By: David Shields, Principal
Reilly McAfee, Law Clerk
Most business entities operating in the United States must be formed or registered to do business in one or more states, depending on the type of entity and the state in which they choose to operate. Each state governs the form, timing, and filing procedures to form or register a business entity. With 51 different places to form or register, the rules vary drastically. States like Texas require annual filings and the disclosure of each director, manager, general partner, and owner, all of which are publicly available. Delaware, in contrast, requires limited public filing, which allows entities and their owners and managers to maintain some degree of privacy.
The Corporate Transparency Act (“CTA”), part of the Anti-Money Laundering Act of 2020 (“AML Act”) is here to change that, effective January 1, 2024.
What are the changes?
The CTA establishes uniform beneficial ownership information reporting requirements for certain types of corporations, limited liability companies, and other similar entities created in or registered to do business in the United States. Going into effect January 1, 2024, the CTA authorizes the US Treasury Financial Crimes Enforcement Network (“FinCEN”) to collect certain information and disclose it to authorized government authorities and financial institutions, subject to effective safeguards and controls. FinCEN will do so by requiring certain entities to observe certain new reporting requirements.
Who and What do the New Rules apply to?
Under the CTA, a “reporting company” is defined as a corporation, LLC, or other entity created by the filing of a document with a Secretary of State or similar office or formed under the laws of a foreign country and registered to do business by the filing of a document with a Secretary of State or similar office.
While certain entities are exempt, most small business will be required to file what is known as a Beneficial Ownership Interest Report (“BOI report”). Specifically, the rule requires BOI reports be submitted for ownership in two types of companies: domestic reporting companies and foreign reporting companies. A domestic reporting company is a corporation, LLC, or any entity created by filing with any state’s secretary of state or other office under the law of a state or Indian tribe. A foreign reporting company is a corporation, LLC, or other entity formed in a foreign country that has registered to do business in any state or tribal jurisdiction.
As stated above, Beneficial Owners of reporting entities must file what is known as a BOI Report. A Beneficial Owner is defined as any individual who either (1) exercises substantial control over an entity, or (2) owns or controls at least 25 percent of an entity. In keeping with the CTA, the rule exempts the following five types of individuals from the definition of “Beneficial Owner”:
1. A minor child, as defined in the State in which the entity is formed, if the information of the parent or guardian of the minor child is reported in accordance with this section;
2. An individual acting as a nominee, intermediary, custodian, or agent on behalf of another individual;
3. An individual acting solely as an employee of a corporation, LLC, or other similar entity and whose control over or economic benefits from such entity is derived solely from the employment status of the person;
4. An individual whose only interest in a corporation, LLC, or other similar entity is through a right of inheritance; or
5. A creditor of a corporation, LLC, or other similar entity, unless the creditor meets the requirements of subparagraph (A) (set forth above).
The CTA’s authorization of FinCEN to create the BOI rules was specifically designed to narrow the differences in state-by-state disclosure rules around ownership and decision making.
The new rules further set forth an array of entities not required to file a report, which include the following:
1. Securities Reporting Issuers;
2. Governmental Authorities;
4. Credit Unions;
5. Depository Institution Holding Companies;
6. Money Services Businesses;
7. Brokers or dealers in securities;
8. Security exchanges or clearing agencies;
9. Other Exchange Act registered entities;
10. Investment Companies or Advisers;
11. Venture Capital Fund Advisers;
12. Insurance Companies;
13. State Licensed Insurance Providers;
14. Commodity Exchange Act Registered entities;
15. Accounting Firms;
16. Public Utilities;
17. Financial Market Utilities;
18. Pooled Investment Vehicles;
19. Tax-exempt Entities;
20. Entities assisting a tax-exempt entity;
21. Large Operating Companies;
22. Subsidiary of Certain Exempt Entities; and
23. Inactive Entities.
In addition to Beneficial Owners, a company must also report who its Company Applicants are. There are only two categories of individuals from each entity who qualify as “Company Applicants”: (1) the individual who directly files the document that creates, or first registers, the reporting company, or (2) the individual that is primarily responsible for directing or controlling the filing of the relevant document on behalf of the reporting company.
The following examples illustrate how to identify Company Applicants in common company creation or registration scenarios.
Example 1: Individual X is creating a new company. Individual X prepares the necessary documents to create the company and files them with the relevant state or Tribal office, either in person or using a self-service online portal. No one else is involved in preparing, directing, or making the filing.
Individual X is a Company Applicant because Individual X directly filed the document that created the company. Individual X is the only Company Applicant, because Individual X is the only person involved in the filing. State or Tribal employees who receive and process the company creation or formation documents should not be reported as Company Applicants.
Example 2: Individual X is creating a company. Individual X prepares the necessary documents to create the company and directs Individual Y to file the documents with the relevant state or Tribal office. Individual Y then directly files the documents that create the company.
Individuals X and Y are both Company Applicants in this scenario—Individual Y directly filed the documents, and Individual X was primarily responsible for directing or controlling the filing. Individual Y could, for example, be Individual X’s spouse, business partner, attorney, or accountant. 
A reporting company may not have more than two Company Applicants. If only one person was involved in filing the relevant document, then only that person should be reported as a Company Applicant. Only reporting companies formed or registered on or after January 1, 2024 are required to report their Company Applicants. Companies created or registered before January 1, 2024, are not required to report their company applicants.
What information will I have to disclose?
For the company itself, the CTA will require disclosure of the following information: (1) its legal name and any trade name or DBA; (2) its address; (3) the jurisdiction in which it was formed or first registered, depending on whether it’s a U.S. or foreign company; and (4) its Taxpayer Identification Number (TIN).
