FinCEN Eliminates Corporate Transparency Act’s Reporting Obligations for U.S. Persons

FinCEN Eliminates Corporate Transparency Act's Reporting Obligations for U.S. Persons

On March 21, 2025, the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) released an interim final rule (Interim Rule) that broadly eliminates Beneficial Ownership Information (BOI) reporting under the Corporate Transparency Act (CTA) for all U.S. reporting companies and all U.S. beneficial owners of foreign reporting companies. Under the Interim Rule, which FinCEN is implementing immediately, only companies created under foreign law and registered to do business in the U.S. will be required to submit BOI reports (unless otherwise exempt), and only foreign beneficial owners of such nonexempt foreign entities will be reportable.

Based on FinCEN’s estimates supporting the original BOI Rule (Original Rule), exempting all U.S. reporting companies shrinks the compliance universe by 99.8 percent.

How Did We Get Here?

The CTA whiplash, playing out in courts since early December, took a sharp turn by the government over the last month. On February 18, FinCEN restored the reporting obligations under the Original Rule after the last nationwide injunction against the CTA had been lifted at the government’s request. FinCEN gave reporting companies a grace period for compliance that would have ended, for most companies, on March 21.

Then, on February 27, FinCEN announced that it was suspending CTA enforcement pending a formal extension of the compliance deadlines beyond March 21. On March 2, the U.S. Treasury took this a step further, announcing the total suspension of CTA enforcement against U.S. persons and a rulemaking process “that will narrow the scope of the [BOI] rule to foreign reporting companies only.”

The Interim Rule puts this policy change into effect. The primary legal basis for this “narrowing” is a provision of the CTA that provides a regulatory process by which the U.S. Treasury may, subject to several statutory requirements, create additional exemptions from the BOI reporting obligations. In a court filing made after the March 2 announcement, the government elaborated on the policy change by noting the U.S. Treasury “intends to focus on foreign entities that could engage in illicit transactions from abroad.”

Policy Change or a New CTA?

Congress enacted the CTA to combat money laundering, the financing of terrorism, and other serious financial crimes by requiring tens of millions of private companies operating in the U.S. to identify their beneficial owners and disclose to FinCEN personal information about such companies and beneficial owners. FinCEN stores this information in a secure, nonpublic electronic warehouse for law enforcement purposes. Yet, FinCEN pegs the estimated number of reporting companies subject to the Interim Rule at less than 12,000 annually. Supporters of the CTA point to this fact, and findings made by Congress that bad actors conceal their ownership of entities in the U.S. to facilitate illicit transactions, in their criticism of the policy change. We could see judicial scrutiny of the Interim Rule if a plaintiff with legal standing decides to bring a case.

FinCEN is soliciting comments from the public on the Interim Rule, noting it “will assess the exemptions [in the Interim Rule], as appropriate, in light of those comments and intends to issue a final rule this year.” Among other unanswered questions, the Interim Rule does not address how BOI received by FinCEN from U.S. companies and their beneficial owners will be handled – nearly 16 million reports under the Original Rule were submitted to FinCEN prior to March 21.

Expect the CTA Saga to Continue

In addition to potential legal challenges to the Interim Rule, numerous cases challenging the CTA remain on court dockets and will continue to work their way through the legal process. Separately, some state legislatures have shown interest in developing their own versions of the CTA (which could be impacted by the ultimate resolution of the pending cases against the CTA), with New York having adopted the New York LLC Transparency Act (applicable to limited liability companies formed or registered to do business in New York and set to take effect January 1, 2026).

Varnum’s CTA Taskforce continues to monitor these developments and will provide updates as they become available. For further background on the CTA, please refer to Varnum’s CTA Resource Center.

DOL Expands Fiduciary Breach Correction Options

DOL Expands Fiduciary Breach Correction Options

The United States Department of Labor (DOL) has updated its procedures for correcting certain fiduciary violations. This expansion allows employers to self-correct a broader range of errors, aligning the program more closely with the IRS’s recently updated correction procedures. If certain conditions are met, the new guidance allows for self-correcting some of the most common fiduciary violations, such as late contributions, late loan repayments, and inadvertent loan failures.

