In 2021, Congress enacted the Corporate Transparency Act (the “CTA”) to “better enable critical national security, intelligence, and law enforcement efforts to counter money laundering, the financing of terrorism, and other illicit activity.”[1] The CTA, which became effective January 1, 2024,[2] is described, in detail, in a series of Proskauer alerts compiled by Proskauer’s CTA Task Force. The CTA will create a national registry of the “beneficial owners” and “company applicants”[3] of millions[4] of entities across the country. A reporting company must disclose certain information about its beneficial owners and (for entities formed in 2024 and later) company applicants, including: (i) legal name; (ii) date of birth; (iii) residential address (or business address for certain company applicants); (iv) unique identifying number from a non-expired government-issued identification document; and (v) an image of such identification document.[5] In addition, states are following the Federal government’s lead and have adopted similar regulatory regimes; last month, for example, New York enacted the LLC Transparency Act, which comes into effect in December 2024.
The CTA poses a unique compliance burden for large enterprises in the health care delivery sector. These entities ordinarily enter into a number of complex contractual arrangements with physician practices and facilities where ultimate “control” of the entity is bifurcated at best (e.g., clinical vs. non-clinical control) or otherwise ambiguous at worst. Health systems, practice management companies (MSOs/DSOs), and national telehealth companies may each be party to dozens of complex joint ventures and management agreements (“MSAs”) with nominee-owned physician practices (“Friendly PCs”) in states that adhere to the corporate practice of medicine doctrine (“CPOM”).
A Roadmap For Friendly PC Reporting Requirements
Pertinent questions for entities who have entered into MSAs with Friendly PCs include:
- If you have relied upon an exemption to reporting under the CTA, such as the “large operating company” or “tax exempt entity” exemption, can your Friendly PCs also rely upon such exemption as your “subsidiaries”?
- If not, can your Friendly PCs rely upon an exemption, individually, like the “large operating company” exemption?
- If your Friendly PCs are ultimately required to report, who are the beneficial owners of your Friendly PC?
The questions above are fact-sensitive and depend on the MSAs and related agreements that were entered into with each Friendly PC.
Reporting Exemptions for Health Care Industry Stakeholders
The reporting rule lists 23 types of entities that are not required to file beneficial ownership information reports. Below, we discuss a number of important exemptions for health care entities:
- Non-Profit Exemption. If a healthcare entity meets the description of Internal Revenue Code (IRC) § 501(c) and is exempt from tax by IRC § 501(a), the entity is exempt from the reporting requirements of the CTA.[6] Tax-exempt hospital systems or service providers that meet the foregoing requirements would be exempt from CTA reporting requirements.
- Large Operating Company Exemption. As described in greater detail in this Proskauer post, any entity that (i) employs more than 20 full-time employees in the U.S. as determined under U.S. federal tax rules, (ii) in the previous year, filed U.S. federal income tax returns demonstrating more than $5,000,000 in gross receipts or sales (net of returns and allowances) in the aggregate (consolidated, if applicable), excluding gross receipts or sales from sources outside the U.S., and (iii) has an operating presence at a physical office within the U.S., and is exempt from the reporting rule as a large operating company.[7] Only full-time, W-2 employees of the entity itself qualify, and “FinCEN expects that companies will regularly evaluate whether they qualify (or no longer qualify) for the exemption.”[8] However, for an entity in an affiliated group (as defined by 26 U.S.C. § 1504(a)), the amount filed on a tax or information return shall be that of the consolidated return for the group. In addition to for-profit health systems and MSO/DSOs that meet the foregoing requirements, Friendly PCs with substantial operations may individually meet the requirements of a “large operating company,” and would, therefore, be exempt from the reporting rule.
- Subsidiary of Exempt Entity Exemption. Any entity whose “ownership interests are controlled or wholly owned, directly or indirectly,” by one or more eligible exempt entities is itself exempt from the reporting rule.[9] Whether a Friendly PC qualifies as an exempt “subsidiary” will depend upon whether the MSO/DSO with whom the Friendly PC contracts is deemed to directly or indirectly entirely control the ownership interests of the Friendly PC. Neither the CTA, nor the Reporting Rule, nor FinCEN’s commentary in the Federal Register provide a clear definition of “control” for purposes of the exempt entity exemption.[10] However, as noted in this Proskauer post, FinCEN recently updated its guidance to clarify that, in order to qualify for the subsidiary exemption, the subsidiary entity’s ownership interests must be entirely (fully, 100%) owned or controlled by one or more eligible exempt entities. As such, the analysis regarding the meaning of control is fact-sensitive, but the question of whether partial control over some but not all ownership interests could satisfy the test has been clearly answered by FinCEN (and the answer is no; only entire control will satisfy the test). For example, an MSO may potentially be deemed to entirely control the ownership interests of the Friendly PC if the MSO and the Friendly PC have entered into a succession planning agreement that may vest the MSO with the discretionary authority to name successor equity holders. The analysis is fact-sensitive, varies depending upon the agreements in place, and limited guidance has been issued by FinCEN to date on the matter.
- Inactive Entity Exemption. There is also an exemption available for “inactive entities” that: (i) existed on or before January 1, 2020; (ii) are not engaged in active business; (iii) are not owned by a foreign individual; (iv) have not been involved in a change of ownership within the last year; (v) have not sent or received money in an amount greater than $1,000 in the last year; and (vi) do not otherwise have any assets in the U.S. or abroad.[11] Entities in the health care sector that engage in no business activities, but have not otherwise had their legal existence canceled or terminated under applicable state law, may fall within this exception.
Who are the “Beneficial Owners of a Friendly PC”?
