CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your survey with us: editor@corporatecomplianceinsights.com.
Wolters Kluwer: One-third of small businesses that will need to file BOI reports think they’re not covered by CTA obligations
About one-third of small businesses that are subject to new federal beneficial ownership reporting mistakenly believe they don’t need to file, a Wolters Kluwer survey found. While awareness has come a long way since the professional services software provider began asking business professionals last year about new obligations under the Corporate Transparency Act (CTA), their results suggest millions of businesses could run afoul of FinCEN’s rules if they fail to report.
Some businesses may be waiting out court cases, which have ensnared beneficial ownership reporting rules, which formally went into effect in January, but even organizations that remain unsure about their obligations would be well-advised to file anyway, says George May, vice president of small business for CT Corporation, a Wolters Kluwer business focused on corporate compliance.
“The [plaintiffs] that are group organizations have been telling their members, ‘You probably still need to file because we don’t know if we’re going to win this case,’ and when our clients ask about this stuff, we give them the same advice: You would be better off filing than exposing yourself to the implications of not filing, and it doesn’t cost much and it’s very easy and there’s not a lot of additional information,” May said.
In the company’s most recent survey, 33% of small businesses that meet reporting criteria mistakenly believe the obligations don’t apply to them and another 23% were unsure.
When the organization began conducting surveys about the CTA, it revealed, shockingly, that 75% of respondents whose companies are covered under the new obligation became aware of it by taking the survey itself.
“I don’t think it would be an exaggeration to say we’ve done a lot more PR for the act than the government has for itself,” May said.
“We have a quiz online and we continue to offer this for people to run through and find out if they’re subject to any of the 23 exceptions to this,” he said. “The vast majority of people who take that quiz come to find out that, in all likelihood, they do have to file. And so my advice is just if you don’t want to go through the quiz and it’s an awful lot of questions to answer to get to a determination is to just file the thing.”
Except for those that are exempt thanks to the 23 exceptions May mentioned, companies that were formed before 2024 are required to file their first report by Dec. 31, which could mean an end-of-year crush, May warned.
Survey: Financial systems most likely to be considered in data protection planning
Despite an increased reliance on cloud systems and the deployment of artificial intelligence systems across many organizations, data protection strategies in corporations remain largely relegated to financial systems, according to a KeepIt/Foundry survey, which found that while 70% of financial systems are subject to data protection, only half of e-commerce and HR managements systems are.
The survey of more than 1,000 global employees was conducted by Foundry, which publishes CSO magazine, and sponsored by KeepIt, a cloud backup and recovery platform.
Only 48% of customer relationship management systems and 42% of enterprise resource planning are covered by organizations’ data protection strategy. Just 26% consider collaboration and productivity tools when crafting their data protection strategies.
“Anything related to finance is important, most people will agree,” said Kim Larsen, KeepIt’s chief information security officer. “And it’s an obvious place to start when you map your critical systems and data. The survey shows that financial systems are by far the most incorporated in data protection strategies, and when you look at verticals, financial institutions are also a little more mature than others.”