The DOL has long provided plan fiduciaries the option to use its Voluntary Fiduciary Correction Program (VFCP) to address various fiduciary violations. The program requires plan sponsors to both correct the fiduciary violation and submit an application to the DOL for approval. The core elements of the VFCP program remain unchanged. However, the DOL has expanded the program to include a self-correction component (SCC), which will allow plan sponsors to correct fiduciary violations without submitting an application to the DOL. Employers can begin using the new SCC provisions on March 17, 2025.

When Can SCC Be Used?

SCC is available for three fiduciary violations: failure to transmit contributions timely, failure to transmit loan repayments timely, and some inadvertent loan failures. Covered inadvertent loan failures include errors that could be self-corrected with the IRS under its Employee Plan Compliance Resolution System (EPCRS), which includes the most common loan failures.

What Are The Requirements?

To use the SCC program, several requirements must be satisfied:

  • If the violation caused lost earnings, those lost earnings must be calculated using the DOL’s lost earnings calculator and be less than $100.
  • Late contributions or loan payments must be made to the plan within 180 days following when the employer withheld the amounts.
  • Employers must complete and maintain a copy of the SCC Record Retention Checklist. Given the importance of complete and proper documentation, employers should seek assistance from legal counsel and other plan service providers.
  • Employers must file electronically with the DOL as part of the correction process. Under the traditional VFCP process, the DOL would issue a no-action letter. Under the SCC program, a no-action letter will not be issued, but an acknowledgment will be provided after the electronic filing is made.

Any correction amounts and costs related to the SCC process must be paid from the employer’s general assets, not from plan assets.

If you need to correct your retirement plan or believe there may be an issue, please contact a member of Varnum’s Employee Benefits Practice Team for further information and assistance with the correction process.

New Michigan Law Strengthens Legal Protections for Assisted Reproduction

New Michigan Law Strengthens Legal Protections for Assisted Reproduction

The Assisted Reproduction and Surrogacy Parentage Act (ARSPA), also known as the Michigan Family Protection Act, enhances legal protections for families using assisted reproductive technology. Effective April 2, 2025, this legislation updates parentage laws to account for the use of assisted reproductive technology, providing greater clarity and legal security.

Legal Parentage for Children Conceived Through Assisted Reproduction

One of the law’s most impactful components is Part 2, which addresses the parentage of children conceived through assisted reproduction without surrogacy. The impact of the law on surrogacy is covered in a previous advisory. The law defines assisted reproduction as “a method of causing pregnancy through means other than by sexual intercourse” and includes in vitro fertilization (IVF), gamete donation (i.e., sperm, egg, and embryo), artificial insemination, and other assisted reproductive technologies.

Before the new law, non-biological parents in Michigan had to undergo a lengthy and costly stepparent adoption process to establish legal parental rights. Now, intended parents who conceive a child through assisted reproduction can petition the court for a judgment of parentage, legally establishing them as a child’s parent and granting them all rights and responsibilities associated with being a legal parent.

This change removes unnecessary barriers for many families, including non-biological mothers in same-sex couples who conceive using sperm donors and heterosexual couples using sperm, egg, or embryo donors due to infertility.

Estate Planning Considerations

With ARSPA in effect, individuals who have children or grandchildren through assisted reproduction should review their estate planning documents to ensure their children and grandchildren are included. Many estate plans define “child” to include adopted children but may not explicitly cover non-biological children conceived through assisted reproduction. Updating these documents can help avoid potential legal complications and ensure all children and grandchildren are treated as intended.  

How We Can Help

If you are considering or have already conceived a child through assisted reproduction, securing your parental rights is essential. Varnum’s Family Law Practice Team can help you navigate this new legal process and obtain a judgment of parentage if necessary. Our Estate Planning Practice Team can also review and update your estate documents to ensure they accurately reflect your family.

Design-Code Laws: The Future of Children’s Privacy or White Noise?

Design-Code Laws: The Future of Children's Privacy or White Noise?

In recent weeks, there has been significant buzz around the progression of legislation aimed at restricting minors’ use of social media. This trend has been ongoing for years but continues to face resistance. This is largely due to strong arguments that all-out bans on social media use not only infringe on a minor’s First Amendment rights but, in many cases, also create an environment that allows for the violation of that minor’s privacy.

Although companies subject to these laws must be wary of the potential ramifications and challenges if such legislation is enacted, these concerns should be integrated into product development rather than driving business decisions.

