In our last post discussing the new regulations issued under the Corporate Transparency Act (“CTA”), we suggested that “time will tell whether industry groups will launch lawsuits challenging the Final Rule.” That time has apparently come: on November 15, 2022, the National Small Business Association (“NSBA”) filed a complaint (“Complaint”) challenging the reporting requirements set forth in the CTA and the accompanying regulations issued by the Financial Crimes Enforcement Network (“FinCEN”).
The Complaint names Treasury Secretary Janet Yellen, the U.S. Treasury Department, and FinCEN Acting Director Himamauli Das as defendants.
This post describes the allegations made in the Complaint and offers some commentary on its merits. Spoiler: while the Complaint’s allegations that the CTA will impose significant burdens on reporting entities are well-taken, its constitutional claims largely face an uphill battle. Rather than attacking the potential, narrow legal grounds suggested in our last blog post – did the CTA really authorize FinCEN to require covered businesses to report as a beneficial owner more than just one person with “substantial authority” – the NSBA instead has launched a constitutional broad side.
First, it is worth noting how the Complaint frames itself. It alleges that the CTA’s reporting requirements will “supplant” – rather than supplement – the existing obligation of financial institutions to gather beneficial ownership information under the Customer Due Diligence Rule. The Complaint asserts that the CTA’s centralized database – the subject of forthcoming proposed regulations by FinCEN – “will likely reduce the role of financial institutions” in combatting money laundering and other financial crimes. Thus, according to the Complaint, reporting requirements should “follow the money” rather than create an expansive database of identifying information.
The Complaint is not subtle: “The CTA is nothing more than a first salvo in a campaign to transfer responsibility from the very institutions (i.e., big banks, financial institutions, and escrow agents [editor’s note: escrow agents are not actually covered by the Bank Secrecy Act], which are exempted from the CTA’s coverage) that process the targeted illicit transactions to law-abiding, small business owners. It is the quitessential example of the government prioritizing Wall Street to the detriment of Main Street.”
Presumably, the government will respond in part that the entire purpose of the CTA’s reporting requirements is to enable FinCEN and other regulatory and law enforcement authorities to better follow the money. Similarly, the government presumably will respond that the CTA – applicable to businesses – and the CDD Rule – applicable to certain financial institutions, who serve those same businesses covered by the CTA – complement each other. Applying the NSBA’s own logic, it is unclear how the NSBA’s arguments apply to its members but would not apply as well to the private financial institutions which the Complaint says should solely undertake AML burdens. The Complaint also does not explain how requiring certain companies to report their beneficial owners to the federal government remotely compares to the very onerous obligations imposed upon financial institutions under the BSA to identify their customers, monitor their transactions, and file reports such as SARs on their transactions.
Also unclear is the NSBA’s strategy behind the timing of its litigation. The Complaint makes clear that the NSBA is deeply concerned about the substantial burdens and complexities that the CTA will impose upon its members and other small businesses. However, the source of those burdens appears to be the statutory language itself, not its recently-implemented regulations. Accordingly, the Complaint does not seek a re-do of the regulations issued by FinCEN; it seeks a judgment rendering the statute unconstitutional. As discussed below, that may be a heavy lift.
The Complaint’s Claims
Seeking to enjoin the government from enforcing the CTA’s reporting requirements, set to begin in 2024, the Complaint alleges that the CTA allegedly violates six constitutional principles:
- It infringes on the power to form and govern entities under state law.
- It does not regulate commercial activity, because its obligations set in as soon as a covered entity is created under state law.
- It exceeds Congress’s authority to regulate interstate commerce under Article I, Section 8, clause 3.
- It violates the First Amendment by compelling individuals to identify themselves, without a justifiable basis, to the federal government.
- It violates the Fourth, Fifth, and Ninth Amendments by requiring individuals to disclose sensitive personal information for a law enforcement purpose.
- Its definitions for “applicant” and “beneficial owner” are unconstitutionally vague and fail to provide sufficient notice to those that are subject to its requirements.
