Additional rules expected to clarify access, use and compliance with CDD rule
The Beneficial Ownership Information (BOI) reporting requirements, finalized by the Financial Crimes Enforcement Network (FinCEN) in September 2022, requires new corporations and limited liability companies to report their BOI directly to FinCEN at the time of formation. This information will be used to create a centralized database that will make it easier for law enforcement to trace.
This first rule enacted under the Corporate Transparency Act of 2020 does not directly affect credit unions because this provision of BOI is made directly from the legal entity to FinCEN. However, the next two rules needed to implement the CTA will affect credit unions, which are required to collect BOI when opening accounts.
“A centralized, verified database is a good thing as long as it does not create new burdens or costs for credit unions,” said Affinity Federal Credit Union BSA/AML manager Omar-John C. Chavez, Esq., NCCO CAMS. “Currently, we incur significant costs at account openings because we are required to collect BOI along with Personal Identifiable Information for owners to comply with the Customer Due Diligence (CDD) rule.” The ability to access the information in a database will streamline the process and improve the experience for members, he added.
“We collect BOI at our cost for law enforcement’s benefit,” said Chavez. “We may ask for proof of ownership, such as operating agreements, but at least 25% of small businesses may not have them,” he said. When documentation is not available, the member provides information and self-certifies that it is correct. “If FinCEN is collecting and verifying the accuracy of information, it will save my staff several steps.”
“NAFCU supports FinCEN’s effort to create the database and allow access for financial institutions as a way to meet CDD requirements with fewer steps,” said NAFCU Senior Regulatory Affairs Counsel Aminah Moore. Specific recommendations from NAFCU on the future proposed rules include:
- Independent verification of BOI provided by FinCEN.
- Clearly defined categories of who can access database.
- The ability for financial institutions to obtain consent from a member to collect the BOI from the database with a checkbox on the account application form versus a separate form.
- FinCEN guidance on steps credit unions should take if the member declines consent.
- A user-friendly and instantaneous search feature on the database.
- Coordination between FinCEN, the NCUA and other financial regulators to ensure that there are consistent examination and supervisory expectations for the use of BOI from FinCEN and that there is a statement that FinCEN’s BOI satisfies CDD requirements.
“We also are asking FinCEN to itemize what BOI can be used for beyond satisfying the CDD rule,” said Moore. “For example, as proposed, the information is not to be used to file Suspicious Activity Reports, but we want uses defined.”
“One issue that is up in the air is if and how existing accounts will be affected,” said Chavez. “We do routinely contact account holders during due diligence reviews, but it is up to the member to advise us of ownership changes.”
Although the rulemaking process is in the early stages, Chavez recommends that credit unions re-evaluate their current account opening process to:
- Ensure compliance with CDD rules.
- Identify ways to automate manual processes so they can be updated easily when new rules are implemented.
“We should also be using our networks to discuss these issues, share insights with peers and address concerns,” said Chavez. “NAFCU is representing us on the Hill, but we can also talk with our legislators and regulators to make sure they understand that we don’t want rules that will add more complexity and costs. The goal should be to improve our members’ experience while meeting the needs of law enforcement.”