With the addition of the new beneficial ownership rule comes additional compliance requirements for financial institutions to comply with the new fifth pillar of BSA, identifying beneficial owners. BSA Officers are counting down the months until May 2018, when financial institutions are required to identify beneficial owners for "legal entity customers." The implementation of compliance with the new rule is more than just addressing it in your BSA Policy. You should start considering how you will identify beneficial owners, and how the addition of the fifth pillar will be incorporated into your BSA Program. So let's look into the requirements of this new rule.
The new rule requires financial institutions to identify beneficial owners of legal entity customers, but who is a "beneficial owner" and what makes a customer a "legal entity?"
A beneficial owner is an individual who directly or indirectly owns 25 percent of the equity interest of a legal entity customer, which is considered the ownership prong, and a single individual who has significant responsibility to control, manage or direct a legal entity customer, which is the control prong. This includes an executive officer, senior manager or any individual who regularly performs similar duties. A legal entity is a corporation, LLC, or entity created by filing as such with a Secretary of State or similar type office. It also includes partnerships, and business trust. It does not include sole proprietorships, accounts opened on behalf of a natural person or unincorporated associations. You will also want to take into consideration any other exemptions of a legal entity customer as stated in the final rule.
The requirement is that beneficial owners of a legal entity customer be identified and then verification completed that you can form a reasonable belief you know your customer. The rule requires a certification to be completed on each beneficial owner to certify that the identifying information they are providing is accurate. Sounds pretty easy, right? Well, not all legal entity customers have clear ownership structure. There may be legal entities that are owned by another legal entity, or maybe they are owned by multiple investors. So what is the procedure to take when you can't determine who meets the definition of the beneficial owner?
First of all, like many components of the BSA/AML rules, this is "risk-based" so the identification of who you want to identify as a beneficial owner can be stated in your institution's policies or procedures. However, the minimum requirements of the rule are that you follow the identification based on the ownership prong and/or the control prong. So what are the "prong" requirements?
You first start with the identifying individuals under the "ownership prong." If an individual can be identified that owns 25 percent or greater interest in the legal entity, then you have satisfied the "ownership prong" requirement. If you can't satisfy the "ownership prong," then you move on to the "control prong." You must at least have one individual identified, so if you can't identify an owner, then you determine who has control of the legal entity. This may be an executive officer, director or manager. Identifying an individual under this requirement satisfies the "control prong."
As I mentioned, many components of the new rule states, "risk based;" therefore, you may identify indirect owners of the legal entity if your risk based procedures require that. Keep in mind, in the final rule it also states that you can have a threshold of less than 25 percent ownership, if that is what you stated in your "risk based" procedures. However, FinCEN only requires identifying owners of greater than 25 percent ownership of the legal entity. It really comes down to your procedures and what you allow based on your risk.
For example, if your legal entity customer is 100 percent owned by another legal entity and that legal entity has two owners, it may be in the institution's best interest to identify and verify those owners. Keep in mind, what the final rule is trying to avoid is the overbearing compliance requirement of having several beneficial owners that the financial institution has to identify and verify.
Once you have identified the beneficial owners, then comes the certification form, which is used to collect beneficial owner's information. Financial institutions can use the form in Appendix A of the rule or create their own form as long as the individual certifies, to the best of their knowledge, the accuracy of the information. Records of the certification may be retained electronically and incorporated into your new account procedures. You are not required to use the provided Certification Form and you are not required to have it be a separate document within your new account process, just as long as you obtain the required information and the beneficial owner "certifies" the information collected is accurate.
Keep in mind that the identification and verification of beneficial owners is very similar to CIP, however there are also differences. The big differences between CIP and beneficial ownership are:
- Verification can be completed after the account is opened or within a reasonable timeframe
- The institution can rely on photo copies of a beneficial owners ID and they don't have to be present to be a beneficial owner on the account.
- The beneficial ownership identification applies to all new accounts, and not only to all new customers.
The similarities between CIP and the beneficial ownership rule includes:
- You still need to form a reasonable belief that you know your customer
- Verification still needs to be completed
- You must be able to address situations in which you can't form a reasonable belief such as a fraudulent ID and when a SAR will be filed
How do you stay on track to be in compliance for the new rule by May 2018? Our recommendation is to first be sure you have a policy in place. Consider addressing the new requirements in your BSA/AML Policy. In addition, you will want to consider your procedures. What will your requirements be for identifying beneficial owners? Are you taking a risk-based approach? Keep in mind, the minimum requirement for satisfying the ownership prong and control prong. Consider how the certification will be incorporated into your account opening and loan origination process. As the BSA Officer, you will want to work closely with the Retail, Loan and Operations departments to make sure the certification is part of the new account process as well as the loan origination process and that the employee responsible understands how a beneficial owner should be identified and verified. With the addition to the BSA requirements it leads us to wonder, who's benefitting from the new beneficial ownership rule?