United States: FinCEN Issues Final Beneficial Owner Identification Rules

In May 2016, the U.S. Treasury Department's Financial Crimes Enforcement Network ("FinCEN") issued final rules regarding beneficial owner identification obligations for legal entity customers (the "Rule").1 Under the Rule, covered financial institutions must establish procedures to:

  • Identify each natural person that directly or indirectly owns 25% or more of the equity interests of a legal entity customer (the "ownership prong");
  • Identify one natural person with "significant responsibility to control, manage, or direct" a legal entity customer (the "control prong"), which may be a person reported under the ownership prong; and,
  • Verify the identities of those persons according to risk-based procedures, which procedures must include the elements currently required under the Customer Identification Rule at a minimum.

Identification of those beneficial owners must be conducted at the time a new account is opened. Compliance with the Rule's requirements is mandatory by May 11, 2018 (the "Applicability Date").

The Rule does provide for exemptions and exclusions for certain types of legal entity customers. Pooled investment vehicles advised or operated by, among others, registered investment advisers or CFTC registrants are excluded from the Rule's scope,2 and pooled investment vehicles managed or operated by other entities are only required to provide information under the "control prong" (i.e., such entities need only identify an individual with significant responsibility to control, manage, or direct the manager, operator, or general partner of the vehicle).3 The Rule also excludes from its scope certain other entity types noted below.

The Rule represents a departure from current FinCEN rules, under which financial institutions exercise their own judgment in making risk-based assessments whether to identify and verify beneficial owner information for legal entity accounts, except in respect of specific cases.4

On the same day that Treasury announced the issuance of the Rule, it also announced other AML-related actions,5 including (i) its intent to submit legislation to Congress that would require legal entities formed or qualified to do business in the United States to report to Treasury certain beneficial ownership information, and (ii) its issuance of proposed rules6 that would require certain foreign-owned "disregarded entities" to obtain employer identification numbers from, and report certain ownership and transaction information to, the IRS. The U.S. Department of Justice also announced on the same day efforts related to money laundering.7

Those legislative and administrative measures, if ultimately enacted (and the proposals are, at this point, early stage), would represent a substantial increase in compliance obligations.

Steps Along the Way to the Proposed Rule

The Rule's finalization followed a multi-year process.

  • 2010: Interagency guidance regarding customer due diligence, cautioning financial institutions as to the risks that can arise with respect to beneficial owners of accounts and emphasizing the importance of identifying such owners based on each institution's evaluation of risk pertaining to their accounts. The guidance did not, however, categorically require beneficial owner identification.8
  • 2012: FinCEN issues advanced notice of proposed rulemaking (the "ANPR"), which sets forth FinCEN's rationale for a categorical beneficial owner identification requirement, and seeks comment on particular aspects of the proposed rulemaking.9  The ANPR noted in particular that though existing CIP rules implicitly required beneficial owner identification based on risk-based assessments, in FinCEN's view there was a lack of uniformity and consistency across financial institutions in how those obligations were being carried out.
  • 2014: FinCEN issues notice of proposed rulemaking, which the Rule adopted with slight modifications.10

Rule Summary

Under the Rule, covered financial institutions11 will be required to obtain a certification from the individual opening an account on behalf of a "legal entity customer" (a term discussed below) that identifies:

  • Any individual who, directly or indirectly, owns 25% or more of the equity interests of the legal entity customer (the ownership prong); and,
  • One individual with significant responsibility to control, manage or direct the legal entity customer, which may be an executive officer or any other person (the control prong), and may be the same person reported pursuant to the ownership prong.

The financial institution is required to verify the identity of such persons using risk-based procedures that include the same documentary and non-documentary elements required under the CIP Rule at a minimum (although under the Rule non-original documents may be accepted, subject to conditions), but the institution is not required to verify the fact of the beneficial owner's relationship to the legal entity, absent a financial institution's knowledge to the contrary. FinCEN has stated that financial institutions should use the collected beneficial ownership information as they use other information they gather regarding customers (e.g., through compliance with CIP requirements), including for compliance with Office of Foreign Assets Control (OFAC) regulations and currency transaction reporting (CTR) aggregation requirements.

The Rule only applies to accounts opened on or after the Applicability Date, but FinCEN noted that institutions may, as a prudential matter, decide to collect the same information from accounts opened prior to the Applicability Date. The Rule provides important exclusions and exemptions in particular for pooled investment vehicles, as well as other entity types further discussed in the following section.

Types of Legal Entities Subject to Beneficial Owner Identification Requirements

The Rule requires beneficial ownership identification for "accounts" opened by "legal entity customers," with "legal entity customer" defined to include the following types of entities: corporations, limited liability companies or other entities created by the filing of a public document with a Secretary of State or similar office, general partnerships, and any similar entity formed under the laws of a non-US jurisdiction that opens an account. FinCEN noted that this definition includes limited partnerships and business trusts created by filing with a state office.