Design-Code Laws

A parallel trend emerging in children’s privacy is an influx in legislation aimed at mandating companies to proactively consider the best interest of minors as they design their websites (Design-Code Laws). These Design-Code Laws would require companies to implement and maintain controls to minimize harms that minors could face using their offerings.

At the federal level, although not exclusively a Design-Code Law, the Kids Online Safety Act (KOSA) included similar elements, and like those proposed bills, placed the responsibility on covered platforms to protect children from potential harms arising from their offerings. Specifically, KOSA introduced the concept of “duty of care,” wherein covered platforms would be required to act in the best interests of minors under 18 and protect them from online harms. Additionally, KOSA would require covered platforms to adhere to multiple design requirements, including enabling default safeguard settings for minors and providing parents with tools to manage and monitor their children’s online activity. Although the bill has seemed to slow as supporters try to account for prospective challenges in each subsequent draft of the law, the bill remains active and has received renewed support from members of the current administration.

At the state level, there is more activity around Design-Code Laws, with both California and Maryland enacting legislation. California’s law, which was enacted in 2022, has yet to go into effect and continues to face opposition largely centered around the law’s alleged violation of the First Amendment. Similarly, Maryland’s 2024 law is currently being challenged. Nonetheless, seven other states (Illinois, Nebraska, New Mexico, Michigan, Minnesota, South Carolina and Vermont) have introduced similar Design-Code Laws, each taking into consideration challenges that other states have faced and attempting to further tailor the language to withstand those challenges while still addressing the core issue of protecting minors online.

Why Does This Matter?

While opposition to laws banning social media use for minors has demonstrated success in the bright line rule restricting social media use, Design-Code Laws not only have stronger support, but they will also likely continue to evolve to withstand challenges over time. Although it’s unclear exactly where the Design-Code Laws will end up (which states will enact them, which will withstand challenges and what the core elements of the laws that withstand challenges will be), the following trends are clear:

  • There is a desire to regulate how companies collect data from or target their offerings to minors in order to protect this audience. The scope of the Design-Code Laws often does not stop at social media companies, rather, the law is intended to regulate those companies that provide an online offering that is likely to be accessed by children under the age of 18. Given the nature and accessibility of the web, many more companies will be within the scope of this law than the hotly contested laws banning social media use.
  • These laws bring the issue of conducting data privacy impact assessments (DPIAs) to the forefront. Already mandated by various state and international data protection laws, DPIA requirements compel companies to establish processes to proactively identify, assess and mitigate risks associated with processing personal information. Companies dealing with minor data in these jurisdictions will need to:
    • Create a DPIA process if they do not have one.
    • Build in additional time in their product development cycle to conduct a DPIA and address the findings.
    • Consider how to treat product roll-out in jurisdictions that do not have the same stringent requirements as those that have implemented Design-Code Laws.

As attention to children’s privacy continues to escalate, particularly on the state level, companies must continue to be vigilant and proactive in how they address these concerns. Although the enactment of these laws may seem far off with continued challenges, the emerging trends are clear. Proactively creating processes will mitigate the effects these laws may have on existing offerings and will also allow a company to slowly build out processes that are both effective and minimize the burden on the business.

Varnum’s Data Privacy and Cybersecurity Team is closely monitoring these legislative developments and stands ready to guide clients through the complexities of the new regulations. Should these laws be enacted, businesses will need to swiftly adapt to avoid legal risks and ensure they are effectively protecting the rights and safety of younger users.

Two Employer-Friendly ACA Changes

Two Employer-Friendly ACA Changes

Two recent developments make significant changes to Affordable Care Act (ACA) compliance, both effective immediately and offering important benefits for employers. 

Providing Forms 1095 to Employees

Since ACA was first implemented, employers have been required to report their offers of health care coverage to employees by filing Form 1095-B or 1095-C with the IRS and providing a copy of the form to employees.

Beginning with the 2024 tax year, which the reporting forms were set to be distributed in early 2025, employers are no longer required to automatically provide these forms to employees, provided two requirements are met. First, employers must notify employees that the employer will no longer automatically provide Form 1095, including a statement saying employees may request a copy and instructions on how to do so. Second, employers must provide a copy of Form 1095 to any employee who requests it, within 30 days of the request.

