What is Ultimate Beneficial Ownership/Owner (UBO)?

Angela Marrujo Fornaca

Content Writer

Ultimate Beneficial Ownership/Owner is someone who ultimately owns or controls a business or organization, usually defined as having 25% stake and/or voting rights. Due to the influence their roles usually hold, they risk using their power to engage in financial crime – hiding it behind a legitimate company or shell company. As a result, Know Your Customer processes require financial institutions to verify a UBO’s identity as part of a general anti-money laundering mandate.


Know Your Customer (KYC) processes exist to ensure that financial institutions and other businesses aren’t facilitating crime, whether knowingly or unknowingly, by working with criminals or people with ties to criminal organizations. Bad actors often hide behind shell companies or even legitimate businesses to mask the true source of their funds. In particular, individuals known as Ultimate Beneficial Owners or who have Ultimate Beneficial Ownership (UBOs) can pose serious risks to financial institutions and should be reviewed as part of any financial institution’s KYC process.

What is a UBO, who is classified as one, and what risks do they hold?

UBO: The Who, What, and Why

What is a UBO and who qualifies as one?

A UBO is someone who in essence owns or controls a business or organization; while the criteria for what is considered “ultimate” differs from one jurisdiction to the next, most consider individuals with a 25% stake in the company and/or 25% voting rights to be ultimate owners. These are the people who benefit the most from the company’s transactions and business dealings.

Why are UBOs included in KYC investigations?

Businesses and especially financial institutions are legally required to do thorough KYC work to make sure they know who they’re doing business with. This is crucial for supporting global AML efforts. Unfortunately, due to the power and influence inherent in their roles, UBOs are at-risk of abusing their positions or being manipulated into taking part in money laundering and other types of financial crime. This means they can pose significant risks to other businesses they may work with. Some of these risks include:

  • Reputational risk: Financial institutions that don’t thoroughly research the UBOs of their business partners or customers risk unintentionally facilitating financial crime, such as money laundering, trafficking, or terrorism financing. Doing so could seriously impact a financial institution’s future reputation and possibly even open them up to legal action.
  • Compliance violations: KYC is part of a financial institution’s general compliance mandate, which is a set of legal regulatory requirements. Not only do financial institutions have to vet their customers, it’s expected that they do total, comprehensive research into customers – or risk facing significant fines, penalties, or other serious consequences.
  • Operational interruptions: The fallout from doing business with a UBO involved in crime can have a widespread impact on the company at large, including increased regulatory scrutiny that can interrupt day-to-day operations and make doing business more difficult.
  • Facilitating financial crime: Compliance work is designed to identify and put a stop to financial crime before it happens. Any financial institution that doesn’t do its due diligence in researching and vetting customers during the KYC process runs the risk of providing criminals with an outlet for laundering illicit funds.

Have there been any recent changes to UBO reporting requirements? 

Yes! Very recently, in fact! In September of 2022 FinCEN published a final ruling on ultimate beneficial ownership reporting requirements in conjunction with the Corporate Transparency Act (itself part of the Anti-Money Laundering Act of 2020). The rule establishes standard UBO reporting requirements for the majority of private corporations, LLCs, and other similar entities created or registered to do business in the United States.

The final rule provides a broader definition of who is considered a beneficial owner but also provides a number of exemptions. Reporting companies will likely have to provide more information to FinCEN and/or identify more individuals as UBOs. FinCEN will be revising the existing customer due diligence (CDD) rules requiring collection of UBO information to align it more with the CTA.

What does this change? Covered financial institutions aren’t currently required to know the identities of the beneficial owners of their customers. FinCEN considers this a problem for the success of global AML efforts, which they hope to rectify with these updates. This FinCEN final rule takes effect January 1, 2024.

How to Identify and Verify UBOs

Financial institutions face some issues in collecting the information needed to identify UBOs. From a lack of corporate transparency to complex corporate structures, to a lack of standardized documentation and data silos, it can be challenging for a financial institution’s compliance team to identify who an organization’s UBO(s) is/are. This is why it’s crucial to have a strong, foundational KYC process in place, which includes your CDD process and Customer Identification Procedure/Process (CIP). This will help make it easier to work through the speed bumps that identifying UBOs can bring.

It’s also important for compliance professionals to familiarize themselves with the particular jurisdiction that the organization in question operates in, as this will help identify which of the owners and stakeholders qualify as UBOs. As we mentioned earlier, the criteria can be different from one place to the next, so compliance teams should confirm what the thresholds are on a case-by-case basis. This ensures that they’re verifying every potential UBO and that no one falls through the cracks.

Once the UBOs have been pinpointed, their identities must be verified. This means:

  • Confirming they’re not politically exposed people (PEPs)
  • Putting them through CIP to ensure they are who they say they are
  • Doing thorough CDD to determine the level of risk they present, and doing Enhanced Due Diligence (EDD) if it’s determined that they pose a high level of risk 

Wrap Up

It’s important to note that being a UBO is, of course, not a crime, nor does it mean that person is involved in any criminal activity. The power and influence of their positions are, unfortunately, often manipulated or abused, which is why UBOs are considered a money laundering risk. As with any other individual, compliance professionals should make sure they do solid, thorough research on UBOs to protect their financial institution from being used to facilitate financial crime. This involves following the procedures detailed above, as well as regular monitoring. Spotting any red flags down the road will help the organization stay compliant and ready to handle any issues requiring further investigation.

Stay Connected

Subscribe to receive new content from Hummingbird