WiEReG changes on 10 January 2020: The end of privacy and the need for action in private foundations

20 December 2019 – need2know

Changes to the Beneficial Owner Register Act (Wirtschaftliche Eigentümer Register Gesetz “WiEReG”) will come into force on 10 January 2020. The most drastic change is the possibility of access to the register for everyone. This is not justified especially in the case of family private foundations and would not be necessary pursuant to the EU directive. In order to protect the identity of beneficiaries and data on founders, an application to restrict access is urgently recommended. For this purpose, an overriding interest worthy of protection against public inspection must be proven.

The obligation to submit an annual notification on the data entered to the registrar is new as well. Furthermore, compliance packages can be included into the register in the future in order to simplify KYC processes.

Legal background

The Beneficial Owner Register was introduced in Austria on the basis of the coming into force of the WiEReG in 2018. According to the 4th EU Anti-Money Laundering Directive of 20 May 2015 (Directive (EU) 2015/849), central registers had to be established in the EU Member States in which the data of the beneficial owners of certain legal entities, in particular companies, but also private foundations, had to be reported. With the amendment of the WiEReG, the 5th EU Anti-Money Laundering Directive (Directive (EU) 2018/843) (“5th AMLD Directive”) is implemented (EU Financial Adaptation Act 2019 (Federal Law Gazette No. 62/2019)).

Public Inspection

The protection of personal data was recently – keyword DSGVO – a very popular and relevant topic. The amendment to the Beneficial Owners Register Act (WiEReG) is moving in a different direction. The register becomes publicly accessible in January 2020.

As a reminder, the register is currently not generally accessible to the public. Inspection is reserved for authorities, banks and credit institutions and lawyers, notaries, tax advisors, etc., in each case within the scope of professional activity for the identification of beneficial owners. Outside these professional groups, inspection requires an application to the registry authority together with proof of a legitimate interest, which must be related to the prevention of money laundering and terrorist financing.

In future, there will be public access to extracts from the register. Everyone will be able to access extracts (subject to charges) via the homepage of the Federal Ministry of Finance, even without a legitimate interest. These public extracts contain the first and last name, month and year of birth, nationality and country of residence of the direct or indirect beneficial owner of the legal entity as well as the nature of the economic interest.

In the case of private foundations, the beneficial owners are the founders, the beneficiaries, the circle of beneficiaries, the members of the foundation board and other persons who may control the foundation. Founders and beneficiaries, including in many cases underage members of the founder’s families, thus appear by name and date of birth in the Beneficial Owners Register.

It is already with difficulty comprehensible why the 5th AMLD provides a public inspection at all. For private foundations (trusts), the 5th AMLD would also have granted the national legislators the possibility of exemption from public inspection and – as before – to require a legitimate interest for inspection.

Application for restriction of inspection recommended

As in the past, affected beneficial owners have the right to apply for a restriction of inspection. In order to do so, an overriding interest worthy of protection must be proven which prevents inspection.

Such an interest exists if the assumption is justified that inspection – now a public one – would expose the beneficial owner to the disproportionate risk of becoming a victim of certain criminal offences. These include fraud, blackmail kidnapping, criminal offences against life or limb, coercion, dangerous threats or persistent persecution.

Predominantly interests worthy of protection exist in any case if the beneficial owner is a minor (or legally incompetent). This means that underage beneficiaries or members of the group of beneficiaries can be protected from inspection.

Limited access must be assessed on an individual basis. This means that not necessarily the entire circle of beneficial owners of a private foundation (legal entity) has to be worthy of protection in order to achieve a restriction. The person with the disproportionate risk may be excluded from inspection on an individual basis. In the case of family private foundations, (only) the children as beneficiaries may be subject to limited inspection on the grounds of minority; even if the parents as (founder) or beneficiaries fail to prove a predominantly legitimate interest (risk of being exposed to criminal offences). On the other hand, the risk of a family member being affected by a criminal offence may also extend to other family members on the basis of kinship.

Annual notification obligation to the register

According to the current legal situation, the annual review required by law must (only) be documented internally. In the future, within 4 weeks of the due date of the annual review, a confirmation of the current entries will also have to be submitted to the register that no changes have occurred.

Any changes shall (continue to) be reported within 4 weeks of notification. On the one hand, this must be based on the entry in the respective register (e.g. Commercial Register) or, on the other hand, on the time of effectiveness if the change becomes effective prior to entry in the register, as is the case with most relevant entries in the Commercial register, which only have a declarative effect.

If obliged entities who have to determine beneficial owners recognize incorrect or incomplete data on the beneficial owners, they must set a remark. According to the 5th AMLD, in the future the reasons for the remark must also be stated. No note is required if the customer himself – after notification by the obliged entity – corrects the register.

Inspection by registry authority

In order to check the reports (accuracy and completeness), the Federal Ministry of Finance as the register authority will in future compare the data reported in the register with other publicly available data sources (e.g. Commercial Register, register of associations, central residents register) and check incoming reports on a random basis.

