The fight against money laundering and corruption has made financial transparency a global priority, meaning it is critical that we know who we are doing business with. Entering into a contract or business relationship with a company without full knowledge of beneficial ownership, past or present, introduces significant risk to an organization.  Even an unwitting contravention of anti-money laundering, anti-corruption and bribery legislation can have extreme consequences through regulatory censure, financial penalties, reputational damage.

The G20’s commitment to increase corporate transparency and crack down on anonymous and secretive shell companies has been one such step in the fight against money laundering. And proposed changes to EU and US anti-money laundering (AML) and customer due diligence legislation will soon affect the way in which organizations assess business risk.

These changes include tightening up the complex issue of ultimate beneficial ownership (UBO).

What does the term ‘beneficial ownership’ mean for AML purposes?

There is no universal and finite definition of ‘beneficial owner’. Various bodies, governments and institutions differ in their interpretation, and it also depends on the legal person’s form.

The Financial Action Task Force (FATF), which sets global AML requirements, defines a beneficial owner as

• “the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement”.

With regards to the owning threshold, FATF does not provide a clear numerical answer and only states 25 percent as an example.

The Office of Foreign Assets Control (OFAC) stated that

• it would treat an entity as being subject to US sanctions if it is owned 50 percent or more in aggregate by designated persons.

The Foreign Account Tax Compliance Act (FATCA), on the other hand, requires

• the institution to follow a 10 percent ownership rule.

What regulations are being put in in place or expanded in order to identify UBOs?

The requirement for financial institutions to know their clients is not new. But amid growing demand for increased transparency, the need for UBO identification has gained momentum in the last few years.

The issue was among the key topics at the G8 Summit in 2013 and the G20 Summit in 2014, following which the International Monetary Fund and Organization for Economic Cooperation and Development (OECD) signed an agreement to ensure countries honour their commitments.

With governments now demanding increased business transparency, the UK introduced the Small Business, Enterprise and Employment Act 2015, which, among other changes, led to the creation of the PSC or ‘persons with significant control’ register.

Regulators worldwide are following suit with a number of codifications and clarifications:

1. The European Commission’s 4th Anti-Money Laundering Directive, which must be implemented by all member states by the end of this year. It includes changes to customer due diligence, record-keeping, regulation and supervision and transparency of requirements.
2. The Monetary Authority of Singapore’s Notice 626 on prevention of money laundering and countering the financing of terrorism, effective from May 2015.
3. The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) strengthening of the Bank Secrecy Act (BSA).

Its core elements concern identifying and verifying the identity of customers and identifying and verifying the beneficial owners of legal entity customers.

What should organizations have in place to identify UBO?

Organizations need to have a robust, risk-based and auditable process which can identify who exercises ultimate effective control over legal persons. If the information is collected from the customer, organizations need to take reasonable steps to verify the information with public and reputable sources.

It is not sufficient to just find out who the beneficiaries are, but to understand what compliance risk, if any, they present to the organization.

This can be achieved through appropriate level of due diligence checks on all beneficiaries. Following the identification and analysis of risk, each organization must have a strong, documented policy of a risk-based approval process and regular monitoring of the ownership relationships.