Corporate Transparency Act: How Will It Affect Financial Institutions?

December 16, 2020

The Corporate Transparency Act, found within the National Defense Authorization Act, directs the Financial Crimes Enforcement Network to establish and maintain a national registry of beneficial ownership information. The legislation is designed to crack down on the use of shell companies to facilitate the laundering of criminal proceeds, but it remains to be seen how implementation of the new law enforcement tool will affect financial institutions’ customer due diligence requirements.

The National Defense Authorization Act and the Anti-Money Laundering Act of 2020

The US Senate passed the National Defense Authorization Act (NDAA) for fiscal year 2021 on December 11; it was previously passed by the US House of Representatives. The NDAA now goes to President Donald Trump for his signature. Although President Trump has threatened to veto the NDAA, the House and Senate vote margins were large enough to overcome a veto.

The NDAA includes far-reaching legislation updating and amending the country’s anti-money laundering (AML) regime. In particular, the NDAA includes the Anti-Money Laundering Act of 2020 (AMLA), NDAA §§ 6001-6511, which among numerous other things, creates an AML-specific whistleblower program (Section 6314); provides for the establishment of examination and supervisory priorities (Section 6101); enhances the “FinCEN Exchange” to facilitate public/private information sharing on Bank Secrecy Act (BSA) issues (Section 6103); establishes various programs to increase knowledge and coordination among federal regulators on AML (Sections 6104-08); extends AML obligations to dealers in antiquities and directs the Treasury Department and others to study the facilitation of money laundering through works of art (Section 6110); and directs federal regulators to establish a streamlined, automated Suspicious Activity Report (SAR) filing process for noncomplex reports and to improve the feedback loop between financial institutions and regulators, including with respect to SAR trends (Sections 6202-06).

The NDAA may signify the most comprehensive set of BSA/AML reforms since the USA PATRIOT Act of 2001.

The Corporate Transparency Act

Within the AMLA, Congress also passed the Corporate Transparency Act (CTA), which directs the Financial Crimes Enforcement Network (FinCEN) to establish and maintain a national registry of beneficial ownership information that banks may rely on when complying with customer due diligence requirements.[1] The CTA, initially proposed in May 2019, is designed to crack down on the use of shell companies to facilitate the laundering of criminal proceeds.

In enacting the CTA, Congress noted that most if not all states “do not require information about the beneficial owners” of the companies formed under state law, i.e., the individuals who actually own and control those state registered entities.[2] As a result, “malign actors” are able “to conceal their ownership of corporations, limited liability companies, or other similar entities in the United States to facilitate illicit activity.”[3] Furthermore, “money launderers and others involved in commercial activity intentionally conduct transactions through corporate structures in order to evade detection.”[4] These concerns echo those of the US Treasury Department, which, in its 2020 AML/BSA strategy report, identified the lack of required reporting of beneficial ownership information as a key vulnerability exploited by illicit actors.[5]

In an effort to close the loopholes that facilitate the virtually anonymous movement of money through the banking system, the CTA creates a reporting regime of beneficial ownership information accessible to law enforcement, and, in certain circumstances, financial institutions. Specifically, the CTA requires corporations and limited liability corporations—subject to certain exceptions—to disclose their actual “beneficial owners” to FinCEN.[6] The CTA defines a beneficial owner of an entity as an individual who, directly or indirectly, “exercises substantial control over the entity” or “owns or controls not less than 25 percent of the ownership interests of the entity.”[7] Those covered entities would be required to disclose the beneficial ownership information at the time of company formation and upon a change in ownership.[8]

The information reported to FinCEN will be retained and kept confidential in a database maintained by FinCEN.[9] FinCEN is only permitted to disclose information in certain circumstances, including pursuant to a request “from a Federal agency engaged in national security, intelligence, or law enforcement activity, for use in furtherance of such activity,” and “by a financial institution subject to customer due diligence requirements, with the consent of the reporting company, to facilitate the compliance of the financial institution with customer due diligence requirements under applicable law.”[10]

The NDAA sets out criminal penalties for violations of various provisions, including willfully providing or attempting to provide false beneficial ownership information to FinCEN, willfully failing to report complete or updated beneficial ownership information to FinCEN, using or disclosing beneficial ownership information without authorization, and violating protocols to protect the security and confidentiality of beneficial ownership information provided to FinCEN.[11]

The Customer Due Diligence Rule

The CTA is not the government’s first effort to incorporate beneficial ownership information into the AML regime. In 2016, FinCEN issued the Customer Due Diligence Rule (CDD), and covered financial institutions were required to comply with it by May 2018. The CDD imposes obligations on certain financial institutions to obtain beneficial ownership information for particular types of customers as part those financial institutions’ AML programs.

Specifically, the CDD requires the covered financial institutions to identify and verify the beneficial owner or owners of each customer at the time a new account is opened.[12] A “beneficial owner” is defined, similar to the definition in the CTA, as someone “with significant responsibility to control, manage, or direct” the entity customer or who “directly or indirectly . . . owns 25 percent or more of the equity interests” of the customer.[13] The CDD also requires financial institutions to “understand[] the nature and purpose of customer relationships” and “conduct[] ongoing monitoring” to, among other things, “maintain and update customer information.”[14]

In short, through the CDD, FinCEN imposes obligations on financial institutions to obtain information about their entity customers nearly identical to the information that the CTA would require companies to provide directly to FinCEN.


