Skip to content
Compliance & Risk

Amid growing uncertainty, CTA under review for fraud and constitutionality

Rabihah Butler  Manager for Enterprise content for Risk, Fraud & Government / Thomson Reuters Institute

· 5 minute read

Rabihah Butler  Manager for Enterprise content for Risk, Fraud & Government / Thomson Reuters Institute

· 5 minute read

The BOI Database has been active since January, but while there has been a move toward compliance, there are concerns about fraud and constitutionality — and as the filing deadline draws near, litigation, and regulation continue to swirl

The basic reason behind the Corporate Transparency Act (CTA), enacted in 2021, was to identify shell companies and other nefarious actors in order to better curtail financial crimes. Overall, the idea was to close loopholes in the United States’ anti-money laundering (AML) framework.

Unfortunately, in this case, the efforts to thwart one type of financial crime seems to have opened the door for other types of crime that target a different class of victim.

The CTA requires the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) to collect beneficial ownership information, essentially identifying the true owners of an organization. Failure to comply with the filing standards can result in possible fines and imprisonment. A major question, however, is whether small businesses were trained or advised on the need for compliance or the proper methods to get in and stay in compliance. Another question arose about whether this process is safe from hacking or data theft.

Unlike their larger counterparts, small businesses often do not have separate compliance departments to keep them updated on filing requirements with the government. Most businesses rely on word of mouth, mentorship programs, or small business associations — such as the National Federation of Independent Businesses (NFIB) and National Small Business United (NSBU) — to keep up with the requirements.

In cases in which there are newer rules or requirements, FinCEN has to ensure that it is getting the word out that additional filings are necessary, which can often be done through online notices. However, using online communications as the primary notice method leaves an opening for nefarious actors to collect information that can be used in future scams.

Before the Beneficial Ownership Information (BOI) Database went live, there were scams and rumors of scams surrounding the CTA and the database. These scams were so prevalent that FinCEN had to make an official alert to the scam before it was even able to open the database.


A lack of clear guidance and training coupled with a rush to open the database was only compounded by an untested system. Quite simply, before January 1, it was unclear what the form was or even what it would look like. Individuals in the compliance and financial crimes community could only speculate what would happen next, with many surprised that any action was taken on the self-imposed deadline.

While pushing forward, FinCEN did make an effort to publish basic information on obligations to submit beneficial ownership. Their notices went out on their website, YouTube, LinkedIn, and several other business-focused social media channels. However, the success of these notices was questionable at best. Using the NFIB as a sample population, they found an overwhelming portion of it membership (90%) had never heard of the reporting requirements.

An opening for scammers

Indeed, the lack of widespread training combined with the lack of transparency in the opening of the BOI database is contributing to confusion, especially among smaller businesses. And as mentioned, it also creates opportunities for scammers to collect valuable information, especially from NFIB members, which may be more susceptible to sophisticated scams. Among the most pervasive scams are:

      • Filing company scams — False companies can position themselves as intermediaries to file the form at a cost to the business owner. These fake intermediary companies not only get the initial fee but can sell personally identifying information on the black market. Often, they also fail to follow up on any obligations after the initial filing.
      • False websites — Illicit actor set up websites that impersonate FinCEN, often copying even the stamps and logo. This gives the scammers access to businesses’ information. These sites also gain access to businesses’ information and never fulfill the obligation of the business to file.
      • Threatening letters & emails — Letters or emails are sent out claiming to be from FinCEN or a fake government agency associated with FinCEN. These communications are often very threatening, and some of the more sophisticated letters use QR Codes that are a misdirection and can result in information being shared.
      • Phone scams — Phone calls offering business help to file over the phone. The calls range from friendly reminders to threats of enforcement and, if successful, usually end with individuals’ information on the black market.

Small businesses now must be more discerning about the notices they receive as little can be done to intercept the scams. The more frustrating part is that had action been taken before the implementation of the BOI Database, some of this confusion could have been avoided. At this point, the cost of these scams are incalculable, but clearly the burden for avoiding them and complying with legitimate filing rules will fall on the business owners themselves.

Litigation further muddies the waters

In response to the BOI Database going live, the NFIB filed a lawsuit in Texas, questioning the constitutionality of the CTA. The filing follows similar logic to that of the NSBU’s previous suit, which received a judgment from a federal court in Alabama in March declaring the BOI Database unconstitutional. That judgment currently is under appeal.

NFIB has also gone a step further to support Sen. Tommy Tuberville (R-Ala.) and Rep. Warren Davidson (R-Ohio) in moving to repeal the CTA. More moderate action is being undertaken by Rep. Zach Nunn (R-Iowa), who introduced the bipartisan Small Business Red Tape Relief Act to hold FinCEN accountable for educating businesses on these requirements.

While it is unclear what will come of the BOI Database, it is very unlikely that it will go away completely. The most prudent option for business owners of all sizes is to comply as best they can with the current rules until the final ruling — and ultimate fate of this endeavor — is determined.

You can find more on Corporate Risk Management strategies here.

More insights