Note that employers must still file Form 1094 and Form 1095 with the IRS; this new rule simply relieves the responsibility to provide a copy to employees. Employers who wish to take advantage of the new rule should continue to coordinate with their service providers to ensure that Forms 1095 are prepared in time for filing to the IRS, and available to provide to employees upon request. This change may help employers save on the cost and administrative responsibility of sending the forms to each employee.

ACA Penalty Statute of Limitations 

Congress has also established a new six-year statute of limitations for employer penalty assessments under the ACA. While this may seem lengthy, especially considering the common three-year statute of limitations that applies to many tax assessments, the IRS had previously taken the position that there was no statute of limitations because Forms 1094 and 1095 were not tax returns.

This change is particularly important due to frequent delays between an employer’s alleged failure to comply with ACA requirements and the IRS’s notification of a proposed penalty assessment. This delay could be multiple years, meaning that if an employer had a systematic issue regarding its offers of coverage or reporting, penalties could be assessed for several years before the employer was notified that a change was necessary for compliance. Especially in corporate transactions, this change will help provide clarity and limit exposure for ACA compliance. 

If you have questions or want assistance with ACA compliance, contact a member of our Employee Benefits Practice Team

The Impact of AI Regulations on Insurtech

The Impact of AI Regulations on Insurtech

Insurtech is steeped in artificial intelligence (AI), leveraging the technology to improve insurance marketing, sales, underwriting, claims processing, fraud detection and more. Insurtech companies are likely only scratching the surface of what is possible in these areas. In parallel, the regulation of AI is expected to create additional legal considerations at each step of the design, deployment and operation of AI systems working in these contexts. 

Legal Considerations and AI Exposure

As with data privacy regulations, the answer to the question “Which AI laws apply?” is highly fact-specific and often dependent on the model’s exposure or data input. Applicable laws tend to trigger based on the types of data or location of the individuals whose data is leveraged in training the models rather than the location of the designer or deployer. As a result, unless a model’s use is strictly narrowed to a single jurisdiction, there is likely to be exposure to several overlapping regulations (in addition to data privacy concerns) impacting the design and deployment of an Insurtech AI model. 

Managing Regulatory Risk in AI Design

Given this complexity, the breadth of an Insurtech AI model’s exposure can be an important threshold design consideration. Companies should adequately assess the level of risk from the perspective of limiting unnecessary regulatory oversight or creating the potential for regulatory liabilities, such as penalties or fines. For instance, an Insurtech company leveraging AI should consider if the model in question is intended to be used for domestic insurance matters only and if there is value in leveraging data related to international data subjects. Taking steps to ensure that the model has no exposure to international data subjects can limit the application of extraterritorial, international laws governing AI and minimize the potential risk of leveraging an AI solution. On the other hand, if exposure to the broadest possible data is desirable from an operations standpoint, for instance, to augment training data, companies need to be aware of the legal ramifications of such decisions before making them. 

Recent State-Level AI Legislation

In 2024, several U.S. states passed AI laws governing the technology’s use, several of which can impact Insurtech developers and deployers. Notably, state-level AI bills are not uniform. These laws range from comprehensive regulatory frameworks, such as Colorado’s Artificial Intelligence Act, to narrower disclosure-based laws such as California’s AB 2013, which will require AI developers to publicly post documentation detailing their model’s training data. Several additional bills relating to AI regulation are already pending in 2025, including:

  • Massachusetts’ HD 3750: Would require health insurers to disclose the AI use including, but not limited to, in the claims review process and submit annual reports regarding training sets as well as an attestation regarding bias minimization.
  • Virginia’s HB 2094: Known as the High-Risk Artificial Intelligence Developer and Deployer Act, would require the implementation of a risk management policy and program for “high-risk artificial intelligence systems,” defined to include “any artificial intelligence system that is specifically intended to autonomously make, or be a substantial factor in making, a consequential decision (subject to certain exceptions).
  • Illinois’ HB 3506: Among other things, this bill would require developers to publish risk assessment reports every 90 days and to complete annual third-party audits.

