Quick Answer
Maybe. If you can initiate, approve, release, or otherwise control funds in a non-U.S. company account you do not own, treat it as a potential FBAR filing question and verify current rules before deciding. Job title alone is not enough, and this source says view-only access, thresholds, and formal definitions still need confirmation. Keep documented permission evidence and separate any ownership or FATCA analysis.
The CEO's Playbook: Do I File an FBAR for a Company Account I Just Have Signature Authority Over?#
Use FBAR signature authority as a working label here. If you can control activity in a non-U.S. account you do not own, treat it as a reporting question that needs current-rule verification. This playbook helps you sort that question, gather the right evidence, and avoid making the call from memory or from a job title.
This is an operator playbook, not a legal conclusion. Start by mapping your actual access, then document what the platform and approval flow really allow. From there, move in order: Step 1 to assess exposure, Step 2 to reduce avoidable risk, and Step 3 to handle the filing process if needed. The source material here does not provide a full legal definition of signature authority, a current-rule standard, or a verified threshold. Confirm those points before you make a final call.
| Your access pattern | Likely filing outcome | What to do next |
|---|---|---|
| You can only view balances or export statements | Unclear from this source alone | Confirm exact permissions and save account-permission evidence |
| You can initiate, approve, or direct transfers on a non-U.S. account you do not own | Requires verification under current rules | Collect role documents, account records, and verify current guidance |
| You are not sure what your permissions allow | Unknown until verified | Request a permissions report and document who can move funds |
| Aggregate account values are a concern | Threshold rule is not stated in this source | Build an account list and value record, then verify current threshold guidance |
One practical rule matters more than labels: trust documented permissions over job titles. Keep an evidence pack with contracts, delegated-authority documents, permission screenshots or exports, and a dated list of relevant non-U.S. accounts.
If filing is required, the report is the electronic FBAR, FinCEN Form 114. The instructions in hand also state an April 15 due date with an automatic extension to October 15. They also require an amended filing when errors are found in a prior FBAR: file a new complete FBAR, check the Amend box in Item 1, and provide the Prior Report BSA Identifier (or O00oooooooo00 if it is unknown). Because that instruction set is labeled effective for 2017 or earlier, verify current requirements before you file.
One scope guardrail before you start: this excerpt does not cover ownership-based reporting or FATCA/Form 8938. Treat those as separate analyses from this Form 114 signature-authority question.
If you want a deeper dive, read Portugal's NHR Regime vs. Spain's Beckham Law: A 2025 Tax Analysis for High-Earning US Expats.
Step 1: The Modern Risk Assessment: Are You Unknowingly Exposed?#
Potential exposure can come from permissions, not just titles. If your access can influence how money moves in a non-U.S. account, treat this as an FBAR filing-risk question until you confirm the current rules.
Before anything else, classify your setup across three items that still need current-rule confirmation. If any item is unclear, treat that as a verification task.
Foreign financial account: confirm the account jurisdiction and whether the account type is in current Form 114 scope.Financial interest: confirm whether ownership or entity ties create a separate analysis from access-based exposure.Signature or other authority: confirm whether your exact permissions are treated as reportable authority under current guidance.
Use a role and permission test#
Platform labels do not decide this by themselves. Rights can differ based on entity setup, admin settings, and approval chain.
Use a simple verification prompt: confirm account jurisdiction and control rights from platform documents, client admin settings, and onboarding records. If you cannot produce a role matrix, permissions export, or admin screenshot, your risk is still unknown.
Use this yes or no screening sequence#
Use this as a conservative workflow, not a legal conclusion.
- Can you confirm a non-U.S. account is involved?
If no, stop and verify jurisdiction first. Keep account agreements, platform legal-entity details, or treasury records.
- Is this only an access question, or also an ownership/entity question?
If ownership, officer status, or entity control may apply, run a separate financial-interest review in parallel.
- Is your access strictly view-only?
If yes, confirm there are no hidden rights such as payee edits, draft creation, approvals, or user resets.
- Can you prepare payments but not release them?
If yes, treat it as a gray zone and verify whether independent final approval is always required in practice.
- Can your permissions release, approve, co-approve, or otherwise control fund movement in practice?
If yes, treat this as a potential filing-duty question and escalate for current-rule confirmation.
