What is an Ultimate Beneficial Owner (UBO)?

Compliance requirements are continuously evolving, with new anti-money laundering acts being passed every year. The onus is on businesses of all sizes to keep pace with the ever changing regulatory landscape.

One term that originates from the Securities Act of 1933 is “Ultimate Beneficial Owner” (UBO). This term has taken on an increasingly important role in the fight against terrorism and money laundering.

UBO refers to the person or entity ultimately benefiting from the business relationship. When an individual opens a bank account for example, the Bank is duty bound to check if the person opening the account is also the one using it. Know Your Customer (KYC) procedures and sanction screenings help to ensure that the UBO can be identified and customer due diligence completed. In addition to UBO, there is something referred to as the Ultimate Parent Company (UPC) which is also subject to screening.

The reason why UBO has grown in importance is because malicious actors, like terrorists, narcotics dealers and others increasingly try to obfuscate their identity through the use of legal entities and even other individuals.

In the case of legal entities, the Ultimate Beneficial Owner:

1. Holds at least 25% of the entity’s capital OR
2. Holds at least 25% of entity’s voting rights at the AGM of stakeholders OR
3. Is the beneficiary of at least 25% of the entity’s capital

Is UBO screening mandatory?

Yes, UBO screening is mandatory for organizations as described in the Money Laundering and Terrorist Financing Act. Organizations such as banks, estate agents, investment institutions, casinos, solicitors, notaries, accountants, currency exchange offices, auditors, lease companies and insurers all most incorporate UBO screening. A detailed list of all professions and organizations who must abide by this law are laid out in Section 1 of the Act.

What does UBO screening entail?

The first step of UBO screening is for an organization to find the identity of their potential client. Verification is usually done with a government issued document such as a passport. If the identity of a company needs to be verified, then Articles of Association will be checked. The purpose of this identity verification is to make sure that those involved are not a part of money laundering or terrorist financing schemes.

The next step is to perform a compliance check. Essentially this involves estimating the risk of the UBO. This might include checking to see if the UBO is on politically exposed person (PEP) lists, sanction lists, freeze lists or is under investigation. Negative publicity should also be taken into account.

The third step is to prepare a risk estimate. An organization must use objective indicators to place their clients into different risk categories that range from low to high. The nature and scale of the client screening may be adjusted based on this risk assessment. Essentially, is a client is lower risk, less effort is needed to reduce potential risk. For low risk clients, simplified screening suffices. For mid to high risk clients, stricter screening is needed.

The final step is for identification data to be filed. Organizations need to file and update their data for a minimum of five years. Information also needs to filed efficiently and consistently in order to keep data up to date.

What are the penalties for non-compliance?

The rules surrounding UBOs are complex and strict. Both announced and unannounced inspections are common, so most organizations have chosen to at least partially automate their UBO process. The penalties for non-compliance can be as high as $1.5 million, not to mention the various sanctions that can also be imposed.

Reporting suspicious transactions

In order to counter terrorist financing and money laundering, the Financial Action Task Force (FATF) was founded in 1989. This international organization is composed of 37 member countries and make recommendations and evaluates member states. Different member states handle reporting differently, but have similarities.

Most member countries report transactions by filing a suspicious activity report (SAR) or suspicious transaction report (STR). These reports are then sent to a designated authoritative body within the member country. In the US, SARs are sent to the Financial Crimes Enforcement Network (FinCEN) which is an agency of the United States Treasury.

The qualifications for filing a SAR vary, but can include the following:

• Sudden change in the pattern of financial transactions.
• Unusual involvement of a third party, especially if they are paying on behalf of the customer
• Financial transactions involving UBOs who have a registered office in a tax haven or in a country where there is a high level of corruption
• A large and irregular cash transaction or currency conversion
• Having difficulty verifying a potential new customers identity and/or being provided with fake documents
• A customer can’t give an explanation as to where the money has come from
• Money being sent to countries that are currently under financial sanctions

Depending on the laws of the country, a SAR may still need to be filed if a certain type of transaction is happening, even if there are no irregularities. In addition, it is illegal to notify the subject of a SAR that they may potentially be investigated.