Bermuda has passed the Beneficial Ownership Act 2025, a landmark reform that consolidates and simplifies the ownership disclosure regime, introduces new roles and powers for the Registrar of Companies and sets out new responsibilities for companies themselves.

The Act arrives ahead of Bermuda’s Caribbean Financial Action Task Force review and is intended to demonstrate that the jurisdiction can meet international transparency standards while safeguarding privacy rights.

For businesses and service providers, it signals higher compliance expectations, with accuracy, verification and enforcement now squarely at the forefront.

The Act, which was passed last month in the House of Assembly, also allows companies to penalise uncooperative beneficial owners.

We are anticipating enactment within a few weeks.

Broadly speaking, the Act is a statement of Bermuda’s intent to remain a trusted, well-regulated jurisdiction that can continue to compete globally while maintaining confidence in its legal and business environment.

It consolidates existing ownership disclosure rules into a single statute, raises the bar for verifying shareholder and controller information, and introduces stronger enforcement powers.

Under the legislation, companies and corporate service providers must ensure that beneficial ownership information is accurate, up to date and supported by documentary evidence, with penalties of up to $250,000 for non-compliance.

In the CFATF review, assessors will look not only at whether the jurisdiction’s rules meet the FATF standards but also at whether they are effective in practice.

For Bermuda businesses, the review is more than a technical assessment. The outcome will influence how international partners view the island’s credibility as a financial centre and, by extension, how smoothly Bermuda entities can operate in global markets.

The Act therefore represents both a compliance measure for external scrutiny and a strategic investment in Bermuda’s ability to preserve access to capital and trade.

The legislation introduces several significant changes to how Bermuda collects, verifies, and enforces information on company ownership. Its reach is wide, extending transparency obligations across the island’s corporate landscape, not just to entities already regulated by the Bermuda Monetary Authority.

A central feature of the new law is the requirement that beneficial ownership information be properly verified. Submissions must now, in law, be supported by government-issued identification, nationality details, and other corroborating records. These measures are designed to satisfy the FATF standard that beneficial ownership data must be accurate, reliable, and accessible to competent authorities.

Responsibility for maintaining and policing the register now lies squarely with the Registrar of Companies. By consolidating oversight into one office, the Act replaces a fragmented regime that had previously drawn on multiple statutes and agencies.

Enforcement powers are also stronger, with the aforementioned civil penalties of up to $250,000 and, in serious cases, imprisonment — reflecting FATF’s insistence that sanctions be effective, proportionate and dissuasive.

Taken together, these provisions establish a new baseline for ownership transparency in Bermuda, though they also raise questions about how openness will be balanced with privacy.

The Act reflects a wider global trend. Over the past two decades, regulators have steadily escalated demands for disclosure and “know your customer” transparency, while data protection regimes have advanced in equal measure.

That collision was confronted directly in Europe when, in November 2022, the Court of Justice of the European Union struck down indiscriminate public access to ownership registers as a breach of fundamental privacy rights.

The EU responded in early 2024 with its Sixth Anti-Money Laundering Directive, which now requires a “legitimate interest” test for parties seeking access.

Bermuda’s framework sits in the same current, balancing external pressure for openness with its own constitutional and statutory privacy protections.

The legislation makes beneficial ownership information more widely available, particularly to regulated financial institutions that are obliged to carry out anti-money laundering and counter-terrorist financing checks. This direct access is designed to make compliance more efficient and to ensure that ownership data is embedded in frontline risk management.

However, broadening access inevitably complicates privacy. While the Act restricts the further disclosure of information about ownership, the fact remains that many institutions will now have the ability to query the central register.

Without clear regulatory limits on how long that information can be retained, how it may be shared across group structures, or how it is to be secured, the risk of misuse or inadvertent exposure cannot be ignored.

This is why the Act pairs transparency with statutory restrictions. It prohibits the onward disclosure of beneficial ownership information for purposes unrelated to compliance, aligning with the principles of the Personal Information Protection Act that personal data must be collected and used only for legitimate, proportionate reasons.

The effectiveness of these restrictions will depend on the details of forthcoming regulations, which will need to set out precisely how financial institutions and service providers must handle the information once obtained.

Pipa sets the domestic benchmark for this balance. Under Pipa, any government use of personal information must be lawful, fair, and proportionate — limited to what is adequate, relevant and not excessive for the stated purpose.

Unless Parliament amends Pipa to create a specific carve-out, these standards will continue to govern access to beneficial ownership data. That reality makes the forthcoming regulations especially important: they will need to satisfy international expectations while remaining consistent with Bermuda’s own privacy law.

The result is a framework that tries to walk a fine line.

On one side is the pressure from FATF and other international partners for more open, immediate access to beneficial ownership data.

On the other side is Bermuda’s legal duty to safeguard privacy and protect individuals from unnecessary or disproportionate exposure.

The Act attempts to hold both positions at once, but its success will depend heavily on how enforcement is designed and applied in practice.

• Jarion Richardson is the head of regulatory and compliance services, Brad Adderley is the managing partner and head of the corporate practice, and John Wasty is head of the dispute resolution practice and head of regulatory disputes, in Appleby’s Bermuda office. A copy of this column can be obtained on the Appleby website at www.applebyglobal.com. This column should not be used as a substitute for professional legal advice. Before proceeding with any matters discussed here, persons are advised to consult with a lawyer