Operating and conducting your affairs in private is a fundamental human right – even for businesses.the globe and mail/iStockPhoto / Getty Images
Martin Kenney is managing partner of Martin Kenney & Co., an investigative litigation practice based in the British Virgin Islands, specializing in global asset recovery.
Across Europe, countries have been switching off public access to what are known as beneficial ownership registers, in response to a ruling from the continent’s top court, the European Court of Justice (ECJ).
It’s a move that transparency campaigners are decrying, but which, after a 30-year background in battling economic criminals, I believe is a victory for common sense and the right to privacy. Other jurisdictions should take heed of the decision.
Since 2018, a patchwork of systems, which we refer to as ultimate beneficial owner (UBO) registers, have been operating across the European Union. These registers list the names of people who ultimately own a company, and through that, the assets that that company controls. But on Nov. 22, the ECJ ruled that a provision of the EU’s anti-money laundering directive, which requires EU member states to maintain such registers was invalid.
The court concluded that, on balance, these public registers were inconsistent with the right to privacy and were “interfering with the fundamental rights to respect for private life and to the protection of personal data” enshrined in the Charter of Fundamental Rights of the European Union.
And I agree. Operating and conducting your affairs in private is a fundamental human right. Why should the 99.9 per cent of people have their right to privacy impinged because of the actions of a dishonest few?
It only took the Luxembourg authorities a few hours to switch off their beneficial ownership register. The next day, the Netherlands moved to shut access to its registers. Germany, Austria, Belgium, Malta and Ireland soon followed.
Contrary to the absolutist position of some transparency activists, there are important practical reasons not to promote unlimited systems of transparency.
Disclosing data of businesses and other legal entities creates risk, which is partly why it is strictly regulated. For instance, Canada’s privacy law framework is one of the most stringent in the world. The same risks that apply to personal data often also apply to business data. Unfortunately, the business-transparency narrative has distracted from this fact.
Consider, for instance, the “mosaic effect.” The more information available in the public domain, the higher the risk that interested parties can produce, as with a mosaic, a complete profile of identifying information using information available from multiple sources. With this composite profile, bad actors perpetrate identity fraud and phishing attacks. The mosaic effect applies to business data as much as it applies to personal data. In some cases, the risks of business data disclosure are even higher: company directors are disproportionately likely to be victims of identity fraud, for example.
In other cases, the risks of public disclosure are even more sinister. For instance, the ECJ’s ruling answers a claim made by the beneficial owner of a real estate company. Given his frequent business travel to high-risk countries, the open publication of his business data had exposed him and his family to a disproportionate risk of fraud, kidnapping, blackmail and extortion.
Further, unlimited forms of transparency can be counterproductive. Transparency advocates such as Transparency International and Global Witness tend to assume that an unlimited system of corporate transparency will lead to maximum accountability for fraud and corruption. In fact, maximum transparency can have precisely the opposite effect.
Where bad actors are aware that a register will openly publicize their UBO identity, they will almost certainly take evasive action to hide assets or proceeds of crime (often using nominee UBOs to front companies or shifting to less-open jurisdictions).
From my experience as a Canadian lawyer based in the British Virgin Islands and running global asset-recovery cases, a clandestine criminal or civil asset-recovery inquiry into the identity of a UBO is much more effective than a public inquiry.
A verified store of confidential UBO data available (by way of court order ) to law enforcement, regulators and victims of financial crime, is incredibly valuable in the battle against economic criminals. And if that information is not public, it is also relatively more accurate as those behind the company have less reason to be evasive. The unlimited public publication of such information has the opposite effect, often rendering it useless from an investigation perspective.
Here in Canada, the problem of “snow-washing” (or international money laundering via Canadian banks, casinos, real estate and companies), is not going to be solved by unverified UBO data published on a made-in-Canada UBO registry. This is notwithstanding the good intentions of the Canadian government’s announcement in its April, 2021, annual budget to implement such a registry for all corporations in Canada by 2025.
The ECJ’s recent ruling against beneficial ownership registers is a tacit endorsement of this need for controlled transparency. It is also an acknowledgment of the practical importance of business-data privacy. The ruling will support the work of law enforcement, regulators and victims’ rights lawyers in addressing financial crime and will limit the risk inherent in disclosure of sensitive data.