The Financial Crimes Enforcement Network recently issued administrative ruling FIN-2026-R001 to provide significant regulatory relief regarding the identification of legal entity owners. This new order allows financial institutions to bypass certain repetitive data collection steps that were previously mandatory under the 2016 Customer Due Diligence Rule. By focusing on a risk-based approach rather than a rigid account-based trigger, the Treasury Department aims to reduce the compliance burden on the private sector. The ruling aligns with broader federal initiatives to streamline government regulations while maintaining the integrity of the national financial system. This shift represents a major change in how banks and credit unions manage their ongoing customer due diligence obligations.
Table of Contents
FinCEN Exceptive Relief for Beneficial Ownership
The administrative order issued by the Financial Crimes Enforcement Network provides a critical exemption from the strict requirements of 31 CFR 1010.230(b). Historically, the 2016 Customer Due Diligence Rule required covered financial institutions to identify and verify the beneficial owners of a legal entity customer every single time a new account was opened. This applied regardless of whether the bank had just verified that same information a week prior or even on the same day. Under the new exceptive relief, institutions are no longer bound by this repetitive obligation for every subsequent account opening. Instead, the verification process is now consolidated to specific high-value moments in the customer relationship. The primary trigger for identification and verification remains the initial opening of the first account by a legal entity. This ensures that the baseline data is captured and vetted before any financial activity commences. By removing the need for redundant certifications, the regulator is responding to years of industry feedback suggesting that the previous system created massive paperwork trails with very little added value for law enforcement. The logic behind this relief is rooted in the idea that if the ownership of a company has not changed, forcing a bank to collect the same passport copies and signatures for a second or third checking account is an inefficient use of resources. This move is specifically designed to support economic prosperity by lowering the cost of doing business without opening doors for illicit actors to hide behind anonymous corporate shells.
Modernizing the Bank Secrecy Act Framework
The decision to grant this relief is part of a larger effort to modernize the Bank Secrecy Act and its implementing regulations. For several years, financial institutions and trade associations argued that the account-based trigger for beneficial ownership was one of the most burdensome aspects of the AML regime. The Treasury Department has acknowledged these concerns by shifting toward a more flexible and risk-based methodology. This transition is also supported by the Corporate Transparency Act, which mandates a revision of the 2016 CDD Rule to ensure it aligns with new national standards for reporting company information. The new order specifies that while the repetitive verification is gone, the underlying duty to maintain accurate records remains intact. Financial institutions must still have written procedures in place to manage the risks associated with their legal entity customers. They are expected to use their internal monitoring systems to detect when a customer profile might have changed. This means that the burden of proof has shifted from a calendar or event-based trigger to a behavioral and risk-based trigger. If a bank notices unusual transaction patterns or receives information suggesting a change in control, it must immediately re-verify the beneficial owners. This approach allows banks to allocate their compliance budgets toward investigating actual suspicious activity rather than processing repetitive forms for long-term clients. It also ensures that the United States remains compliant with international standards set by organizations like the Financial Action Task Force, which emphasizes that anti-money laundering efforts should be proportional to the risks identified.
Compliance Obligations and Risk Triggers
Despite the broad nature of the relief, there are three specific scenarios where a covered financial institution must still conduct full identification and verification. First, the requirement remains absolute for the very first account opened by a legal entity customer. Second, an institution must perform the verification any time it gains knowledge of facts that call the reliability of previous information into question. This could include news reports, changes in corporate filings, or updates provided by the customer during routine interactions. Third, the relief does not override the internal risk-based procedures of the institution. If a bank determines through its ongoing due diligence that a particular customer or industry segment requires more frequent updates, it must follow those internal protocols. Furthermore, if a bank chooses to use the relief, it can allow a customer to simply certify or confirm that their previous information is still accurate. This confirmation can be done either in writing or verbally, provided the bank maintains a clear record of the interaction. This flexibility is a significant departure from the previous requirement for a formal signed certification form for every account. It allows for a more seamless digital banking experience where a customer can confirm their status through an online portal or a recorded phone call. However, if a customer is unable or unwilling to certify that their information is current, the bank is legally required to revert to the full identification and verification process. This ensures that the system cannot be gamed by individuals who are attempting to obscure their control over a legal entity as their ownership structure evolves over time.
Impact on Financial Institution Operations
The long term impact of this administrative ruling will likely be a reduction in the operational friction associated with corporate banking. For large corporate clients that manage dozens or hundreds of accounts across various subsidiaries, the previous rule was a significant hurdle to efficient cash management. By allowing institutions to rely on previously obtained and verified data, the Financial Crimes Enforcement Network is enabling faster account onboarding for existing customers. This change is consistent with Executive Order 14192, which focuses on unleashing prosperity through deregulation. It recognizes that the private expenditures required to comply with federal regulations should be minimized whenever the security of the financial system is not at risk. The regulator has made it clear that this relief is discretionary. An institution that prefers the certainty of the old system or has already built automated tools to handle repetitive certifications may continue to operate under those old standards. There is no penalty for exceeding the minimum requirements of the law. However, most experts expect a rapid industry-wide adoption of the new standards to improve customer satisfaction and reduce administrative overhead. The Treasury Department will continue to monitor the implementation of this order to see how it affects the quality of data available to law enforcement. If the relief leads to a noticeable degradation in the accuracy of beneficial ownership information, the Director of FinCEN has the authority to revoke or modify the exception at any time. This serves as a reminder that the privilege of regulatory relief comes with the responsibility of maintaining a robust and effective anti-money laundering program.
Key Points
- FinCEN granted exceptive relief from the requirement to verify beneficial owners at every new account opening for existing legal entity customers.
- Financial institutions must still identify and verify beneficial owners when a legal entity customer opens their first account.
- Re-verification is mandatory if the institution has reason to doubt the accuracy of previously collected ownership information.
- Institutions must maintain records of any verbal or written certifications used to confirm that existing ownership data remains accurate.
Related Links
- Treasury Department Modernization of the Bank Secrecy Act
- Federal Register Notice on Customer Due Diligence Requirements
- Corporate Transparency Act Implementation Updates
Other FinCrime Central Articles About Regulation Around Beneficial Ownership
- Swiss Transparency Shake-Up Boosts Beneficial Ownership Oversight
- Canada Tightens Beneficial Ownership Rules to Combat Dirty Money
- UK Push for Public Beneficial Ownership Registers Gains Momentum
Source: FinCEN
Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.
Want to promote your brand, or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.
