Financial institutions and other entities' ability to access the information contained on the beneficial ownership registry was greatly expanded in the government's final rule
The U.S. Treasury Department has issued a final rule that outlines which parties will have access to the US beneficial ownership registry. For example, money services businesses (MSBs), casinos, and other non-bank financial institutions that have anti-money laundering obligations will be eligible to access the registry, alongside banks. Some observers were surprised by the broad scope of access.
The final rule also omits a proposed requirement that financial institutions reserve access exclusively for personnel located within the United States. The proposed access rule, issued in December 2022, envisioned granting access only to entities such as banks, broker-dealers, futures commission merchants, and others that are required to comply with the customer due diligence (CDD) rule issued by the Financial Crimes Enforcement Network (FinCEN), which was established in 2018.
As previously reported, however, FinCEN’s just-issued final rule broadened the ways financial institutions can use the beneficial ownership information (BOI) stored in the US registry. Financial institutions will be able to use BOI for a range of anti-money laundering and sanctions compliance purposes.
“This change will allow financial institutions to use beneficial ownership information obtained from FinCEN for purposes that go beyond compliance with FinCEN’s CDD Rule, including maintaining their anti-money laundering (AML) programs, sanctions screening, and meeting suspicious activity report filing and enhanced due diligence (EDD) requirements,” said Andrea Gacki, FinCEN director, during an online media event.
Since the final rule permits registry access for broader AML applications, it also gives access to other firms required to comply with the Bank Secrecy Act (BSA), the primary US AML law. The final rule authorizes FinCEN “to disclose BOI to a broader range of financial institutions consistent with the revised approach taken with respect to the meaning of ‘customer due diligence requirements under applicable law,'” according to the rule. “Accordingly, MSBs and other financial institutions with AML program requirements, such as casinos… would be eligible under the final rule to access the database, subject to appropriate security and confidentiality protocols.”
The document adds, however, that FinCEN has “discretion regarding the scope and timing of access by financial institutions.” And as previously reported, FinCEN will allow access to the database “in phases,” beginning with a pilot program granting access to a handful of key federal agency users starting in 2024, and there is no timeline at present for financial institution access.
Public comments prompted changes
FinCEN’s decision to allow financial institutions to use BOI registry data for purposes other than CDD was a response to concerns expressed in 80 comment letters from members of Congress, financial industry participants, trade associations, corporate transparency advocacy groups, and others, FinCEN’s Gacki said.
The comment letters also prompted FinCEN to remove a prohibition against offshore access to BOI. “The final rule removes a general requirement that financial institutions limit access to BOI to personnel within the United States,” Gacki explained. In fact, the final rule also requires that financial institutions notify FinCEN within three business days of receiving a demand from a foreign government — such as a subpoena — for BOI obtained from FinCEN.
“This notification requirement will alert FinCEN when foreign governments intend to obtain BOI reported to FinCEN outside of the procedures established in the Corporate Transparency Act, its implementing regulations and protocols,” Gacki said.
Financial institutions must still obtain consent from customers before accessing their BOI in the FinCEN database, she noted, adding that the final rule does not affect existing requirements for financial institutions to collect beneficial ownership from customers pursuant to FinCEN’s CDD Rule.
The latter point was also made in a contemporaneous interagency statement issued by FinCEN and bank regulators. Financial institutions will have “direct access” to search the BOI database, but in a “more limited fashion” than the access granted to US government authorities, Gacki said.
During a media call before the final rule’s release, a senior Treasury official was asked whether financial institutions would be able to conduct batch searches of the BOI database to make queries scalable, a concern that AML professionals have expressed.
The Treasury official said that FinCEN “will provide more information in the future” and added, “It is something that we are tracking.”
“Main takeaway” is that FinCEN responded to industry
FinCEN’s responsiveness to industry concerns about the proposed access rule was noteworthy, said Dan Stipano, who spent more than 30 years at the Office of the Comptroller of the Currency in senior legal and enforcement roles.
“My main takeaway is that FinCEN paid close attention to the comments it received on the proposed rule and made changes in line with those comments that significantly improve the final rule,” said Stipano, now a partner with Davis Polk in Washington, D.C. “All of these changes are important to financial institutions and will greatly enhance their ability to use the data for BSA compliance purposes.”