Certain types of legal entities are, however, excluded from the definition of legal entity customer under the Rule. These include:12

  • Financial institutions regulated by a federal functional regulator (e.g., federally regulated banks, brokers or dealers in securities, mutual funds, futures commission merchants, and introducing brokers in commodities) or by a state bank regulator, bank holding companies and savings and loan holding companies, and insurance companies regulated by a state regulator;
  • A non-US financial institution established in a jurisdiction where the regulator maintains beneficial ownership information regarding such institution;
  • Publicly held companies traded on certain US stock exchanges, and any majority-owned domestic subsidiary of any entity whose securities are listed on a US stock exchange;
  • Registered investment advisers or registered investment companies;
  • An SEC-registered exchange or clearing agency;
  • Any entity registered with the SEC under the Securities Exchange Act of 1934;
  • A financial market utility designated by the US Financial Stability Oversight Council under Title VIII of the Dodd-Frank Wall Street Reform and Consumer Protection Act;
  • A CFTC-registered CPO, CTA, retail foreign exchange dealer or swap dealer;
  • Domestic government agencies and instrumentalities and certain legal entities that exercise governmental authority;
  • Non-US governmental departments, agencies or political subdivisions that engage only in governmental rather than commercial activities; and,
  • Legal entities opening private banking accounts.13

Further, accounts established to participate in an employee benefit plan established under ERISA are excluded from the definition of "account" under the Rule (which incorporates the CIP Rule's definition of the same), and are, accordingly, outside the Rule's scope.

FinCEN has noted that most trusts would not fall under the definition of "legal entity customer," and, accordingly, would not be subject to the beneficial ownership identification requirements of the proposed rule.14

Pooled Investment Vehicles

Responding to industry concerns, the Rule provides that accounts held by pooled investment vehicles are either excluded from the Rule's requirements or are subject only to the control prong. Specifically:

  • Vehicles operated or advised by a RIA or CFTC registrant (or by any other entity excluded from the definition of "legal entity customer") are excluded from the definition of "legal entity customer" and accordingly are outside the Rule's scope; and,
  • All other vehicles (e.g., non-US managed mutual funds, hedge funds, and private equity funds) are exempt from the 25% beneficial ownership identification requirement, and need only identify and verify a control person of the operator, adviser, or general partner of the vehicle.

FinCEN noted that identifying beneficial owners of the pooled vehicle might present unreasonable operational challenges considering that the information might be valid for only a limited period of time.

Intermediated Account Relationships

With respect to intermediated accounts, where the covered financial institution does not have any CIP obligation with respect to the intermediary's clients under current CIP rules and guidance, the financial institution can treat the intermediary itself as the financial institution's legal entity customer under the Rule.15 Accordingly, the covered financial institution need only require the identification of the 25% beneficial owners and a control person of the intermediary itself, rather looking through to any beneficial owner of the account itself.

Non-Profit Organizations

Non-profit organizations are not excluded from the definition of "legal entity customer," but the Rule requires such organizations to be subject only to the control prong of the beneficial ownership requirement.

Beneficial Owner Identification

As noted above, and subject to certain exemptions including those discussed above, for "legal entity customers" the Rule requires the identification of all individuals that meet the standards set forth in the ownership prong or the control prong.

The persons identified must be natural persons. For the ownership test, this means that several layers of legal entities may need to be "looked through" to determine whether an individual is a 25% owner. FinCEN noted that covered financial institutions need not conduct such analysis themselves, but generally may rely on the representations of the legal entity customer.16

The Rule includes a standard certification form template to be used for identification, but in response to comments the Rule also permits financial institutions to obtain the information by other means, provided that such means include the certification of the natural person opening the account that is required by the standard certification.

FinCEN noted that it expects financial institutions to treat collected beneficial ownership information like CIP and related information, and accordingly to run that information through government lists.

Reliance on Other Financial Institutions

When a covered financial institution shares customers with another financial institution, a financial institution may rely upon the other financial institution to collect the information and documents required by the Rule provided that: (i) such reliance is reasonable; (ii) the other financial institution is subject to an AML program rule and is regulated by a federal functional regulator; and (iii) the other financial institution enters into a contract that requires it to provide annual certifications regarding its AML program and CIP requirements to the covered financial institution. This reliance provision is intended to track reliance standards under existing CIP guidance.

Certain Requirements of Customer Due Diligence Programs Made Explicit

FinCEN has noted that key AML Customer Due Diligence elements consist of at least the following four elements:

  1. Identifying and verifying the identity of customers;
  2. Identifying and verifying the identity of beneficial owners of legal entity customers;
  3. Understanding the nature and purpose of customer relationships; and,
  4. Conducting ongoing monitoring to maintain and update customer information and to identify and report suspicious transactions.

The Rule adds element (2) in a categorical fashion, and also makes (3) and (4) explicit requirements. In FinCEN's view, however, elements (3) and (4) do not impose any new obligations on financial institutions, as they werewere implicit requirements even prior to the issuance of the Rule.

Compliance Date

In response to commenters' concerns that the 12-month implementation period envisaged by FinCEN's 2014 rule proposal would not be sufficient to permit compliance, under the Rule covered financial institutions will have until May 11, 2018 to comply with the Rule's requirements.


