On May 29, 1453 the walls of Constantinople had stood unbreached for more than a thousand years. Yet on that day, the army of Sultan Mehmed II was able to force entry into the city through the Gate of St. Romanus. The Byzantine Emperor Constantine XI Palaeologus was killed and the city became Mehmed's new capital. The moral of the story is that even the most impregnable defenses can be breached.
When the Financial Crimes Enforcement Network (aka the FinCEN) adopted its final rules implementing Section 6403 of the Corporate Transparency Act (aka the CTA), it estimated that 32.6 million business entities would exist on January 1, 2024 and be required to provide beneficial ownership information. FinCEN estimated that there would be an additional 5 million reporting entities formed each year. Under the rules, a reporting company must provide FinCEN with the following information about individual beneficial owners and company applicants:
Until now, the United States has not had a centralized or complete store of information about who owns and operates legal entities within the United States. The FinCEN has asserted that this information will "impede illicit actors' ability to use legal entities to conceal proceeds from criminal acts that undermine U.S. national security and foreign policy interests, such as corruption, human smuggling, drug and arms trafficking, and terrorist financing". However, the CTA is creating a treasure trove of personal information that will become an irresistible target criminal and foreign state hackers. One hopes that the FinCEN is implementing the highest level of security possible to protect this information. Yet history has shown that even walls that stood for a millennium have been eventually breached.
Even if the FinCEN's security wall is impregnable, the reporting companies and the service companies that they use are likely to have less robust security.