Coming into force on May 11th, 2018, FinCEN’s Final Customer Due Diligence (CDD) Rule (i.e. FinCEN Final Rule (CDD)) will bring in sweeping new changes to how financial institutions collect, maintain and act upon beneficial ownership information and conduct customer due diligence. The Rule codifies new and existing CDD requirements under the Bank Secrecy Act (BSA) for covered financial institutions (namely those already subject to the BSA Customer Identification Program (CIP) requirements).

The Final Rule, in the works since 2012, arrived swiftly on the back of the 2016 Bahamas Leaks and Panama Papers scandals, which resulted in the financial details of hundreds of thousands of accounts being leaked into the public domain. These leaks highlighted the level of wealth being hidden from government and regulatory scrutiny through the use of shell companies. Shell companies are a particular bugbear of law enforcement authorities, who believe that they are the vehicle of choice to launder money from the proceeds of drugs.

Preparing for Implementation

The FinCEN Final CDD Rule is a significant addition to the Bank Secrecy Act program and will provide greater alignment between US AML rules and FATF’s international standards. Known as the Fifth Pillar of BSA/AML compliance, this regulation promises to improve global corporate transparency by requiring financial institutions to identify and verify the identity of the beneficial owners of legal entity customers for each and every new account that is opened. This needs to be done even if the institution has already identified and verified the customer’s beneficial owners at the time the customer opened a previous account.

However, the rule also threatens a difficult road ahead for financial institutions to comply with its full remit, leading to potential eventual enforcement activity.

Up until now, there have been no set federal rules in place regarding ongoing identification of beneficial ownership in the US – instead it has been applied on a best practice approach. FinCEN is now officially enacting the de facto global standard around identification of beneficial ownership of entities, recommended by FATF five years ago.

Identification of Beneficial Ownership

Under the Final Rule, covered financial institutions are now required to document procedures incorporated into their AML compliance programs to identify and verify natural persons for each legal entity customer that opens an account on or after May 11, 2018. Once these natural persons are identified and verified, a covered FI must determine the beneficial owners of each legal entity. This is a significant addition to the current BSA/ AML regime as covered FIs are not “presently required to know the identity of the individuals who own or control their legal entity customers”. Many proponents of the Final Rule claim that this gap has enabled criminals, money launderers and terrorist financing organizations to process illegal proceeds through the financial services system through legal entities.

There is a dual prong test to establishing the beneficial owners in legal entities:

(a) Ownership:

A covered FI must identify and verify one or more natural persons who either directly or indirectly own 25% or more of a legal entity customer, and:

(b) Control:

They must also identify any natural person with significant responsibility to control, manage or direct a legal entity customer. This may include an executive officer or senior manager such as the CEO, CFO, COO, Managing Director, General Partners, President, Vice President, Treasurer etc., or any other individual who regularly performs similar functions.


In the aftermath of the Panama Papers and Bahamas Leaks scandals, the FinCEN Final Rule (CDD) is very much a welcome regulation in the fight to curb money laundering, terrorism financing and other criminal activity. There are many commentators that claim that the Rule does not go far enough – or at least as far enough as the Fourth Money Laundering Directive in Europe, which has already taken the lead in creating central registries to share collected information on legal entities.

While some Member States have only partially transposed this requirement to date, the UK is currently leading the pack with this approach, having implemented a requirement in June 2016 that all companies and limited partnerships report their beneficial ownership structures. This contrasts starkly with the FinCEN Final Rule (CDD) falling short in calling for the creation of central registers for beneficial owners despite pleas to use it to fight financial crime. Only time will tell if this will become a requirement under FinCEN Final Rule (CDD).

Download our whitepaper on FinCEN Final Rule Best Practice

GDPR whitepaper preview

 In this paper, we explore The 10 major implementation challenges banks can expect to encounter in the coming months, how the FinCEN Final Rule affects beneficial ownership disclosure requirements and 8 best practice approaches to deliver an efficient, risk-based approach to meet the full remit of FinCEN’s Final Rule.

Click here to download the paper