Client Alert: Beware of Fake CTA Reporting Requests

The Corporate Transparency Act (CTA), a law intended to enable the Financial Crimes Enforcement Network (FinCEN) to detect shell companies and protect the U.S. financial system from abuse by money launderers, drug traffickers, sanctioned oligarchs, and other criminals, is already being exploited by cyber-scammers to unlawfully obtain sensitive information from business owners.

The CTA was adopted on January 1, 2021. It establishes uniform beneficial ownership information (BOI) reporting requirements for most business entities created or registered to do business in the United States (i.e., “Reporting Companies”). FinCEN, a bureau of the U.S. Department of the Treasury, has published final rules that implement the CTA’s BOI reporting requirements. 

Most notably, Reporting Companies created on or after January 1, 2024, will need to file their initial BOI reports within 30 calendar days [note, however, that a proposal is pending to extend this to 90 days] of the date of its formation or registration to do business in the U.S.  Reporting Companies created or registered before January 1, 2024, are not required to file their initial BOI reports until January 1, 2025.

How the scam works: 

You or your business receive a letter in the mail or by email that looks very official. It claims to come from the “United States Business Regulations Department, Corporate Transparency Act Division, Process and Filing Center.” It may be addressed to your business or to an entity at your address that appears to be a legitimate business, and has a notice ID number. Scammers combine personal information collected from data breaches with official-looking seals and watermarks to make the correspondence seem legitimate. 

The letter informs you that you have “reporting obligations under the Corporate Transparency Act” and that you must report ownership information to the Financial Crimes Enforcement Network. The letter asks you to visit a website or scan a QR code to report your information. 

The letter also indicates that your report must be “filed by” a specific date (e.g., 11/4/2023).

What you need to know to protect you and your business:

  • The “United States Business Regulations Department, Corporate Transparency Act Division, Process and Filing Center” does NOT exist.  It is a completely “made up” or fictitious entity. 
  • Reporting requirements for existing entities do NOT go into effect until January 1, 2025.

What you need to do to protect yourself and your business:

If you receive a letter purporting to be from the “United States Business Regulation Department, Corporate Transparency Act Division”, or a similar sounding entity, you should do the following:

  1. Consider reporting it to the BBB Scam Tracker and disregard it. 
  2. Verify correspondence with government agencies. If you receive a piece of mail or a call that seems suspicious, take a step back and ensure it’s legitimate before taking action. Call the government office directly, using the official phone number, to verify that the communications are real.
  3. As soon as you know you are dealing with a scammer, cease all communication. Stop answering calls, letters, or emails, and block any numbers that have called you about the scam. 
  4. Consider helping the Federal Bureau of Investigation catch scammers by reporting your experience to
  5. Contact your NGE attorney for accurate information about your CTA reporting obligations.

The content above is based on information current at the time of its publication and may not reflect the most recent developments or guidance. Neal Gerber Eisenberg LLP provides this content for general informational purposes only. It does not constitute legal advice, and does not create an attorney-client relationship. You should seek advice from professional advisers with respect to your particular circumstances.