In the US, covered financial institutions must establish and maintain written procedures reasonably designed to identify and verify the identities of beneficial owners of legal entity customers. This is known as the Beneficial Ownership Rule.1 Covered financial institutions include banks and other depository institutions, broker-dealers, mutual funds, futures commission merchants, and introducing brokers in commodities transactions.2 Beneficial owners are:
- any natural person having an equity ownership interest of 25% or more in a legal entity customer; and
- any control person (defined as an individual having significant responsibility for controlling, managing, or directing the legal entity customer). Examples include a chief executive officer, managing member, general partner, senior executive officer, or other individual who regularly performs such functions.3
If no individual satisfies the ownership prong, the covered financial institution must identify and verify the identity of a control person.
Financial institutions may rely on beneficial ownership information supplied by the customer, provided that they have no knowledge that would reasonably call into question the validity of that information. Beneficial owner due diligence must be conducted when a new account is opened, and during normal customer transaction monitoring if the financial institution detects information pertinent to its assessment of the money laundering risk posed by the customer and such information a possible change of beneficial ownership. The regulations do not apply retroactively; financial institutions must conduct this due diligence only on accounts established after the Beneficial Ownership Rule went into effect in July 2016.
In the UK, as part of conducting due diligence on a customer, regulated firms must identify all beneficial owner(s) of the customer and take reasonable measures to verify the identity of the beneficial owner(s) so that the firm is satisfied that it knows who the beneficial owner(s) are. If the beneficial owner is itself a legal person, company or a trust, the firm must take reasonable measures to understand the ownership and control structure of that legal person, company or trust. These obligations do not apply if the customer is listed on a ‘regulated market.’4
Where the customer is a company, a beneficial owner is defined as any individual who:
- exercises ultimate control over the management of the body corporate;
- ultimately owns or controls (whether directly or indirectly) more than 25% of the shares or voting rights in the company; or
- satisfies one of the conditions that would invoke the registration requirement for Persons of Significant Control.5
Where the customer is a trust, a beneficial owner includes, generally, each of the settlor, the trustees, beneficiaries, and any individual who has ‘control’ over the trust.
UK incorporated companies and LLPs must maintain a Register of People with Significant Control (PSC Register) that includes the name, date of birth, and address of beneficial owners.6 Before establishing a business relationship with a company which is subject to the requirement to maintain a PSC Register, the regulated firm must collect proof of PSC registration or an excerpt from the register from the company (although the Regulations make clear that any requirement to identify and verify the beneficial owners is not satisfied by “relying solely” on information contained in the PSC Register).
The regulated firm must report to the registrar any discrepancy the regulated firm finds between: information relating to beneficial ownership on the register; and information which becomes available to the regulated firm in the course of carrying out its customer due diligence obligations when establishing a business relationship with the customer. There is an exemption for privileged information.
Additionally, many types of trust (as specified in the regulations) are required to maintain up-to-date details (as specified in the regulations) of the trust, including its beneficial owners, and furnish those details to HMRC, which maintains a register.
1 31 CFR § 1010.230.
2 31 CFR § 1010.605(e)(1).
3 31 CFR § 1010.230(d).
4 Which means either a UK regulated market, or an EU regulated market, or a market outside the EEA which “subjects companies whose securities are admitted to trading to disclosure obligations which are equivalent to the specified disclosure obligations.”
5 The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (2017 Regulations), SI 2017/692, art. 5 (UK).
6 Companies Act 2006, c. 46, pt. 21A, sched. 1A (UK) (as amended by the Small Business Enterprise and Employment Act 2015).