For years shell companies have been at the heart of both legitimate business activity and money laundering schemes. The Financial Crimes Enforcement Network (FinCEN) defines shell companies as “non-publicly traded corporations, limited liability companies (LLCs), and trusts that typically have no physical presence (other than a mailing address) and generate little to no independent economic value.” Leaks such as the Panama Papers, the Paradise Papers and the more recent FinCEN Files have captured the public imagination and brought to the fore the central role these types of business formations can play in criminal activity.

However, there are also many legitimate and legal reasons for which shell companies are used. They are ubiquitous in merger and acquisition (M&A) processes, holding stock and non-tangible assets for other companies and facilitating cross-border transactions. They are also key in legitimate tax avoidance and shielding market players from legal liability. To this end, many shell companies take the form of limited liability companies (LLCs). The first instance of limited liability in U.S. jurisprudence was an 1831 case in the District of Maine, which reduced personal risk for shippers making investments essential to the transportation of goods in the region. Fast forward to 1977 and Wyoming created the first modern LLC and Delaware followed suit with its own laws in 1991. Today LLCs are formed at a rate of 4 to 1 compared to corporations and both Wyoming and Delaware are states infamous for their ease of establishing business entities. Recent estimates put the number of LLCs nationwide in the ballpark of 21 million. Of course, this doesn’t account for the millions abroad and in jurisdictions with more lax regulations nad oversight.  

Given the huge number of companies and the ease with which they can be established, institutions face a risk of being exploited when criminals use these entities to launder money, obscure beneficial ownership and evade sanctions. As we covered recently, the Anti-Money Laundering Act of 2020 will make significant steps in this domain. But, as we also pointed out, this is not bullet-proof.

So what can be done?

Ciaran Doyle at IBM identifies two main ways to mitigate the risk of shell companies: transaction monitoring and network analysis. With respect to the former, financial institutions have procedures and controls to detect suspicious activity in real time. However, not all companies have these capabilities and this may not help in getting a broader picture before it is too late. This is where network analysis comes in. The FFIEC BSA/AML Examination Manual (2014) lists a number of red flags associated with shell companies, such as suspicious addresses, inexplicable business connections and the goods/services in trade records not matching the company’s stated profile.

By drawing on data from many sources, services such as those at Sigma can provide a much clearer picture. This is a key step in the KYC process for any institution hoping to better gauge their risk profile. So as companies continue to navigate dealings with the millions of business entities in the environment, we look towards how to leverage the trillions of bits of data that are out there to make that journey as smooth as possible.