A beneficial owner includes any individual who directly or indirectly: (i) exercises substantial control over a company, or (ii) owns or controls at least 25% of the ownership interests of a company. An individual is deemed to have “substantial control” over a reporting company if the individual, in part:
- serves as a “senior officer” of the reporting company;
- has authority over the appointment or removal of any senior officer or a majority of the board of directors (or similar body);
- directs, determines, or has substantial influence over certain important decisions made by the reporting company; or
- has any other form of substantial control over the reporting company.[12]
An individual may “directly or indirectly” exercise substantial control through any contract or relationship, including: (i) “rights associated with any financing arrangement”; (ii) “control over one or more intermediary entities that separately or collectively exercise substantial control over a reporting company”; or (iii) “arrangements or financial or business relationships, whether formal or informal, with other individuals or entities acting as nominees.”[13]
In a customary Friendly PC relationship, individuals who trigger the reporting obligations would generally include (i) clinicians with a 25% or greater equity stake in the Friendly PC, (ii) senior officers of the Friendly PC, and (iii) potentially, MSO employees with substantial influence over decisions made by the Friendly PC, depending upon the terms of the MSA between the Friendly PC and MSO.
Can health care regulators access beneficial ownership information reported to FinCEN?
Federal law enforcement agencies (and state law enforcement agencies with court authorization) may request access to information reported under the CTA. FinCEN may share reported information with federal agencies “involved in law enforcement activity, for use in furtherance of such activity.”[14] Law enforcement activity “includes both criminal and civil investigations and actions, such as actions to impose civil penalties, civil forfeiture actions, and civil enforcement through administrative proceedings.”[15]
Similarly, FinCEN may share reported information with “a State, local, or Tribal law enforcement agency” that is authorized by law to engage in the investigation or enforcement of civil or criminal violations of law, but only if a court of competent jurisdiction has authorized the agency to seek such information.[16]
As such, agencies pursuing regulatory enforcement actions under a wide variety of civil and criminal health care laws may access and leverage reported information, even where such agencies may not otherwise have had independent statutory authorization or regulatory authority to collect, through other means (e.g., provider enrollment applications, regulatory filings, etc.), the broad types of beneficial ownership information reportable under the CTA.
What are the penalties for non-compliance?
Penalties for violating the reporting rule can be substantial. Non-compliance with the reporting rule can result in civil penalties of up to $500 per day, and criminal penalties can also be imposed, including fines of up to $10,000 or imprisonment for up to two years.[17]
Proskauer’s CTA Task Force and health care group will continue to monitor for developments related to the CTA and any applicable FinCEN guidance. The CTA must be analyzed on a case-by-case basis, and health care industry stakeholders should seek guidance from counsel to ensure compliance with the reporting obligations.
[1] See CTA § 6402(5)(D) (setting forth the “sense of Congress” for enacting the legislation, and codified as a statutory note to 31 USC § 5336). The CTA was enacted as part of Division F, Title LXIV, of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, Public Law 116–283 (Jan. 1, 2021) (the “NDAA”). Division F of the NDAA contains the Anti-Money Laundering Act of 2020, which includes the CTA.
[2] Entities that trigger the reporting obligation have a limited amount of time to file their initial BOI. For example, entities formed before the effective date have until January 1, 2025 to file. 31 CFR § 1010.380(a). Entities formed in 2024 have 90 days to file.
[3] Beneficial owners and company applicants include, for example those individuals who own, control, or form an entity, as described herein. Company applicants include (i) the individual who directly files the document that forms the company, and (ii) the individual who is primarily responsible for directing or controlling the filing of the relevant document. See 31 CFR § 1010.380.
[4] FinCEN, the regulator tasked with the CTA’s implementation, estimates “that there will be approximately 32 million reporting companies in Year 1 of the reporting requirement and approximately 5 million new reporting companies each year thereafter.” See 87 Fed. Reg. 77,408 (Dec. 16, 2022) (available at: https://www.federalregister.gov/d/2022-27031). Some believe FinCEN’s figures significantly underestimate the number of reporting companies.
[5] See 31 CFR § 1010.380(b)(ii).
[6] 31 CFR § 1010.380(c)(2)(xix).
[7] 31 CFR § 1010.380(c)(2)(xxi).
[8] 87 Fed. Reg. 59,543 (Sept. 30, 2022).
[9] 31 CFR § 1010.380(c)(2)(xxii).
[10] See, e.g., 31 USC § 5336;31 CFR § 1010.380; 87 Fed. Reg. 59,498 (Sept. 30, 2022).
[11] 31 CFR § 1010.380(c)(2)(xxiii).
[12] See 31 CFR § 1010.380(d)(1)(i).
[13] See 31 CFR § 1010.380(d)(1)(ii).
[14] See 31 USC § 5336(c)(2)(B)(i)(I); 31 CFR § 1010.955(b)(1) (eff. Feb. 20, 2024); 88 Fed. Reg. 88,732 (Dec. 22, 2023).
[15] See also Fact Sheet: FinCEN, Beneficial Ownership Information Access and Safeguards Final Rule (Dec. 21, 2023), available here. See also 31 CFR § 1010.955(b)(1)(iii) (eff. Feb. 20, 2024).
[16] See 31 USC § 5336(c)(2)(B)(i)(II); 31 CFR § 1010.955(b)(2) (eff. Feb. 20, 2024); 88 Fed. Reg. 88,732 (Dec. 22, 2023).
[17] See 31 USC § 5336(h)(3)(A) (setting forth that “any person that violates… [the reporting obligations] (i) shall be liable to the United States for a civil penalty of not more than $500 for each day that the violation continues or has not been remedied; and (ii) may be fined not more than $10,000, imprisoned for not more than 2 years, or both”).