Concern Over New Rules Requiring Disclosure of Personal Information

New 2018 KYC Requirements Add Challenges to Opening Accounts Needed to Close M&A Deals

Closing most M&A transactions requires deal parties to open one or more accounts for purposes such as establishing escrows or effecting payments. This is often frustrating because financial institutions are required to collect information in order to open the accounts, some of which can be sensitive or burdensome to gather. With new regulations, compliance with those rules has become even harder. Merger parties should plan ahead and anticipate such information requests to avoid delays or frustrations as they near their closing.

These rules stem from a desire of governments and their central banks to safeguard the financial system against illicit use and to promote financial transparency. In order to effect this, governments require financial institutions to implement anti-money laundering safeguards and conduct sufficient due diligence to “know your customer” (KYC). In the United States, the Financial Crimes Enforcement Network (FinCEN), an agency of the U.S. Department of the Treasury, is charged with enforcing the requirements under the Bank Secrecy Act.

Prior regulations only required due diligence on the actual account holder, which in many cases was a legal entity rather than a natural person. This, however, could potentially enable bad actors to access the financial system anonymously through the use of a myriad of legal entities. To eliminate this risk, effective May 11, 2018, FinCEN will require covered financial institutions, including Acquiom Financial and our partners, to adopt enhanced customer due diligence procedures when opening new accounts. Although the regulations are not effective until May, many financial institutions implemented the new requirements as of January 1, 2018.

Key among these new procedures is a requirement that the financial institution know the direct customer and gather information about the person opening the account and some or all of the owners and managers of the legal entity. While the financial institution has flexibility in how it collects required information, it must do so before opening any new accounts.

Specific required information includes the name and title of the individual opening the account on behalf of the legal entity. In addition, the financial institution must collect information for each individual who directly or indirectly owns 25% or more of the legal entity. If no individual owns that large a portion of the legal entity, no information needs to be provided. For those individuals who do directly or indirectly own 25% or more of the legal entity, the financial institution is required to collect the name, birthdate, address, and social security number of U.S. persons. If the individual is not a U.S. person, then a passport number is required instead of a social security number.

In addition to beneficial owners, financial institutions are required to collect the same information on one or more individuals who exercise significant responsibility for managing the entity. These are typically the signers on the account, but could also be any officer of the entity. Note that while this sounds like a new requirement, financial institutions have always collected information on account signers as part of their KYC process.

These new rules are no fun for anyone involved. They create more work and risk for the financial institutions and add burdens to buyers and sellers who are already scrambling to get a deal done. Several of the parties we work with have tried to push back on providing this level of personal information, especially when it pertains to senior partners or officers of funds or companies. Unfortunately, the new requirements are upon us and financial institutions have no discretion to avoid them. It is therefore critical that merger parties and their advisors anticipate these needs early in the process to allow needed accounts to be opened as efficiently as possible.

Here are a few tips that might be helpful when engaging an escrow and/or paying agent on your next transaction:

1. A “controlling person” does not need to be a top executive/founder/partner. The definition of “controlling person” in the applicable regulations is any individual who exercises significant responsibility for the entity. The persons named as authorized signers on the merger agreement may meet this criterion. More generally, this could be a CEO, CFO, COO, managing member, or general partner, but can also be someone at the VP or treasurer level or other individual who performs a similar function. An authorized signer on the escrow account typically meets the requirement.
2. There will always need to be at least one controlling person. This person can also be the person certifying the information and a signer on the account.
3. The number of beneficial owners could be none if no individuals meet the minimum threshold for disclosure. Since SRS Acquiom’s business is focused on M&A, we have the flexibility to use the minimum regulatory threshold of 25% in most instances. Traditional bank paying agents with other lines of business that can entail higher risks often impose a more conservative 10% threshold across the board, including their M&A business, even if not justified from a risk perspective.
4. If the buyer entity has foreign owners (directly or indirectly), especially if those foreign owners control 25% or more of the equity, it can be anticipated that there will be additional KYC requests—and that this will add time to the process. Examples of additional document requests may include historical financial statements, formation documents, ownership structure (e.g., organizational chart), certificate of good standing, and names/titles of principal business officers.
5. There are several types of entities that may be exempt from providing much of this information. The most common examples are SEC-registered entities (investment advisors or investment companies) and public companies that are traded on NYSE or NASDAQ.