Based on these principles, the Complaint lodges four claims: (1) unconstitutional usurpation of the states’ power to regulate entity formation; (2) unconstitutional invasion of privacy and unreasonable search and seizure; (3) compelled speech contrary to the First Amendment; and (4) unconstitutional violation of due process.
The following discussion is by no means an exhaustive legal analysis of each of these claims. Rather, it merely offers some preliminary reasons to believe that the lawsuit faces an uphill battle.
Count One: Raising Federalism Concerns
The Complaint alleges that the CTA exceeds the regulatory power vested in Congress because “Congress has no regulatory interest or constitutional authority over corporate formation because a reporting company has not yet engaged in any foreign, interstate, or Indian commerce at the moment of its inception.” In other words, a reporting company is not involved in commerce simply because it exists. According to the Complaint’s logic, the CTA only could lawfully apply to entities if, and only if, they engage in commercial activity. We will see how this theory survives longstanding jurisprudence extending broad powers to Congress to regulate interstate commerce and activities that have a substantial relation to interstate commerce.
Count Two: Fourth Amendment Concerns
The Complaint also argues that the CTA’s requirement for individuals to divulge sensitive personal information, including dates of birth and personal identification numbers, intrudes on privacy rights protected by the Fourth Amendment. It is not clear from the Complaint how reporting entities which wish to incorporate have a reasonable expectation of privacy over such information. Moreover, the NSBA noted in its comment letter on the proposed rule that identical or similar identifying information is already supplied to the Internal Revenue Service (and, indeed, supplied to financial institutions under the existing CDD rule).
Count Three: Compelled Speech
According to the Complaint, the CTA compels reporting entities “to engage in protected speech despite the availability of less onerous alternative methods to achieve the stated goals of the CTA.” For example, “a local all-women’s social club formed to discuss current health, reproduction rights, and sexual orientation issues in a confidential group setting” would be forced to report the group’s beneficial owners, despite an interest in keeping those identities private. The Complaint raises the specter that foreign governments may request, and receive, sensitive identifying information under the disclosure provisions of the CTA.
On the other side of those privacy interests, however, the Supreme Court has been reticent to apply any heightened scrutiny to commercial and professional speech that calls for only “purely factual” or “uncontroversial information.” See Nat’l Inst. of Family and Life Advocates v. Becerra, No. 16-1140, slip op. at 8 (U.S. June 2018). We will be interested to see how the courts characterize the “speech” compelled by the CTA’s basic reporting requirements.
Count Four: Due Process
Finally, the Complaint alleges that the CTA’s vague definitions of “beneficial owner,” “understanding,” “relationship,” substantial control,” and “applicant” render the law “so vague and complex that Plaintiffs, members of the NSBA, or other ordinary small business or non-business entities cannot reasonably comply with [its] requirements.”
The main target of this attack will likely be the term “beneficial owner,” which FinCEN has interpreted in part to include those with “substantial control” over the reporting company. In turn, those with “substantial control” are determined by the following indicia: (1) service as a senior officer of a reporting company; (2) authority over the appointment or removal of any senior officer or majority of the board of directors (or similar body) of a reporting company; and (3) direction, determination, or decision of, or substantial influence over important matters of a reporting company. Critically, “substantial control” also applies to an individual exercising “any other form of substantial control over the reporting company.”
The upshot here is whether these somewhat unsatisfactory and circular definitions give sufficiently fair notice to reporting entities of the categories of beneficial owners they are required to disclose to FinCEN. Again, this will be a high hurdle. Generally, unconstitutional vagueness occurs when a statute “specifies no standard of conduct at all.” United States v. Bronstein, 849 F.3d 1101, 1107 (D.C. Cir. 2017). As we have blogged, FinCEN’s regulation regarding who exercises “substantial control” is both broad and potentially vague. Nonetheless, as complicated and burdensome as the CTA may, a judicial holding that the CTA is unconstitutionally vague will be difficult to obtain.