What is the FinCEN Beneficial Ownership Rule?

The Financial Crimes Enforcement Network (FinCen), a department of the United States Treasury, introduced the Beneficial Ownership Rule in May of 2016 with a mandatory implementation date of May 11th, 2018. The Beneficial Ownership Rule mandates financial institutions collect ownership information when legal entities open a new account. Specifically, the rule requires the authorized signer opening the account identifies each individual that owns 25% or more of the entity, as well as at least one individual with significant management responsibilities. It does not require the signer to provide documentation or proof of the ownership structure. The individual must simply attest to the accuracy of the information. When identifying beneficial owners, the signer is also required to provide personal information for each individual identified, including legal name, date of birth, address, social security number, and their percentage of equity ownership in the underlying entity.

The Beneficial Ownership Rule should not impact businesses on a day to day basis, but it will create an additional step when working with financial institutions. Having the necessary beneficial ownership information on file and available to authorized signers should mitigate any potential delays or hurdles the rule may create.


Who is considered a beneficial owner?

  • The Beneficial Ownership Rule includes two prongs, an ownership prong and a control prong:
  • The ownership prong consists of any individual that directly or indirectly owns 25% or more equity in the legal entity opening an account. Under the Beneficial Ownership Rule, every individual that falls under this definition must be identified.
  • A beneficial owner under the control prong is any individual that has significant responsibility to control, manage, or direct the legal entity, e.g., an executive or senior manager. At least one individual that falls under this definition must be identified.
  • Note: Owners will often fit the definition under both prongs. If that’s the case, there’s no need to identify a separate individual to meet the requirements of the control prong.

Are financial institutions required to collect beneficial ownership information for accounts opened prior to the May 11th, 2018 effective date?

Financial institutions are not required to conduct a retroactive review to obtain beneficial ownership information from accounts opened prior to the effective date, however, if an existing client opens a new account after the effective date, the financial institution is required to collect beneficial ownership information at that time.

Why is FinCen imposing these requirements?

FinCen states their goal is to create greater transparency in our financial system. The final rule states, “Covered financial institutions are not presently required to know the identity of individuals who own or control their legal entity customers (also known as beneficial owners). This enables criminals, kleptocrats, and others looking to hide ill-gotten proceeds to access the financial system anonymously. The beneficial ownership requirement will address this weakness and provide information that will assist law enforcement in financial investigations, help prevent evasion of targeted financial sanctions, improve the ability of financial institutions to assess risk, facilitate tax compliance, and advance U.S. compliance with international standards and commitments”.

Are there any types of entities that are not required to provide beneficial ownership information under the rule?

  • Yes, the following types of entities are some of those excluded from the Beneficial Ownership Rule:
  • Financial Institutions regulated by a federal or state regulator
  • Non-profits*
  • Departments or agencies of the U.S. of any State, or any political subdivision of a State
  • Any entity that exercises governmental authority on behalf of the United States or any such State or political subdivision.
  • Public companies or any entity where a majority of the equity (51%+) is owed by a public company.
  • Unincorporated associations
  • Trusts*
  • Investment companies and advisors registered with the SEC
  • Any other entity registered with the SEC under the Securities and Exchange Act of 1934.

* Must still provide personal information from at least one individual with significant responsibility to manage or direct the entity.

Does FinCen provide guidance or standards for protecting beneficial owners personal information?

  • The Beneficial Ownership Rule does not create any new standards or guidelines for financial institutions to protect personal information, however, the rule does make it clear existing Federal and State privacy laws, such as the Right to Financial Privacy Act, govern the protection of beneficial ownership information. It is the responsibility of the institution collecting the information to protect it.
  • Gravity Payments takes this responsibility very seriously. Keeping every one of our client’s information is a top priority. Gravity will not share personal information outside of the context of regulation and compliance.

How Gravity Payments applies and works within this change

Your security and best interests are our top priority, and we created this FAQ to educate you on this rule and what you can expect from it.

Will Gravity Payments be sharing my personal information with FinCEN?

Gravity will only share information in situations where suspicious activity is detected or in cooperating with investigations.

Will Gravity Payments use my information to run my credit report?

Gravity may only pull credit reports on individuals who signed the application and/or a personal guarantee. We will not use the information to pull a credit report on anyone who hasn’t provided prior consent.

We are committed to keeping your information secure. Here are other ways we protect your information:

  • We store information using a file server and cloud-based system which undergoes strict data security requirements.
  • Gravity Payments maintains a perimeter firewall which prevents attackers from accessing information.
  • We keep logs on all inbound and outbound traffic while an intrusion detection system is used allowing us to respond to any unusual network traffic events.
  • Information is accessed from workstations that are locked down using recommended security industry standards.
  • We maintain logs of users access to resources on servers that may contain customer data. All users are granted access on a least-privilege basis.

For current clients of Gravity Payments with questions, please contact us at (866) 701-4700. We are here to help.

For additional information on this change, see this document from the Federal Register website.

Categories: Industry Updates, Payments