Publication
Road to COP29: Our insights
The 28th Conference of the Parties on Climate Change (COP28) took place on November 30 - December 12 in Dubai.
Authors:
United States | Publication | 1月 2024
On December 21, 2023, the Financial Crimes Enforcement Network (FinCEN) issued a final rule (the Access Rule) regarding access to and protection of beneficial ownership information (BOI) reported to FinCEN in accordance with the Corporate Transparency Act (CTA). FinCEN issued a final BOI reporting rule on September 30, 2022 that went into effect on January 1, 2024. The BOI reporting rule requires certain US established or registered entities that do business in the US to report BOI information to FinCEN. The Access Rule prescribes who has access to BOI as well as how such BOI must be safeguarded.
The Access Rule aims to ensure that only authorized recipients (i) have access to BOI, (ii) use BOI for purposes permitted by the CTA and (iii) re-disclose BOI on a limited basis using secure means. FinCEN is developing a secure, nonpublic database (the Database) to securely store and share BOI in accordance with the Access Rule. This Database is an important tool to help secure and safely transmit BOI to the authorized users outlined below.
The Access Rule affirms that BOI is confidential, but FinCEN may disclose such BOI under specific circumstances to the following categories of recipients:
Domestic agencies, financial institutions and foreign requesters that receive BOI all must establish protections and standards to safely do so. These three categories of entities have varying levels of requirements to ensure that they have implemented appropriate safeguards to protect BOI. Financial institutions can fulfill the safeguards requirement by using the same security and information handling procedures they use to protect customers’ nonpublic personal information in compliance with section 501 of the Gramm-Leach-Bliley Act.
Authorized BOI recipients cannot re-disclose BOI, except in specific circumstances:
Unless disclosure is expressly authorized in one of the situations described above, it is unlawful to knowingly disclose or utilize BOI obtained from a report submitted to FinCEN. Violators may be subject to:
There are also enhanced criminal penalties of a fine of up to US$500,000 and/or imprisonment for no more than ten years if a person commits a violation while violating another US law, or as part of an illegal activity pattern involving more than US$100,000 in a 12-month period.
Violation of requirements of the Access Rule could also result in suspension or removal from access to the Database.
The Access Rule is effective as of February 20, 2024. FinCEN will take a phased approach starting with a pilot program for a few key Federal agency users starting in 2024. Financial institutions and government agencies that meet the requirements set forth in the Access Rule will begin to gain access to BOI from FinCEN in 2024.
FinCEN also simultaneously released two interagency statements for banks and non-bank financial institutions (NBFIs) to provide guidance on the interplay between the Access Rule and FinCEN’s existing CDD Rule.
The Office of the Comptroller of the Currency (OCC), Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation (FDIC), FinCEN, the National Credit Union Administration and state bank and credit union regulators issued an Interagency Statement for Banks regarding the Access Rule. It clarifies that the Access Rule does not create a new regulatory requirement for federally supervised banks to access BOI from the Database as part of their CDD procedures. While banks are free to be approved to obtain BOI information from the Database, the Interagency Statement makes clear that there is no obligation to do so and, in addition, obtaining BOI information from the Database will not serve as a substitute for, nor an exemption from, fulfilling the requirements specified by the CDD Rule. Additionally, the Interagency Statement clarified that the Access Rule does not impact or conflict with the Bank Secrecy Act (BSA)/anti-money laundering (AML) compliance programs.
FinCEN and the US Department of the Treasury issued a similar Statement for NBFIs providing that the Access Rule does not create a new regulatory requirement for NBFIs to access BOI from the Database or an expectation that they do so, nor is it meant to conflict with or require changes to BSA/AML compliance programs.
Both interagency statements note that FinCEN will be updating CDD Rule currently applicable to banks and NBFIs to align the CDD Rule with the CTA, including the Access Rule.
The Database will offer a safe method of transmitting BOI to those who need to access it. It can help ensure that sensitive information stays confidential, is transmitted by secure methods and is not inadvertently shared with unauthorized users.
However, the Database will not necessarily provide significant benefit to banks and NBFIs for BOI due diligence obligations. Obtaining approval to access the BOI database may be procedurally difficult. Accordingly, if an institution accesses BOI, it should be well-informed and prepared to ensure that the information is handled appropriately so as not to violate limitations placed on re-disclosure. Covered institutions must also adhere to data protection standards set by FinCEN.
As made clear in the interagency statements released by FinCEN, banks and certain other financial institutions are still required to conduct their own due diligence reviews as required by the CDD Rule and cannot solely rely on information obtained from the Database.
Publication
The 28th Conference of the Parties on Climate Change (COP28) took place on November 30 - December 12 in Dubai.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2023