Congress Just Made It Easier for You to Get Scammed 

I hope you like jail food. Because if you own a small business or you have your assets protected by a trust, you might be eating a lot of it next year. But I wouldn’t expect you to know this. Unless you have the habit of visiting US Government websites like congress.gov, or the press release site for the US Department of the Treasury. 

OK. I’m abusing my hyperbole permissions … a little. Truth is that most people still haven’t heard of the “Beneficial Ownership Information Reporting Rule and Beneficial Ownership Information Access and Safeguards Rule” (BOI). These are new rules imposed by the Financial Crimes and Enforcement Network (FINCEN). You see, as it turns out, Congress “exceed[ed] the Constitution’s limits on [their] power” (AGAIN). Those aren’t my words by the way. That’s a direct quote from the FINCEN website.  

The rule we are now required to comply with (or suffer the consequences) is in connection with the Corporate Transparency Act. According to the US Government, “Corrupt actors frequently use opaque legal structures—such as shell companies—to hide and launder the proceeds of their crimes. In the U.S. anti-money laundering (AML) regime, the lack of timely access to adequate, accurate, and current beneficial ownership information has been identified as a gap.” And as you may have now guessed, you and I get to bridge that gap. They even kindly helped us by making it a felony if you fail to do your part. 

You might be thinking, there you go again Tom, making your baseless accusations. But I’m just the reporter here. On the fincen.gov site, they provided a synopsis of a recent court ruling in Alabama that the US Congress exceeded their constitutional limits with this one.  

“On March 1, 2024, in the case of National Small Business United v. Yellen, No. 5:22-cv-01448 (N.D. Ala.), a federal district court in the Northern District of Alabama, Northeastern Division, entered a final declaratory judgment, concluding that the Corporate Transparency Act exceeds the Constitution’s limits on Congress’s power and enjoining the Department of the Treasury and FinCEN from enforcing the Corporate Transparency Act against the plaintiffs.” 

The plaintiffs in this case are members of the National Small Business Association (NCBA). As a result of the court ruling, FINCEN will not require the members of the NCBA to file the BOI. The rest of us do. So, my question is, if it is unconstitutional for them, isn’t it also unconstitutional for the rest of us? In the suit, the plaintiffs allege that “the CTA’s disclosure requirements exceed Congress’s authority under Article I of the Constitution and violate the First, Fourth, Fifth, Ninth, and Tenth Amendments” (corpgov.law.harvard.edu). 

Additionally, according to law.harvard.edu, “the court determined that the CTA is not authorized under Congress’s taxing powers because, although the collection of beneficial ownership information under the CTA can help the IRS with tax collection, simply being useful to tax collection is not sufficient to invoke tax powers.” There it is. This is really nothing more than an easier way for the IRS to decide who to audit. For auditing must be efficient. Oh, and by the way, banks are already required to provide your businesses information to FINCEN making this redundant.  

There are many reasons a small business owner (including trustees of trusts) should be concerned. But from an information security perspective, this will be another federal government mismanaged database containing vital Personally Identifiable Information (PII) which when it is stolen (and it will be for sure), the threat actors will have you name, address, birthdate, driver’s license number, and the s-corp, LLC, or trust for which you are the owner. The consequences are dire enough that you need to have your attorney help you report. If you do it wrong, you will face fines of $500 per day and up to 2 years in jail. Congratulations. Another tax you never agreed to.  

On the surface, having this information in the hands of a terrorist might not seem like a big deal to you. But think about it like this, if a threat can derive monetary value for your company, they use it to decide whether to target you for data theft. Then they use the information they steal from you to target you and your customers with scams. In the old days, the proportion of bad people who had physical access to you was incredibly small, so your world was pretty safe. The internet has created an artificially high concentration of the worst people on the planet with immediate access to you.  

The United States is a representative Republic. We are the governing body. The three branches of government answer to us. But if we don’t push back, they don’t feel that.