Skip to content
Risk Fraud & Compliance

Bankers concerned US beneficial ownership database will add to compliance burden

Brett Wolf  Regulatory Intelligence

· 5 minute read

Brett Wolf  Regulatory Intelligence

· 5 minute read

Will the government's planned beneficial owner database create a tangled web of rules and obligations to continually verify data? Banks are worried it might

As compliance professionals await U.S. Treasury Department rules governing the government’s creation of a database for information on the true, or “beneficial” owners of legal entities such as corporations and trusts, some are concerned that they could face an increased burden and even be required to validate the accuracy of data in the registry.

A key concern is that banks may ultimately have responsibility for validating the accuracy of registry data and be required to file suspicious activity reports (SARs) when information is suspect. Another is that a massive volume of registry data could force institutions to hire additional investigators to probe automated alerts from sanctions screening systems.

Late last month, Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a final rule — pursuant to the Corporate Transparency Act (CTA), part of the Anti-Money Laundering Act of 2020 — laying out which legal entities will be required to report their beneficial ownership data, beginning on Jan. 1, 2024. Companies required to report will include, with some exemptions, limited liability partnerships, business trusts, and most limited partnerships, in addition to corporations and limited liability companies.

Congress enacted the CTA to combat the longstanding abuse of shell companies by criminals.

FinCEN also vowed to issue two additional rules — one detailing access to the database and another amending the Treasury bureau’s customer due diligence (CDD) rule that requires financial institutions to collect beneficial ownership data from customers. It will likely be years before the rules come into effect, experts say.

“The elephant in the room… is ‘What are the next milestones that we’re looking for with regard to beneficial ownership changes that may be forthcoming from FinCEN?'” Kieran Beer, director of editorial content with the Association of Certified Anti-Money Laundering Specialists (ACAMS), told an ACAMS conference earlier this month.

Unanswered questions loom

Financial institutions will need time to adjust their compliance programs once FinCEN issues the remaining rules and clarifies how the database will affect existing CDD requirements, Heather Allen, deputy director of financial crime with Truist Financial Corp, told the conference.

“I think all of us are very much invested in the need to have the registry, but there are a lot of questions that remain unanswered,” Allen said. For example, the question of who will “own” responsibility for verifying the beneficial ownership information that legal entities report to FinCEN remains unanswered, she added. “If we have information that comes out of that system that is inconsistent with the bank data that we have, what is our responsibility as bankers?”

The CTA directed that financial institutions have the ability to access database information about customers who grant them permission, which raises questions regarding what the banks will be expected to do with the mountain of new data.

Sanctions against Russia raise stakes

As FinCEN is drafting rules to establish the database, which is expected to house information on tens of millions of companies and other entities, the U.S. and its allies scramble to combat the evasion of sanctions imposed on Russia over its February invasion of Ukraine.

“We’re sitting in the midst of the greatest use-case of greater beneficial ownership in Russia-Ukraine sanctions, so the timing is incredibly good, or it’s incredibly bad, depending on which side of the table you sit on,” James Candelmo, chief Bank Secrecy Act and AML sanctions officer with PNC, said at the ACAMS conference.

The 2020 AML legislation originally “landed in our board rooms” as “potentially some relief” from AML and sanctions compliance burdens, but in the wake of Russia’s invasion and the resulting global push to unveil assets controlled by sanctioned parties, “I don’t believe that will be the case,” Candelmo said.

Database could lead to more SARs duties

Referencing remarks from FinCEN Acting Director Himamauli Das earlier in the ACAMS conference, Sarah Runge, a former Treasury official who now is director of regulatory programs, policy, and governance with Facebook Payments, said she is concerned that financial institutions could end up being responsible for validating information in the beneficial ownership database.

When asked whether financial institutions will be expected to compare information in the database with the data they collect from customers under FinCEN’s customer due diligence rule, Das “pivoted to talk about how financial institutions will continue to have [SARs] filing requirements,” Runge said. “From my perspective, that’s when every part of every hair on my body sort of went up, because he didn’t answer (the) question, but he pivoted to expectations to identify suspicious activity. And I read it to mean that if there is a discrepancy, that that might rise to be suspicious where we would be expected to file a SAR and effectively be verifying and validating the database, which from my perspective is the worst-case scenario.”

Requiring financial institutions to report discrepancies would be consistent with requirements imposed by European countries with registries, explained Markus Schulz, global head of change management for financial crimes compliance at ING. “If we pull information from the registry, then we find in our own due diligence or in the course of dealing with a customer that there is a different director or change in ownership… financial institutions are obliged to report back to the central registry that there is a discrepancy,” Schulz said. “The central registry will then confront the company and hold the company accountable to make it correct, so… we’re not completely responsible for the integrity [of the registry], but if we have that intelligence it’s our obligation to inform the authorities.”

More insights