Regulation-imposing Legislation Puts Small Business Owners’ Privacy at Risk
WASHINGTON, D.C. (Nov. 15, 2019) — Forty-eight business groups joined in strong opposition to Title IV of S. 2563, the Improving Laundering Laws and Increasing Comprehensive Information Tracking of Criminal Activity in Shell Holdings Act. The so-called ILLICIT CASH Act would impose duplicative, burdensome regulations on America’s smallest businesses and significantly threaten the personally identifiable information of small business owners.
Not only does the ILLICIT CASH Act attempt to shift a reporting requirement from resource-heavy big banks onto millions of the country’s smallest businesses who are least equipped to handle it, but the legislation also threatens small business owners with oppressive fines and jail time for failure to provide updated and completed paperwork.
According to the letter:
Under this legislation, millions of small businesses would be required to register personally identifiable information with FinCEN, file updated reports within 90 days of any ownership changes, and file additional updated reports within a year of any ownership information changes, such as an expiration of a passport number or a change in address. Failure to comply with these reporting requirements could result in civil penalties of $500 per day up to $10,000, criminal penalties of up to 4 years in prison, or both.
The ILLICIT CASH Act raises significant privacy concerns as the proposed FinCEN “beneficial ownership” database would contain the full legal names, dates of birth, addresses, and unexpired driver’s license numbers or passport numbers of millions of small business owners. Unlike the CDD rule, which requires law enforcement to obtain a subpoena or warrant prior to accessing beneficial ownership information from financial institutions, the ILLICIT CASH Act would make this information accessible upon request “through appropriate protocols” to any local, state, tribal, or federal law enforcement agency or to law enforcement agencies from other countries via requests by U.S. federal agencies.
The ILLICIT CASH Act introduces serious data breach and cybersecurity risks. Under the legislation, FinCEN would maintain a database of small business owners’ personally identifiable information that could be hacked for nefarious reasons. As the 2015 breach of the Office of Personnel Management demonstrated, the federal government is not immune to cyber-attacks and harmful disclosure of information.
An NFIB-led coalition of 38 groups joined forces last month in opposition to the Corporate Transparency Act of 2019, legislation before the United States House of Representatives. The bill passed the House 249-173, threatening small business owners with the possibility of having to shoulder billions of dollars and millions of hours of paperwork at an unprecedented privacy risk.
A recent NFIB study found that, under the Corporate Transparency Act of 2019, small businesses would face $5.7 billion in new regulatory costs and an additional 131.7 million hours of paperwork if the legislation is signed into law.
To read more on NFIB’s efforts to protect small business privacy, visit https://nfib.com/protectprivacy.