While the compliance deadline for financial institutions to implement the new beneficial owner rules will not arrive until May 11, 2018, compliance professionals across the nation are already working hard to make sure their organizations get it right.

The new rules generally obligate financial institutions and other entities subject to Customer Identification Program (“CIP”) requirements under the Bank Secrecy Act (“BSA”) to identify certain beneficial owners and individuals controlling their legal entity customers. The rules also amend anti-money laundering program requirements to include a duty to conduct ongoing customer due diligence.

Below are ten things compliance professionals need to keep in mind as they implement the beneficial owner requirements of the new rules:

  1. The Rules Provide a Floor—not a Ceiling. While regulators expect all financial institutions to comply with the new minimum requirements set forth in the rules, organizations can opt to apply higher beneficial owner standards, and in cases of high risk, primary federal regulators may expect such higher standards.

  2. The Rules Are Not Retroactive. Financial institutions are not obligated to identify beneficial owners for accounts existing prior to the compliance deadline. However, in the course of monitoring existing accounts, if the institution learns information about beneficial owners of a customer that may be relevant to assessing or reevaluating risk, then the beneficial owner information should be collected and their identities should be verified at that time.

  3. There Will Always Be a “Controlling” Individual. There are two prongs to the beneficial ownership requirements. First, the customer needs to identify any owners of 25% or more of the equity interests of the legal entity. There may be no owners that meet this threshold. Second, the customer must identify a single individual with “significant responsibility to control, manage, or direct a legal entity customer,” which may or may not be one of the owners. The customer must always identify a control person under this prong, regardless of whether any 25% owners are identified.

  4. Use of the Certification Form Is Optional. The rules include a “Certification Regarding Beneficial Owners of Legal Entity Customers” for collecting beneficial ownership information from customers. Use of this form is not mandatory, nor does it provide a safe harbor. Institutions may collect the required information by whatever means they choose, as long as the individual completing the form certifies, to the best of his/her knowledge, the accuracy of the information.

  5. Institutions Need to Verify the Individual’s Identity, Not Status. Financial institutions do not need to independently verify that the individuals named as beneficial owners are actual beneficial owners of the entity. The institution can rely on the customer’s identification of these individuals, provided the institution has no knowledge of facts that would reasonably call into question the names the customer gave. However, the institution does need to verify the identities of the individuals the customer names.

  6. Photocopies Are Acceptable. Unlike other CIP rules that require customers to provide original identification documentation, when verifying the identity of a beneficial owner, institutions can use photocopied or other forms of reproduced documentation. However, the institution will need to decide what standards the photocopies must meet in order to be acceptable (e.g., legibility standards or digital format requirements).

  7. Not All Types of Legal Entities Are Covered. Financial institutions need only verify the identities of beneficial owners when the customer opening the account meets the definition of a “legal entity customer.” This term includes a corporation, limited liability company, general or limited partnership, business trust created by filing with a state office, or another entity that is created by filing a public document with a Secretary of State or similar office. It also includes similar entities formed under foreign laws. This definition does not include sole proprietorships, unincorporated associations, or trusts. Current CIP requirements and guidance continue to apply to these other entities.

  8. There Are Important Exclusions to the Legal Entity Customer Definition. While the list of excluded entities is fairly long, here are some notable exclusions: (a) financial institutions and bank holding companies; (b) certain federal and state government entities; (c) publicly held companies traded on certain U.S. stock exchanges and their majority owned domestic subsidiaries; (d) registered investment advisers and companies; (e) public accounting firms registered under the Sarbanes-Oxley Act; and (f) insurance companies regulated by a state.

  9. If a Trust Owns an Entity, Look at the Trustees. A trust may be the beneficial owner of 25% or more of another entity, such as a corporation. In this case, the financial institution should verify the identity of the trustee(s). The customer would also need to provide the name of a person with control over the entity.

  10. The Definition of “Account” Is the Same As in the CIP Rules. The beneficial owner rules apply to a legal entity customer that opens an “account,” as that term is defined in the CIP rules.