Review  the  23  entity  types  (including  SEC-reporting  companies,  insurance  companies,  tax-exempt
            companies  or  subsidiaries  of  exempt  entities)  which  are  exempt  from  the  definition  of  reporting
            companies under the CTA. Consider the ease of access to certain entity data within your state’s database
            (if applicable), and prevalence of personally identifiable information (PII) available on BOs/senior officers
            within the organization.

            Understand the penalties of noncompliance. According to the legislation, failure to comply or the provision
            of false or fraudulent reports may result in civil fines of $500 a day for as long as the reports remain
            inaccurate. Failure to comply may also subject the violators to the criminal penalties of a $10,000 fine or
            2 years in jail.

            Review the intricacies of access and compliance regulations in each state, especially organizations with
            multiple areas of operation. As mentioned above, in New York’s case, BO information may be accessible
            through means that are not applicable in other regions of the United States.

            Don’t wait; seriously consider getting ahead of the process and compiling reporting information now.
            Update internal policies to streamline report information gathering and create a system to continuously
            track and update upcoming changes to reporting information.

            Consult with legal counsel on the upcoming changes, privacy consultants, and PII removal services to
            further mitigate risks posed by the availability of personal data on the open web.



            Takeaways from the CTA

            While the Corporate Transparency Act takes a significant step toward greater financial transparency and
            accountability, it doesn’t come without trade-offs. As we continue to grapple with the complexities of
            privacy  in  an  increasingly  interconnected  world,  the  act  serves  as  a  timely  reminder  of  the  delicate
            equilibrium that must be maintained between transparency and privacy.





            About the Author

            Tom Aldrich, VP Private Clients, 360 Privacy: Tom joined 360 Privacy as a
            Partner after having worked at Goldman Sachs as a private wealth advisor. He
            came to Goldman from the US Army, where he served as a Green Beret and
            functioned as both a communications and intelligence subject matter expert.
            He deployed overseas four times, where he was responsible for tactical and
            strategic  targeting,  intelligence,  and  digital  exploitation.  Tom  is  a  Certified
            Ethical Hacker and obtained his CIPP/US Certification from the International
            Association of Privacy Professionals.








            Cyber Defense eMagazine – October 2023 Edition                                                                                                                                                                                                          42
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.