The registry authority is entitled to demand information from legal entities subject to reporting requirements and their legal and beneficial owners on the assessment of beneficial ownership and the submission of corresponding documents and other written documents.

Compliance Package

In the future, a Compliance Package can be uploaded to the register to simplify KYC processes. The register can thus be used voluntarily as a central platform for the storage of documents required for the determination and verification of beneficial owners. Compliance Packages must be created by professional party representatives (lawyers, notaries, tax consultants).

The documents must be up-to-date at the time of transmission to the register. Extracts from foreign registers must not be older than six weeks. The Compliance Package is then valid for one year – provided no changes have been made.

The Compliance Package is only available to limited persons for KYC audits (banks and credit institutions, lawyers, notaries, tax consultants, etc.). The legal entity can control access to the documents by submitting a restricted Compliance Package. For this purpose, the register number of those obliged entities who may inspect the Compliance Package must be stated in the report. Those obliged entities who are not covered by the addressees defined by the legal entity can submit a request for inspection.

The Compliance Package is intended to reduce the effort involved in KYC audits. For further simplification, subordinate legal entities can also refer to the Compliance Package of the superordinate legal entity (e.g. holding company as parent company). Then the subordinate does not have to upload the documents for its own Compliance Package to the register itself.

However, the Compliance Package is again subject to the risk-based approach for the obligated parties to the KYC determination. Obligated parties may only rely on the Compliance Package for the determination and verification of the beneficial owners if there are no grounds for doubting the correctness of the report or the authenticity, timeliness, correctness and completeness of the documents it contains.

Extension of penalties

The catalogue of criminal offences provides for the concretization of financial and administrative offenses and a more gradual application of sanctions in the event of infringements of the rules. Incorrect or incomplete reports or changes that have not been transmitted will – as before – be punished with a fine of up to EUR 200,000 for intent and up to EUR 100,000 for gross negligence. Failure to report will only be punished as a financial offence if the legal entity fails to comply with its reporting obligation despite two threats and the imposition of penalties.

The breach of the obligation to retain documents – at least five years after the end of beneficial ownership – for documents necessary to determine the economic owner will now be sanctioned (fine up to EUR 75,000 for intent; up to EUR 25,000 for gross negligence).

For the compliance package, the deliberate transmission of false or falsified documents is punished with a fine of up to EUR 75,000. If individually prescribed documents are not transmitted, this constitutes a violation of the financial regulation and is punishable by a fine of up to EUR 10,000.

Notes on errors during automatic data import from the company register

Since 01 October 2018, the automated data import from the Commercial Register (§ 5 Abs 5 WiEReG) has been carried out: In the case of legal entities in which the top management level is regarded as a “subsidiary” beneficial owner, the data is automatically transferred from the Commercial Register and the register is kept up to date on an ongoing basis in the event of changes.

The following limitations were identified during the annual review:

  • Companies in liquidation – no automatic import of the liquidators as subsidiary beneficial owners

In the case of companies in liquidation, the liquidators shall be deemed to be the beneficial owners if the beneficial owners are identified on a subsidiary basis. If the managing directors have been reported before the liquidation of the company was registered, the appointment of the liquidators is not automatically imported from the Commercial Register. Liquidators must therefore be reported manually, even if the previous managing directors act as liquidators.

  • Limited partnerships – incorrect representation of the participation structure in the register excerpt

In addition to the beneficial owners, the participation structure including the calculated participation quotas of the beneficial owners is also shown in extended excerpts. In the case of limited partnerships, only the liability amounts are entered in the Commercial Register; the actual capital participation may differ from this and neither the liability amount nor a share is entered in the register. In the case of automatic import to the register for the representation of the shareholding relationships, all partners (general partners and limited partners) are assigned the same share. The correct reporting of the beneficial owner including the share does not change the representation in the extract. No other correction is possible either.

Figure 1: Shareholding structure by capital contribution. Beneficial owner with 90% capital share limited partner 1.

Figure 2: The automatic representation of the participation structure in the extended register excerpt shows a participation divided “per capita”.

Summary – Overview of the to do’s

Application for restriction of public inspection to the register (for private foundations)In the case of interests that are predominantly worthy of protection;

in any case, in the case of minor beneficial owners (beneficiaries, group of beneficiaries)

Start-ups of legal entitiesReport within 4 weeks of entry in the Commercial Register if no automatic data import takes place.
Changes in legal entitiesReport of changes within 4 weeks of notification
Annual review and confirmation reportThe reported data shall be reviewed at least once a year. The review shall be documented. The register data shall be confirmed with a report.


Authors: Barbara Valente, Verena Hügel-Karpeles

If you have any questions, please contact us:
Christoph Nauer
Elke Napokoj
Verena Hügel-Karpeles
Daniel Reiter
Barbara Valente
Kornelia Wittmann

Practice Groups:
Private Clients, Foundations and Business Succession