The Growing Importance of Compliance

With the federal government’s evident step back in pursuing an overarching AI regulation, businesses can expect state authorities to take the lead in AI regulation and enforcement. Given the broad and often consequential use of AI in the Insurtech context, and the expectation that this use will only increase over time given its utility, businesses in this space are advised to keep a close watch on current and pending AI laws to ensure compliance. Non-compliance can raise exposure not only to state regulators tasked with enforcing these regulations but also potentially to direct consumer lawsuits. As noted in our prior advisory, being well-positioned for compliance is also imperative for the market from a transactional perspective. 

The Insurtech space is growing in parallel with the expanding patchwork of U.S. AI regulations. Prudent growth in the industry requires awareness of the associated legal dynamics, including emerging regulatory concepts across the nation. Varnum’s Data Privacy and Cybersecurity Practice Team continues to monitor these developments and assess their impact on the Insurtech industry to help your business stay one step ahead.  

Governor Whitmer Signs New Minimum Wage Law

Governor Whitmer Signs New Minimum Wage Law

On February 21, 2025, Governor Gretchen Whitmer signed legislation that preserves Michigan’s tip credit and scales back an increase to the state’s minimum wage. On Wednesday, February 19, 2025, just days before this legislation and the new Earned Sick Time Act (ESTA) were set to take effect, amendments to the minimum wage law received final approval from both the House and Senate. As a result, Governor Whitmer signed both pieces of legislation into law. For more information about changes to ESTA, see Varnum’s advisory here.  

Under the amendments to the minimum wage law, the new minimum hourly wage rate is:

Hourly Rate
Effective Date
$12.48
February 21, 2025
$13.73
January 1, 2026
$15.00
January 1, 2027

The new minimum hourly wage rate for tipped employees is:

Hourly Wage Rate
Effective Date
38% of the minimum hourly wage rate
February 21, 2025
40% of the minimum hourly wage rate
January 1, 2026
42% of the minimum hourly wage rate
January 1, 2027
44% of the minimum hourly wage rate
January 1, 2028
46% of the minimum hourly wage rate
January 1, 2029
48% of the minimum hourly wage rate
January 1, 2030
50% of the minimum hourly wage rate
January 1, 2031

The bill also stipulates that beginning in October 2027, the state’s minimum wage must increase based on the rate of inflation. The state treasurer will calculate the increase by multiplying the otherwise applicable minimum wage by the 12-month percentage increase, if any, in the Consumer Price Index for the Midwest region, CPI-U or a successor index as published by the Bureau of Labor Statistics.

Additionally, the bill transfers oversight from the Department of Licensing and Regulatory Affairs to the Department of Labor and Economic Opportunity. It also subjects employers to a civil fine of no more than $2,500 for failing to pay the minimum hourly wage to employees who receive gratuities in the course of their employment.

Contact your Varnum labor and employment attorney for guidance on compliance with either of these laws. 

Michigan’s Earned Sick Time Act Amended: Employer Takeaways

Michigan's Earned Sick Time Act Amended: Employer Takeaways

On February 20, 2025, Michigan lawmakers voted to amend the Earned Sick Time Act (ESTA) to provide greater clarity and flexibility to both employees and employers with respect to paid time off, taking immediate effect. This action followed earlier votes this week by the Michigan legislature on the minimum wage law. Governor Whitmer has now signed both pieces of legislation into law. For more information about changes to the minimum wage law,
see our advisory here.

Key Changes to ESTA as of February 21, 2025:

