies created in 2024 will have 90 days to file BOI with FinCEN. The intentional misreporting of BOI and the failure to report BOI to FinCEN are subject to civil and criminal penalties under 31 USC § 5336.

Under the current BOI rule, a legal entity customer must report BOI to banks and identify each individual who directly or indirectly owns 25% or more and identify a single individual with significant responsibility to control, manage or direct the affairs of the entity, called the control prong. This single individual can be an executive officer, senior manager or any other individual who regularly performs similar functions. Under the current rule, at least one beneficial owner must be reported.

What Are the Coming Challenges?
There will be many challenges, and community banks need to be prepared. Community banks will still be expected to collect and update BOI from their business customers. Community banks will have to decide whether they intend to query the FinCEN database. While banks are not required to query the FinCEN database, ignoring a potential source of customer due diligence (CDD) information in developing a customer risk profile or investigating money laundering or terrorist financing could lead to negative consequences in enforcement matters or collateral litigation.

Community banks will need a course of action when a business customer does not give permission, as required under the CTA, to query FinCEN. For instance, should the bank conduct additional customer due diligence, file a suspicious activity report (SAR) or refuse to bank the customer?

Community banks will also be left in a conundrum when the BOI from the customer is inconsistent with information from FinCEN. There will be inconsistencies because the new rule’s beneficial ownership and company applicant definitions do not align with the existing rule’s beneficial ownership definition and the control prong creates an issue at the initial FinCEN query. Subsequently, there’s the issue of what banks do when the business customer doesn’t file or update their BOI with FinCEN.

Banks will need to be aware that the rule for sharing BOI is different than sharing SAR information under FinCEN 314(b). Community banks can share BOI within the institution and with federal functional regulators but not with other institutions. FinCEN will also require banks to implement a high level of data protection for its BOI.

Finally, at present, the BOI reporting rule’s exemptions are different than the current beneficial ownership rule exemptions. A tax-exempt entity will now have to report certain information to a bank but not any information to FinCEN.

There are still many questions regarding BOI reporting requirements and their ultimate impact. We’ll have to wait on some answers, but the subject should be a priority for action and, if necessary, require engaging outside expertise because the repercussions could be considerable.