Beneficial Ownership & Control

Identifying an individual is relatively easy. Identifying who really stands behind a company is where KYC gets hard — and where criminals do their best work. A company is just a legal wrapper.

Money laundering, sanctions evasion, and fraud are committed by people, and those people hide behind shells, holding companies, and chains of ownership designed to obscure them. Your task is to cut through the wrapper and find the real humans — the beneficial owners. Get this wrong and everything downstream, your risk rating and your screening, is built on a false picture.

And regulators agree it's the priority: opaque ownership is named again and again as the core vulnerability that lets dirty money cross borders.

The U.S. rulebook here is FinCEN's CDD Rule at 31 CFR 1010.

230, often called the Beneficial Ownership Rule. When a legal-entity customer — a corporation, LLC, or similar — opens an account, the bank must identify and verify two kinds of people. First, the ownership prong: each individual who directly or indirectly owns twenty-five percent or more of the entity's equity.

There can be up to four such owners, or sometimes none. Second, the control prong: at least one individual with significant responsibility to control or manage the entity — a CEO, managing member, general partner, or similar. Note that you always get at least one person from the control prong, even when no single owner hits the 25% threshold.

Here's a distinction that trips people up. The CDD Rule is an obligation on the bank — what you must collect when onboarding a company. The Corporate Transparency Act, or CTA, is different: it created a direct reporting obligation on companies themselves to file their beneficial ownership information with FinCEN, under the BOI Reporting Rule at 31 CFR 1010.

380. That BOI data feeds a federal registry. So the CDD Rule is bank-facing and the CTA is company-facing.

As an analyst you should know both exist, know they use similar concepts but aren't identical, and know the CTA's deadlines and enforcement have shifted with litigation — so always check current FinCEN guidance before relying on a specific date.

Now the core analyst skill: unwrapping. Ownership is often indirect, so you multiply the percentages down the chain. Say Maria owns sixty percent of HoldCo, and HoldCo owns fifty percent of your customer.

Maria's indirect stake is sixty percent of fifty, which is thirty percent — above the threshold, so Maria is a beneficial owner. You keep looking through each layer — holding companies, partnerships, trusts — until you reach natural persons. You stop only at a human being, or at a recognized exemption such as a publicly traded company or a regulated financial institution.

If the chain dead-ends in another opaque shell in a secrecy jurisdiction, that's not an answer — that's a red flag.

Some structures are legitimate; many are not. A shell company with no real operations isn't illegal by itself, but combined with other signals it's a concern. Watch for nominee directors or shareholders — people paid to appear on paper while a hidden party controls the entity.

Watch for layers that serve no commercial purpose, especially chains routed through known secrecy jurisdictions. Watch for ownership that simply refuses to resolve to a real human, and for bearer shares, where ownership belongs to whoever physically holds the certificate. FATF Recommendation 22 pushes the whole system toward transparency of beneficial ownership precisely because these tricks are how dirty money moves.

When the structure fights you, escalate to enhanced due diligence. A practical tip: when a structure resists resolution, slow down rather than speed up — the friction itself is information worth documenting.

Let's recap. FinCEN's CDD Rule requires you to identify beneficial owners through a twenty-five percent ownership prong and a control prong. The Corporate Transparency Act adds a separate, company-facing reporting regime feeding FinCEN's beneficial ownership registry.

You unwrap layered structures by multiplying ownership down the chain until you reach real people, staying alert to shells, nominees, and bearer shares. Now that you know who the people are, the next step is checking them against the lists that matter most: sanctions and politically exposed persons. Test yourself on beneficial ownership, then meet me in lecture four.