  • Employers are expressly permitted to frontload at least 72 hours of paid sick time per year, for immediate use, to satisfy ESTA’s leave requirement. Employers who frontload hours do not need to carry over unused paid sick time year to year and do not have to calculate and track the accrual of paid sick time for full-time employees. For part-time employees, frontloading in lieu of carryover is also an option, including frontloading a prorated number of hours. Employers choosing to frontload a prorated amount must follow notice, award amount, and true-up requirements. 
  • If paid sick time is not frontloaded, employees still must accrue 1 hour of paid sick leave for every 30 hours worked, but employers may cap usage at 72 hours per year. Only 72 hours of unused paid sick time is required to roll over from year to year for employers who provide leave via accrual.
  • New hires can be required to wait until 120 days of employment before they can use accrued paid sick time, which could potentially benefit seasonal employers. This waiting period appears to be permitted for frontloading and accruing employers alike, although the bill’s language with respect to frontloading employers is somewhat unclear. This may be an issue for clarification by the Department of Labor and Economic Opportunity, which under the amendment will be responsible for all enforcement of the law.
  • ESTA now provides several exemptions, including:
    • An individual who follows a policy allowing them to schedule their own hours and prohibits the employer from taking adverse personnel action if the individual does not schedule a minimum number of working hours is no longer an “employee” under ESTA.
    • Unpaid trainees or unpaid interns are now exempt from ESTA.
    • Individuals employed in accordance with the Youth Employment Standards Act, MCL 409.101-.124, are also exempt from ESTA.
  • Small businesses, defined as those with 10 or fewer employees, are only required to provide up to 40 hours of paid earned sick time. The additional 32 hours of unpaid leave, required under the original version of ESTA, is no longer required. Small businesses, like other employers, are permitted to provide leave via a frontload of this entire applicable amount or to provide the time via accrual. If small businesses use the accrual method (1 hour of paid sick time for every 30 hours worked), they may cap paid sick time usage at 40 hours per year and only permit carryover of up to 40 hours of unused paid sick time year to year. Small businesses have until October 1, 2025, to comply with several ESTA requirements, including the accrual or frontloading of paid earned sick time and the calculation and/or tracking of earned sick time.
  • Employers can now use a single paid time off (PTO) policy to satisfy ESTA. Earned sick time may be combined with other forms of PTO, as long as the amount of paid leave provided meets or exceeds what is otherwise required under ESTA. The paid leave may be used for ESTA purposes or for any other purpose.
  • The amendments clarify that an employee’s normal hourly rate for ESTA purposes does not include overtime pay, holiday pay, bonuses, commissions, supplemental pay, piece-rate pay, tips or gratuities
  • The amendments specify that the Department of Labor and Economic Opportunity is responsible for enforcement of the Act. Prior provisions that included a private right of action for employees to sue their employers for possible ESTA violations have been removed.
  • The amendments remove a “rebuttable presumption” of retaliation that was contained in the original Act.
  • ESTA now permits employers to choose between one-hour increments or the smallest increment used to track absences as the minimum increment for using earned sick time.  

The amendments allow a means for employers to require compliance with absence reporting guidelines for unforeseeable ESTA use. To do this, an employer must comply with steps outlined in the amendment including disclosure of such requirements to employees in writing.

  • The amendments specify that employers must provide written notice to employees including specified information about the Act within 30 days of the effective date. This would mean a date of March 23, 2025.
  • The amendments allow for postponement of the effective date of ESTA for employees covered by a collective bargaining agreement that “conflicts” with the Act. The effective date for such employees is the expiration date of the current collective bargaining agreement.
  • The amendments likewise allow for the postponement of ESTA’s effective date for employees who are party to existing written employment agreements that “prevent compliance” with the Act. Reliance on such provisions requires notification to the state. 

Ongoing Ambiguities and Clarifications Needed:

  • The amended law continues to contain a provision requiring the display of a poster from the Department of Labor and Economic Growth, which appears to be effective immediately upon the date the bill is signed into law. Employers are advised to update their posters accordingly.
  • The statute’s reference to “conflict” between a collective bargaining agreement and ESTA is not well defined, including how this provision will apply to a collective bargaining agreement that, perhaps intentionally through prior negotiations, includes no current provisions for sick time. 
  • Whether the amended law is intended to exclude nonprofit organizations from the scope of covered employers is unclear. The reference to nonprofits was stricken, but there is no affirmative language excluding them from the broad “employer” definition that remains in the law.
  • The availability of a 120-day waiting period for a frontloading employer is somewhat unclear, due to the provisions that frontloaded time must be “available for immediate use.”
  • The date employees may first use earned sick time, in relation to the time frame for employers to finalize and issue policies, would benefit from clarification. The amendment states that accrual begins on the effective date of the Act, and time may be used “when it is accrued.” However, employers appear to have a 30-day time frame to finalize and issue policies defining how they choose to provide ESTA’s benefits.
  • The extent of employer recordkeeping and/or inspection obligations are unclear under the current law. Previous provisions detailing such requirements are no longer included.

Varnum’s labor and employment attorneys are continuing to monitor developments with these new and amended laws. Please contact a member of our Labor and Employment Team for guidance on compliance with ESTA, the minimum wage law and best practices moving forward.