FinCEN Customer Due Diligence Rule: the challenge of increasing transparency

The identification of legal entities’ beneficial owners has been part of FATF Recommendations since 2003. It is a cornerstone of Customer Due Diligence measures for the international standard setter in the field of anti-money laundering and counter-terrorism financing (AML-CTF) matters.

The latest Financial Crimes Enforcement Network (FinCEN) rule on Customer Due Diligence (CDD Rule) is a welcome step forward towards greater transparency and addresses a significant finding that was raised in the scope of the FATF’s evaluation of the US AML-CTF regulatory framework. The Mutual Evaluation Report of the USA, issued in 2016, pointed out the fact that the “lack of timely access to adequate, accurate and current beneficial ownership (BO) information remains one of the fundamental gaps in the US context.”

Looking at the issue of UBO transparency from a global perspective, the comparison between the United States and other G20 countries on UBO transparency is indeed not flattering for the United States: The Transparency International research “G20 Leaders or Laggards” highlights that among G20 states, besides the United States, only Canada and China have not imposed rules for the identification of UBO.

The European example

European Union (EU) appears to be far ahead on implementing rules for ensuring transparency in the ownership structure of legal entities. The issue of UBO identification was on the regulatory agenda as early as 2005, with the introduction of the 3rd European Directive on AML. This important piece of European AML Regulation promoted the risk-based approach as a key strategy for tackling money laundering and terrorist financing. It also required obliged entities to identify the individuals controlling legal entities so that they cannot be used for hiding asset ownership.

Measures to further increase transparency on legal entities’ ownership were brought about by the 4th (2015) and 5th (2018) money laundering directives:

  • For the constitution of national UBO registers,
  • For ensuring reliable UBO information,
  • For providing public access to UBO registers.

A positive global trend is noticeable. There is a push toward centralized beneficial ownership data. In the UK, for example, there is the People with Significant Control (PSC) register, which includes information about the individuals who own or control companies. To date, however, only a few countries have collected beneficial ownership data and made it shareable with the public due to the numerous challenges inherent in such an endeavor. The UK parliament also voted earlier this year to accept an amendment to the sanctions and anti-money laundering bill that requires the UK’s overseas territories (the British Virgin Islands, Cayman Islands etc.) to publish public registers of company ownership by the end of 2020. It reflects that the will to extend the beneficial ownership disclosure to tax heaven across Atlantic will not only improve governance of tax avoidance and corruption but might also influence the Americas to follow a similar path.

FinCEN has initiated the journey towards the implementation of sound UBO identification requirements. EU regulations might set the path for the United States to catch up. It will be interesting to observe whether the United States follows the same path and if so, at what pace.

The CDD Rule’s actual requirements

Effective May 11, 2018, the Financial Crimes Enforcement Network (FinCEN) amended the Bank Secrecy Act with its Customer Due Diligence Requirements for Financial Institutions (CDD Rule). The additional requirements aim to prevent criminals and terrorists from misusing opaque companies to disguise their illicit activities and launder their ill-gotten gains.

Zooming in the key provisions of the CDD Rule, obliged institutions are to identify and verify the ultimate beneficial owners of their legal entity customers. FinCEN defines beneficial owners as “the natural persons of legal entity customers who own, control, and profit from companies when those companies open accounts.”

The CDD Rule applies to:

  • Banks
  • Brokers or dealers in securities
  • Mutual funds
  • Futures commission merchants and introducing brokers in commodities

CDD Rule: Four Core Requirements

Covered financial institutions will be required to establish and maintain written policies and procedures that are reasonably designed to:

  1. Identify and verify the identity of legal entity customers
  2. Identify and verify the identity of the beneficial owners of companies opening accounts
  3. Understand the nature and purpose of customer relationships to develop customer risk profiles
  4. Conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information

 Who are the beneficial owners?

With respect to the new requirement to obtain beneficial ownership information, financial institutions will have to identify and verify the identity of any individual owning 25 percent or more of a legal entity (the ownership prong), and an individual who controls the legal entity (the control prong). This means that for any given legal entity, the number of beneficial owners will range from 1 to 5 (minimum 1 person with significant control, 0 to 4 individuals with 25%+ ownership).

Arising compliance challenges and next steps

Effective compliance with the CDD Rule will require the subjected entities to redesign their onboarding processes, notably through the identification of additional persons and performance of additional due diligence steps, such as sanctions screening.

The requirement to “verify” UBO information is also a challenging one; as long as no central source of UBO information is available to the financial institutions as in the EU member states, the verification will be limited to the authenticity of the identification documents. Without a central, independent source of information, the UBO identification will be mostly declarative, based on the prospects’ declarations.

Hence, the logical next step will be for the US regulators to take measures ensuring reliable & current UBO information is available to the financial institutions when conducting CDD.

 Meeting requirements efficiently

Perhaps the biggest challenge is how to meet the CDD Rule’s compliance requirements efficiently. Identifying ultimate owners can be a manual and time-consuming task, often resulting in individuals physically mapping out an ownership tree with pen and paper. This is highly inefficient and open to regulatory questioning.

However, there is also pressure to have clearer upfront visibility of whether an existing or prospective counterparty is state-owned or sanctioned, ideally before formal screening is undertaken. If an organization is made aware of a counterparty’s status almost immediately, it can help them to determine the level of enhanced due diligence (EDD) required as well as decide whether to continue onboarding or reviewing the counterparty.

Complying efficiently is, therefore, a distinct yet critical challenge for CDD Rule subjected entities; investment in the right set of tools, data, and staff training will rapidly become instrumental in building a competitive advantage over those firms that rely on manual processes and unskilled staff. It is therefore of utmost importance for your firm to start reflecting on the assets required to comply.


Accuity constantly monitors regulatory changes to design the compliance solutions that will enable your institution to gain clear insights on with whom you are doing business, with greater ease and efficiency. To learn more, visit