Why this matters. Although banks are exempt from the new reporting obligation under the Corporate Transparency Act (CTA) (more on that later), the vast majority of bank customers will be swept into CTA compliance. We anticipate that the customer due diligence (know your customer) rules adopted by the bank regulators will be impacted by the CTA. While banking regulators have not yet addressed CTA bank compliance, it seems a safe bet that banks will need to query all customers regarding their status under CTA and seek customer consent to access their customers’ CTA filings before the end of this year.
What is this law about? If you have not heard of the CTA, you are not alone. Many business owners and their professional advisors are taken aback upon first learning of the CTA and its scope. At its core, the CTA requires the reporting of personal direct and indirect beneficial ownership and control information pertaining to businesses operating in the U.S. The personal identifying information (PII) includes name, date of birth, physical home address and photograph. The Financial Crimes Enforcement Network of the U.S. Department of Treasury (FinCEN) is currently building out a secure system to receive, store and manage this vast influx of information. FinCEN estimates that over 32 million existing businesses will be required to report in year one. This law aims to prevent money laundering, illicit financial activities, corrupt practices and terrorist financing, at the expense of your customers being swept up in its path.
Who must report? Beginning January 1, 2024, PII must be reported for persons owning, directly or indirectly, 25% or more of the business or who have “substantial control” over the business. Every business will have at least one person to report, regardless of its ownership or control structure. Once the initial report is filed, this information must be updated within 30 days of any subsequent event that makes the previously reported information inaccurate. Attribution of ownership and what constitutes substantial control will vary from business to business and will require analysis and professional advice.
Exempt entities. Some business entity categories are exempt from CTA compliance. These generally include regulated business entities, such as banks, publicly traded companies, insurance businesses, 501(c) registered nonprofit entities and quasi-governmental organizations. In addition to the other exempt categories, a catch-all exemption is available for any business entity that meets all three of the following thresholds: (1) has a physical street address in the U.S., (2) has 21 or more full-time employees and (3) generates more than $5 million in annual gross receipts as reported on last year’s federal tax return. Missing any of these thresholds will render a business ineligible for this exemption.
What will compliance look like? Businesses will need to compile, maintain and update their reported PII to meet CTA compliance requirements. Any change to or correction of previously reported information must be done within 30 days of the event, not when the business becomes aware of the event. All newly formed business entities beginning January 1, 2024, will be required to file their initial CTA report within 30 calendar days of formation. Businesses in existence before January 1, 2024, will have one year to make their original CTA report filing, along with any subsequent amendment filings that would have been required had the report been filed on January 1, 2024.
What if an entity fails to comply? There are steep fines ($500 per day, up to $10,000) per incident and possible jail time (up to two years) for those failing to timely and properly comply with the CTA. Those who fail to file their initial report will also be subject to fines for failing to file what should have been subsequent filings—and those fines can rack up. The IRS recently announced increased enforcement, utilizing new data analytics technology to identify audit targets. FinCEN’s database will be a key component of such data analytics technology.
Who can access FinCEN’s Beneficial Ownership Secure System (BOSS)? Information in the BOSS will be accessible to law enforcement at the federal, state and local levels and includes the law enforcement arms of various federal agencies. Although financial institutions may also have access to assist in completing their customer due diligence, that access is predicated upon obtaining their customer’s consent. If your customer has not complied with the CTA (or even heard of the CTA), it may be difficult to explain why you are requesting this consent. Note that information in BOSS is not available to the general public, and it is not accessible through Freedom of Information Act (FOIA) requests.
The compliance requirements under the CTA go live on January 1, 2024. Your customers have only the remaining months of this year to take any action to influence future compliance. Now is the time to start educating your customers about the need to comply with the CTA.
William (Bill) E. H. Quick is the Corporate Transparency Act chair at Polsinelli, where he focuses his practice on managing the corporate portfolios of business enterprises, handling an array of corporate, finance, transactional and related legal needs for his clients. He also serves as an adjunct professor of law and the negotiation competitions coach at the Polsinelli Transaction Law Center at the University of Kansas School of Law.
Larry K. Harris is a senior partner at Polsinelli and advises financial institutions on mergers and acquisitions, formations, regulatory issues, capital raising and other corporate matters. He has deep experience advising clients on federal and state securities law matters, is a former SEC staff attorney and was the principal drafter of the Insider Trading Sanctions Act of 1984.