The Rule represents a deviation from current practice with respect to legal entity account opening requirements, and firms will need to devote significant effort to ensuring that required operational systems and training are in place by the May 11, 2018 compliance date.


1 The Rule is available at https://www.gpo.gov/fdsys/pkg/FR-2016-05-11/pdf/2016-10567.pdf.

2 In its release, FinCEN explained: "In response to several commenters who noted that beneficial ownership information would be available regarding the operator or adviser of such pooled vehicles, FinCEN has determined that the pooled vehicle should also be excluded from this requirement."

3 In its release, FinCEN explained: "In the proposal, FinCEN sought comment on the approach that it should take towards pooled investment vehicles that are operated or advised by financial institutions that are not proposed to be excluded from the definition of legal entity customer... [C]ommenters requested that, if such vehicles are not excluded, then FinCEN should require those financial institutions to collect beneficial ownership information of such entities under the control prong only. FinCEN agrees that, because of the limited utility and difficulty of collecting beneficial ownership information under the ownership prong, in the case of pooled investment vehicles whose operators or advisers are not excluded from this definition, such as non-US managed mutual funds, hedge funds, and private equity funds, financial institutions would be required to collect beneficial ownership information under the control prong only."

4 For example, please see, "Anti-money laundering regulations for broker-dealers: Treasury Department publishes final rules implementing Section 312 of the Patriot Act relating to foreign correspondent accounts and private banking accounts" (February 2006), available at http://www.shearman.com/~/media/files/newsinsights/publications/2006/02/antimoney-laundering-regulations-for-brokerdeale__/files/download-pdf-antimoney-laundering-regulations-fo__/fileattachment/cm_022006.pdf.

5 Secretary Lew's letter to Congress detailing these plans is available at https://www.treasury.gov/press-center/press-releases/Documents/Lew%20to%20Ryan%20on%20CDD.PDF.

6 Specifically, the proposals require the foreign owner to obtain an employee identification number from the IRS for a wholly owned US entity that is treated as a "disregarded entity" for US federal income tax purposes. In addition, information reports must be filed with the IRS with respect to certain reportable transactions between the foreign owner and the US subsidiary. The foreign owner will also have additional record maintenance requirements for its wholly owned US entities. The proposed Treasury regulations contain exceptions from the reporting requirements for an entity that has less than $10,000,000 in US gross receipts for a taxable year and with respect to dollar values of related party transactions that do not exceed certain specified thresholds. These proposals will apply to taxable years ending on or after the date that is 12 months after the date that the Treasury Department adopts final Treasury regulations.

7 See press release available at https://www.justice.gov/opa/pr/justice-department-proposes-legislation-advance-anti-corruption-efforts.

8 See FIN-2010-G001, "Guidance on Obtaining and Retaining Beneficial Ownership Information," March 5, 2010, available at http://www.fincen.gov/statutes_regs/guidance/pdf/fin-2010-g001.pdf.

9  See our March 2012 client publication about the ANPR, available at http://www.shearman.com/en/newsinsights/publications/2012/03/morediligent-customer-due-diligence-fincen-and-__.

10 See our September 2014 client publication about the notice of proposed rulemaking, available at http://www.shearman.com/~/media/Files/NewsInsights/Publications/2014/09/FinCEN-Proposes-New-Rule-Requiring-Identification-of-BeneficialOwners-FIA-091014.pdf.

11 The Rule would apply to all financial institutions currently subject to CIP requirements: banks, broker-dealers, mutual funds, futures commission merchants, and introducing brokers in commodities ("covered financial institutions").

12 The Rule also provides exemptions from the requirements to identify and verify beneficial ownership solely to the extent that a covered financial institution opens only certain accounts for a legal entity customer, including private label retail credit accounts established at point-of-sale, accounts established for purchase and financing of postage, and commercial accounts to finance insurance premiums.

13 Such accounts are subject to FinCEN's private banking account rule.

14 FinCEN noted, however, that this exclusion does not mean that FinCEN necessarily considers trusts as posing a reduced money laundering or terrorist risk, but rather that the exclusion is due to the impracticality of subjecting the variety of trusts to the rule's beneficial owner identification requirements, and FinCEN's level of comfort with financial institutions' existing CIP for trusts.

15 Specifically, FinCEN noted in its release: "To the extent that existing guidance provides that, for purposes of the CIP rules, a financial institution shall treat an intermediary (and not the intermediary's customers) as its customer, the financial institution should treat the intermediary as its customer for purposes of this final rule. FinCEN also confirms that other guidance issued jointly by FinCEN and one or more Federal functional regulators relating to the application of the CIP rule will apply to this final rule, to the extant relevant." See footnote 73 of the release for links to cited guidance of federal functional regulators.

16 Specifically, in its release, FinCEN wrote that: The financial institution may rely on the beneficial ownership information supplied by the customer, provided that it has no knowledge of facts that would reasonably call into question the reliability of the information."

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

In association with
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.


Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.


Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.


A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.


This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.