Further, information to be provided about the company’s beneficial owners and Company Applicants includes: (1) legal name; (2) birthdate; (3) address (in most cases, a home address); and (4) an identifying number from a driver’s license, passport, or other approved document for each individual, as well as an image of the document containing that identifying number.
Where will this information be stored, and will it be publicly accessible?
The CTA directs the Secretary of the Treasury to maintain BOI “in a secure, nonpublic database, using information security methods and techniques that are appropriate to protect non-classified information security systems at the highest security level. . . .” To implement this requirement, FinCEN has been developing the Beneficial Ownership Secure System (BOSS) to receive, store, and maintain BOI.
BOSS will be secured to a Federal Information Security Management Act “High” compliance level, the highest information security protection level under the Act. FinCEN intends to issue proposed regulations governing the disclosure of BOI to authorized recipients and requiring, among other things, that recipients maintain the highest security safeguards practicable. As required by the CTA, the proposed regulations will ensure that Treasury has taken all appropriate steps to safeguard BOI and to disclose BOI only for authorized purposes consistent with the CTA.
The CTA authorizes FinCEN to disclose BOI under specific circumstances to five general categories of recipients: (1) U.S. Federal, state, local, and Tribal government agencies requesting BOI for specified purposes; (2) foreign law enforcement agencies, judges, prosecutors, central authorities, and competent authorities (foreign requesters); (3) financial institutions (FIs) using BOI to facilitate compliance with customer due diligence (CDD) requirements under applicable law; (4) Federal functional regulators and other appropriate regulatory agencies acting in a supervisory capacity assessing FIs for compliance with CDD requirements; and (5) the U.S. Department of the Treasury (Treasury) itself.
Under the proposed rule and as authorized by the CTA, FinCEN would disclose BOI to Federal agencies engaged in national security, intelligence, or law enforcement activities if the requested BOI is for use in furtherance of such activities. Authorized users from qualifying Federal agencies would be able to log in to the beneficial ownership IT system directly, run queries using multiple search fields, and review one or more results returned immediately. Users would have to submit justifications to FinCEN for their searches, and these justifications would be subject to oversight and audit by FinCEN. “Law enforcement activities” here would include both criminal and civil investigations and actions, such as actions to impose civil penalties, civil forfeiture actions, and civil enforcement through administrative proceedings.
Consistent with the CTA, the proposed rule would allow FinCEN to disclose BOI to state, local, and Tribal law enforcement agencies if “a court of competent jurisdiction” has authorized the law enforcement agency to seek the information in a criminal or civil investigation. A “court of competent jurisdiction” would be any court with jurisdiction over the criminal or civil investigation for which the state, local, or Tribal law enforcement agency requests BOI. Authorized users from these agencies would be required to upload a document issued by a court of competent jurisdiction authorizing the agency to seek BOI from FinCEN. After FinCEN has reviewed the relevant authorization and approved the request, an agency could then conduct searches within the beneficial ownership IT system using the same search functionality available to Federal agencies engaged in national security, intelligence, or law enforcement activities.
When and How should my company file its report?
If your company was or is to be created or registered before January 1, 2024, you must file by January 1, 2025. Otherwise, you must file within 30 calendar days of receiving actual or public notice from your state’s secretary of state or similar office that your company was created or registered.
With CTA violations carrying civil penalties of up to $500 for each day of the violation (capped at $10,000) and the possibility of imprisonment for perpetrators for up to two years, preparation for compliance with the CTA is of critical importance.
How will these changes impact my business beyond Filing
Buyers and Sellers in M&A transactions should be carefully consider the information disclosed and the individual selected to execute the form. Because it's publicly available, any deviation between diligence and reporting will require careful explanation.
Ownership and control issues are hotly contested items in corporate litigation. Privately-held businesses with arm's-length owners should employ proper planning and strategy in these disclosures, especially when contemplating or currently involved in litigation.
BANKING & CAPITAL MARKETS REQUIREMENTS
Beginning on January 1, 2024, private and FDIC-insured lenders should immediately add the requirement that each borrower, guarantor, and subsidiary provide all BOIs, as filed, to (a) their underwriting requests and (b) regular reporting requirements.
How can we help you be proactive about these changes and meeting your compliance obligations?
The updated disclosure rules discussed herein are broad in scope and fundamentally change the analysis of when and where to form entities. Family offices, private equity leaders, entrepreneurs, and in-house legal professionals should be aware and need to monitor these rules closely as they are rolled out. The professionals at Shields Legal Group already assist an array of clients ranging from individual entrepreneurs to publicly traded institutions in navigating common public disclosure rules, and are happy to help you understand how the CTA may affect your business, reporting obligations, as well as how to maintain compliance while prioritizing what matters to you and your business: privacy.
 Texas Tax Code §171.203
 Delaware Code Title 8, Chapter 5 §502
 Proposed 31 CFR 1010.380(a)
 See 31 CFR 1010.380(C)(1)
 31 USC §5336  31 USC §5336(a)(11)(A)(i)
 31 USC §5336(a)(11)(A)(ii)
 31 USC §5336(a)(3)(A)
 31 USC §5336(a)(3)(B)
 31 CFR 1010.380(c)(2)(i)-(xxiii)
 31 USC §5336(a)(2)(A)
 31 USC §5336(b)(2)(A); 31 USC §5336(a)(1)-(3)
 31 USC §5336(b)(1)(B)
 31 USC 5336(h)(3)(A)(i)-(ii)