Who Owns Your Business? The Government – and Maybe Litigation Adversaries – Want to Know

Posted by:

UPDATE:  On March 1, 2024 Judge Liles C. Burke, a federal court judge in Alabama, effectively invalidated the Corporate Transparency Act (CTA) by finding it unconstitutional: “The Corporate Transparency Act is unconstitutional because it cannot be justified as an exercise of Congress’ enumerated powers.”  2024-03-01 National Small Business United v Yellin, Case No 5.22-cv-1448-LCB  The decision will almost certainly be appealed, so expect further developments.  In the meantime while the federal CTA is not considered currently in effect, its state counterparts (such as the New York LLC Transparency Act) remain effective.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ORIGINAL POST:

As we usher in the new year, individuals aren’t the only ones making resolutions. Many business entities organized in the United States must also resolve to comply with the Corporate Transparency Act (CTA), a pivotal component of the National Defense Authorization Act for Fiscal Year 2021. This anti-money laundering law, enforced by the Financial Crimes Enforcement Network (FinCEN), aims to illuminate the ownership and control structures of entities operating within the U.S. But there are important exceptions and potential litigation risks to be aware of.

The Beneficial Ownership Interest Rule (BOI Rule) now mandates that most private business entities file a Beneficial Ownership Interest Report. The BOI Report provides personal information about individuals who own or control the entity. “Beneficial ownership” includes anyone who owns or controls 25% or more of the ownership interests, or who directly or indirectly exercises substantial control over a company. The net was cast widely to include almost any imaginable form of agreement that can grant control to someone, including equity, profit sharing agreements, voting trusts, convertible debt, stock options, joint ownership of an undivided interest, and ownership through subsidiaries. There are certain exceptions for minor children, intermediaries, agents, individuals acting solely as employees, creditors, and individuals whose only interest is through inheritance.

“Substantial control” includes individuals who serve as a senior officer of the entity (i.e., president, CEO, CFO, general counsel, or others who perform similar functions); majority or dominant minority directors; and anyone who directs, determines, or has substantial influence over important decisions made by the entity.

The CTA applies to “a corporation, LLC, or other similar entity that is either created by filing a document with a secretary of state or a similar office under the law of a State . . . or formed under the law of a foreign country and registered to do business in the United States. . . .” This includes Limited Liability Companies (LLCs), limited partnerships and business trusts. But it does not apply to sole proprietorships, general partnerships, or non-business trusts, because those entities are not created through a filing with a Secretary of State.

The CTA of course exempts public companies that file securities reports, but it also has a notable exemption for non-public “large operating companies” as well as some specialized entities like insurance companies, accounting firms, utilities, tax exempt entities, as well as inactive entities. “Large operating companies” that do not have to file a BOI Report are those which employ at least 20 full time employees, maintain a physical office in the U.S., and received at least $5 million in gross receipts for the last fiscal year.

The BOI Reports must include the entity’s name and any fictitious names, its address, its jurisdiction of formation, its taxpayer ID number, and elaborate identification of the beneficial owners: Full legal name, date of birth, residential address, and an identification number and digital copy (this may be a driver’s license, passport, or FinCEN ID). Entities created after January 1, 2024 must provide the same information about the company applicant who filed the paperwork to register the entity.

Entities in existence prior to January 1, 2024 must file their BOI Report by January 1, 2025. New entities registered between January 1, 2024, and December 31, 2024, must submit their BOI Report within 90 days of confirmation of formation. Entities formed on or after January 1, 2025 must submit their BOI Report within 30 days of confirmation of formation. Changes concerning beneficial ownership or corrections to previous BOI Reports must be filed within 30 days. The consequences of failure to file a BOI Report may be costly. A daily fine of $500 can be imposed for non-compliance, up to a maximum of $10,000. Individuals who submit false information in a BOI Report also may be subjected to criminal penalties.

BOI Reports are filed electronically with FinCEN, a bureau of the United States Department of the Treasury that collects information to address money laundering, terrorist financing, and other financial crimes. FinCEN’s “Access Rule” generally limits disclosure of BOI Reports to Federal agencies engaged in national security, intelligence, or law enforcement activity, and state, local, and tribal law enforcement agencies with court authorization, certain foreign law enforcement authorities and financial institutions with customer due diligence requirements and regulators supervising them for compliance.

Interestingly, there is no indication yet whether litigants would be able to obtain copies of BOI Reports through discovery processes in litigation such as civil subpoenas and demands for document production. For example, if a litigant alleges in a pleading that an opponent is an “alter ego” of an entity subject to the BOI Rule, will that be sufficient to require disclosure in discovery of the entity’s BOI Report? Until more specific laws are enacted, at present it seems likely that general constitutional and statutory provisions of the individual states that concern confidentiality and privacy would control such disclosures.

Companies and individuals who may be subject to the Beneficial Ownership Interest Rule would be well advised to consult counsel who can address the nuances of their situation.

0

Are You Ready for the New California Employment Privacy Regulations?

Posted by:

 

You may recall that the California Privacy Rights Act (CPRA) amendments (Cal. Civ. Code § 1798.100 et seq.) went into effect January 1, 2023, but enforcement was delayed until March 29, 2024. Employers with the requisite contacts with California consumers (which is defined in an extremely broad manner) will be required to provide employees with extensive privacy notices, respond to requests to exercise new data rights, limit uses and disclosures of HR data, and obtain contractual commitments from third-party recipients of personal information.

The CPRA amendments apply to any business with worldwide gross annual revenue of $25 million or more that collects personal information from any California consumer, which includes a service provider, an employee, a job applicant or an investor, for example.  All entities that share common branding will be subject to the CPRA requirements if even one of those entities meet the requisite standards.

Generally, when the employer is subject to CPRA, its employees (and service providers, job applicants, investors, etc.) have six data rights:
1. The Right to Delete
2. The Right to Correct
3. The Right to Know
4. The Right to Restrict the Use of Sensitive Personal Information
5. The Right to Opt-Out of the Sale or Sharing of their Personal Information
6. The Right to Not Be Retaliated for Exercising these Rights

Each of these general rights are subject to detailed requirements and exceptions that must be carefully considered and addressed by employers, who must give appropriate notification to employees.  Employers’ data subject to the CPRA includes only information collected on or after January 1, 2022.  Given the suspended enforcement, it is presently uncertain whether employers will be expected to be in compliance through a “look back” period that could apply as early as the enactment date of January 1, 2023, or whether employers will be given a pass on compliance until the enforcement stay expires on March 29, 2024. In any event, employers who may be subject to the amended CPRA would be well advised to start their compliance efforts as soon as possible, and should contact qualified counsel to guide their efforts.

0