This overlap between the CDD and the CTA was obviously not lost on Congress. Indeed, a provision of the CTA specifically requires FinCEN to revise the CDD to, among other things, “bring the rule into conformance with” the CTA, and “reduce any burdens on financial institutions and legal entity customers that are, in light of the [CTA], unnecessary or duplicative.”[15]

Nevertheless, there is little doubt that, even after the CDD is revised, financial institutions will retain customer due diligence requirements as part of their AML programs. The CTA makes clear that any revisions to the CDD should “account for the access of financial institutions to beneficial ownership information filed by reporting companies under” the CTA “to confirm the beneficial ownership information provided directly to the financial institutions to facilitate the compliance of those financial institutions with anti-money laundering, countering the financing of terrorism, and customer due diligence requirements.”[16] And one of the permissible bases for FinCEN to disclose reported beneficial ownership information is pursuant to a request by a financial institution, with consent of the reporting company, “to facilitate the compliance of the financial institution with customer due diligence requirements under applicable law.”[17]

Thus, Congress made clear that the CTA should not be construed to authorize FinCEN “to repeal the requirement that financial institutions identify and verify beneficial owners of legal entity customers under” the CDD.[18] Indeed, in connection with a prior version of the CTA, which contained a similar directive to FinCEN to revise the CDD, dissenting members of the House Committee on Financial Services observed that the proposed legislation “fails to repeal and replace the [CDD] rule, of which financial institutions have been critical. The supposed justification for this bill is the burden associated with implementing the CDD rule. However, CDD will continue to co-exist with [the proposed legislation].”[19]

In short, although there are likely to be revisions to the CDD to account for the beneficial ownership information the CTA requires to be reported to FinCEN, there is little doubt that financial institutions will retain customer due diligence obligations related to identifying and verifying beneficial ownership information.


The CTA has widely been lauded as an instrumental tool in combatting the use of anonymous shell companies to launder criminal proceeds. The fact that law enforcement will now have access to a repository of beneficial ownership information and criminal penalties to enforce compliance will undoubtedly go a long way toward that end. What remains to be seen, however, is how this new tool will affect financial institutions.

In particular, there are many ways that FinCEN could lessen financial institutions’ AML compliance burdens to account for its database of beneficial ownership information without repealing the requirement that financial institutions identify and verify beneficial owners of legal entity customers. For example, FinCEN could deem CDD obligations satisfied so long as the financial institution obtains (with consent of the customer) beneficial ownership information from FinCEN. Or FinCEN could revise the CDD’s definition of “legal entity customer” (customers for whom financial institutions must obtain beneficial ownership information)[20] to include only those entities that are excluded from the definition of “reporting company” under the CTA.[21] Thus, to the extent that the CDD was burdensome for certain institutions to implement, the creation of this database under the CTA could be enormously helpful for compliance purposes if financial institutions would be able to request confirmation of beneficial ownership information for purposes of compliance with the CDD.

Until FinCEN complies with the congressional directive to revise the CDD in light of the CTA, the CTA will have little effect on financial institutions’ AML procedures. Those financial institutions covered by the CDD must still obtain and verify beneficial ownership information of entity customers, among other regulatory requirements. Ultimately, however, those AML obligations—or at the very least, the manner in which financial institutions comply with those obligations—are very likely to change. Financial institutions should ensure that they develop and maintain robust compliance programs to limit their exposure to steep costs of government investigations or penalties in connection with enforcement actions.


If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following Morgan Lewis lawyers:

Megan R. Braden
Tinos Diamantatos

Alison Tanchyk

New York
Kelly A. Moore
Martha B. Stolley
Daniel B. Tehrani

Meredith S. Auten
John C. Dodds
Lisa C. Dykstra
Rebecca J. Hillyer
Ryan P. McCarthy
Zane David Memeger
John J. Pease, III
Eric W. Sitarchuk

Washington, DC
Douglas W. Baruch
Giovanna M. Cinelli
Sandra Moser
Kenneth J. Nunnenkamp
Jennifer M. Wollenberg

[1] NDAA §§ 6401-03.

[2] Id. § 6402(2).

[3] Id. § 6402(3).

[4] Id. § 6402(4).

[5] US Department of the Treasury, National Strategy for Combating Terrorist and Other Illicit Financing (2020).

[6] NDAA § 6403(a).

[7] Id. (adding 31 U.S.C. § 5336(a)(3)).

[8] Id. (adding 31 U.S.C. §§ 5336(b)(1)(A)-(D)).

[9] Id. (adding 31 U.S.C. § 5336(c)).

[10] Id. (adding 31 U.S.C. § 5336(c)(2)(B)).

[11] Id. (adding 31 U.S.C. §§ 5336(c)(3)-(4), (h)(1)(A)-(B), (h)(2)).

[12] 31 C.F.R. § 1010.230(b)(1), (2).

[13] 31 C.F.R. § 1010.230(d).

[14] 31 C.F.R. § 1020.210(a)(2)(v); see also 81 Fed. Reg. 29398, 29399.

[15] NDAA § 6403(d)(1).

[16] Id. § 6403(d)(1)(B).

[17] Id. § 6403(a) (adding 31 C.F.R. § 5336(c)(2)(B)(iii)).

[18] NDAA § 6403(d)(2)(B).

[19] H.R. Rep. No. 116-227, at 41 (2019).

[20] See 31 C.F.R. § 1010.230(e).

[21] See NDAA § 6403(a) (adding 31 U.S.C. § 5336(a)(11)(B)).