FinCEN Beneficial Ownership: Where the CTA Stands in 2026

# FinCEN Beneficial Ownership: Where the CTA Stands in 2026 IGInfocredit Group January 28, 2026 8 min read After two years of injunctions, carve-outs and a Treasury rewrite, the Corporate Transparency Act now applies a narrower but more enforced beneficial-ownership regime. Here's the practical state of play for in-scope reporting companies and the financial institutions that depend on the data. The **Corporate Transparency Act (CTA)** — enacted in 2021 and operational from 1 January 2024 — has had one of the most turbulent rollouts of any modern US financial-crime statute. Multiple federal injunctions, a March 2025 interim final rule from FinCEN, and ongoing congressional oversight have left many compliance teams uncertain about what they actually need to do today. ## The State of Play Following Treasury's **March 2025 interim final rule**, the practical position is now clearer: - **Domestic reporting companies are exempt.** US-formed entities and US persons no longer need to file Beneficial Ownership Information (BOI) reports. - **Foreign reporting companies remain in scope.** Entities formed under the laws of a foreign country and registered to do business in any US State must report their beneficial owners. - **Financial institutions still rely on BOI.** Banks, broker-dealers and MSBs continue to have access to the BOI database for CDD purposes, subject to customer consent and FinCEN access rules. Why this matters Even with the domestic exemption, the underlying CDD Rule (31 CFR § 1010.230) still requires covered FIs to identify and verify the beneficial owners of legal-entity customers at account opening — independent of CTA reporting status. ## What Financial Institutions Must Still Do ### 1\. Maintain independent BO collection Do not assume the BOI database will give you the answer. The CDD Rule has always required the FI to collect and verify BO information directly from the customer at account opening, with no greater than 25% direct/indirect ownership and one control person. CTA filings are a useful corroboration source — not a substitute. ### 2\. Re-test your nested-entity logic Foreign reporting companies often sit several layers deep inside corporate trees. Combining your in-house KYB data with FinCEN's BOI feed (where access is permitted) materially improves coverage of layered ownership structures used in trade-based money laundering and sanctions evasion. ### 3\. Monitor the legislative pipeline Several bills in Congress propose either expanding the exemption further or restoring domestic reporting. Compliance programmes should be designed for either outcome — with configurable data fields and policy switches rather than hard-coded assumptions. ## The Global Context The US carve-out runs against a global trend. The **EU AMLR** tightens BO definitions and lowers the ownership threshold to 25% with a possibility of 15% in higher-risk sectors. The **UK ECCTA** is now operationalising identity-verified ownership at Companies House. And FATF's 2023 update to **Recommendation 24** made adequate, accurate and up-to-date beneficial ownership data a benchmark for jurisdictional ratings. For multinational compliance teams, the practical takeaway is simple: design your BO framework to the highest applicable standard, then dial down where local rules are narrower. The opposite — designing to the US baseline and patching upward — leaves structural gaps that will surface in your next mutual evaluation cycle. ## Turn compliance into your competitive advantage. See how ComplianceSuite.ai's four pillars can transform your KYC, AML, fraud, and transaction-monitoring workflows. [Book a demo](https://compliancesuite.ai/contact) [More insights](https://compliancesuite.ai/insights) ## We value your privacy We use essential cookies to make ComplianceSuite work. With your consent, we'll also use analytics and marketing cookies to improve the site and measure campaign performance. You can change your choice at any time. Read our [Privacy Policy](https://compliancesuite.ai/privacy) and [Cookie Notice](https://compliancesuite.ai/cookies). CustomiseReject non-essentialAccept all