How FinCEN’s New BOI Rule Might Affect FIs

As of January 1, 2024, businesses must report all beneficial ownership information (BOI) to the U.S. government, according to the latest FinCEN mandate. This new regulation falls under the 2021 bipartisan Corporate Transparency Act (CTA), which aims to make it harder for bad actors to hide gains through hidden ownership structures and shell companies. But there is still some uncertainty of what new BOI reporting standards – and a new BOI database – will mean for the financial institutions (FIs) that serve reporting businesses.

Currently, FIs rely on customer-reported BOI under the Customer Due Diligence (CDD) Final Rule — but the CTA database potentially offers a new avenue for collecting information. How FIs access and incorporate this data into their pre-established Bank Secrecy Act / Anti-Money Laundering (BSA/AML) compliance processes, though, still hasn’t been fully answered by FinCEN.

Enigma chatted with Ballard Spahr’s Peter Hardy, a former federal prosecutor, and current national thought leader on the subject of money laundering, anti-money laundering, and criminal tax law. Hardy discussed how FIs can use BOI obtained under the CTA to conduct enhanced due diligence, what accessing the new BOI database might look like for FIs, and the remaining questions facing FIs — such as how to align their duties under the CTA and CDD rules and how to adjust their compliance process to new BOI reporting standards.

This interview has been edited for length and clarity.

How will FinCEN’s new Beneficial Ownership Information regulations – outlined in the Corporate Transparency Act – affect FIs? How will these new regulations align or clash with standards outlined in the Customer Due Diligence Final Access Rule?

Although FinCEN still needs to issue proposed regulations aligning the CTA with the CDD Rule, the finalized BOI access regulations certainly shed some light on how FIs will be able to access and use BOI obtained under the CTA.  First, and unlike the previously proposed BOI access rule, FIs will not be confined under the final access rule to requesting and using CTA BOI only for “pure” CDD Rule compliance. Instead, FIs will be able to access CTA BOI more broadly, such as for the purposes of maintaining their BSA/AML compliance program; compliance with sanctions screening; potential filing of Suspicious Activity Reports (SARs); and conducting enhanced due diligence. This is an important revision, which attempts to address prior criticisms from FIs and other stakeholders that broader access to BOI is necessary to both effectuate the goals of the CTA and for FIs to comply more effectively with the BSA in general.

What might access to a BOI database mean for FIs? Can FIs access this information?

The final access rule has streamlined access to the BOI database. This is certainly true for federal law enforcement, which may access and query the BOI database directly, but also for FIs, which likewise will have direct access to BOI, but in a more limited fashion than the government. FinCEN still needs to publish the proposed forms for requesting access to the BOI database, so the details of how exactly this will work remain unclear.

What are some of the remaining questions and challenges affecting FIs when it comes to collecting BOI?

The forthcoming proposed CDD alignment regulations will need to address several important remaining questions and potential challenges facing FIs.

First, they should state explicitly that FIs are not required to access the BOI database – particularly because FinCEN’s forthcoming BOI reporting form presumably will allow reporting companies to not provide key information.

Second, they should provide a clear and practical mechanism for FIs to address situations in which BOI collected under the CDD Rule does not match BOI obtained through the CTA – particularly because FinCEN has indicated that it will not verify the accuracy of BOI collected under the CTA.

Third, and assuming that the proposed regulations change the current exceptions to CDD Rule reporting (because exceptions to reporting under the CTA and the CDD Rule are currently different), they should explain clearly how FIs can adjust effectively their current CDD Rule reporting systems, which have been in place for years, and provide sufficient time to do so.

Fourth, they should include a safe harbor from liability for FIs that use BOI obtained from the CTA database.

Fifth, they should explain clearly how FIs can obtain customer consent to access CTA BOI.

Finally, they should state explicitly that FIs may rely on BOI obtained from the CTA database, just like FIs may rely upon BOI obtained from customers under the current CDD Rule.


Enigma aims to help FIs in these ongoing KYB and onboarding challenges through Enigma KYB. We enrich traditional KYB data sources like Secretary of State filings with foreign filings, operating names, operating addresses, and websites, to provide a complete view of a business. This means we can better match businesses off of DBA names and other common application inputs. Because of this, in tests we found Enigma was able to instantly verify 70% of business applicants, compared to 40.8% by the leading competitor. Contact us to learn more.

Related Resources