Risk map for common permission patterns#
| Access permission | Why it needs current-rule verification | Evidence to keep | Next step |
|---|---|---|---|
| View balances, statements, or exports only | Role labels can hide broader permissions, so confirm actual rights | Role screenshot, permissions export, dated admin settings | Confirm no payment, payee, approval, or user-management rights |
| Create payment drafts only | Draft rights may still need review if workflow settings could allow practical release without separate control | Workflow screenshots, approval settings, written client process | Verify whether independent final approval is always required |
| Add or edit payees or beneficiaries | Destination-edit rights can indicate control questions that need current-rule review | Payee permission records, audit logs, policy documents | Escalate for current-rule review |
| Approve, release, or co-approve payments | Release or approval rights are a priority pattern for filing-duty verification | Approval logs, delegated-authority records, bank mandate, role export | Build account list and verify filing duty |
| Reset credentials or change user permissions | Admin rights may indicate broader control even if you do not execute payments day to day | User-management logs, admin screenshots, internal controls documents | Determine whether those rights existed during the year |
| Ownership or officer control through your own foreign entity | Access-based and ownership-based exposure can overlap | Entity records, ownership documents, signatory records | Run both analyses and confirm current filing requirements under current guidance |
High-risk scenarios people misread#
Use extra caution with patterns that are easy to misread:
| Scenario | Caution |
|---|---|
| Founder, director, or officer access on entity accounts | Do not collapse entity analysis and access analysis into one shortcut |
| Shared authority in a partnership or team account | Do not assume shared control removes individual filing responsibility; verify current rules |
| Another person says they already filed | Do not assume that alone covers your own duty |
| Access granted midyear or used once | Timing and existence of authority still need review |
| Platform changes during the year | Keep records for both the old and new permission models |
One grounded reminder is that filing duty can attach to the individual, not only the entity or household. The FinCEN instructions provided here state, in another context, that a child is generally responsible for filing his or her own FBAR. That is a useful caution against assuming someone else files for you.
What to save before Step 2#
Build a compact evidence pack now: permission exports, admin screenshots, account lists, delegated-authority records, contracts, approval-chain settings, and dated notes showing who could move funds and how. This record also helps if a Form 114 later needs to be amended because of errors.
Once you know where the exposure sits, the next move is to narrow it before the year closes.
Final guardrail: the instructions in hand are release date January 2017 and marked effective for the 2017 or earlier filing requirement. Use them for filing mechanics, but verify current definitions, scope, and threshold before deciding you are in or out.
We covered this in detail in Form 3520-A for Foreign Trusts With a U.S. Owner.
Step 2: The Proactive Mitigation Playbook: How to Control Your FBAR Liability#
Start with prevention. You reduce signature-authority risk by designing access, documentation, and approval flow before work starts. If your setup avoids direct instruction authority and you keep the right records, you are in a much stronger position than if you have to explain broad permissions later.
The key rule is control, not intent. Authority can exist if you can control asset disposition, alone or with someone else, through direct communication to the institution. Not using that authority does not make the issue disappear.
Write the limits into the engagement#
A contract is not a shield, but it is your first control point and your first evidence anchor. Put the boundary in writing before any account role is granted. Use this clause framework:
| Element | What to document |
|---|---|
| Role definition | Define your function narrowly, such as preparation, reconciliation, or support, rather than broad treasury-control language |
| Explicit prohibited actions | List actions you are not authorized to take, including final release or approval authority, unsupervised beneficiary changes, user-permission changes, and direct transfer instructions to the institution |
| Client final authorization | State that final authorization stays with a named client approver for each disbursement |
| Change-control for permissions | Require written approval for any access expansion, and require prompt notice of role changes |
Practical check: if someone compares your contract to live platform permissions, the line between "prepare" and "control funds" should be obvious.
Turn role limits into an evidence checklist#
Written limits only help if they match live permissions. Keep a signed, dated Role Definition document aligned to actual access, and update it whenever the role changes. For accounts within FBAR scope, retain required account records for 5 years.
| Platform permission | Allowed action | Disallowed action | Who gives final approval | Where proof is stored |
|---|---|---|---|---|
| View or account-reporting access | Review balances, statements, exports, and reconciliation support | Payment release, beneficiary changes, permission changes | Named client approver | Role screenshot, permissions export, signed Role Definition |
| Draft or payment-prep access | Prepare drafts, upload supporting data, queue items for review | Final submission or release authority | Named client approver in workflow | Workflow screenshot, audit log, signed approval policy |
| Beneficiary or payee edit access | Only if specifically documented and separately approved | Independent beneficiary edits without required client authorization | Named client approver | Written authorization, change ticket, dated log |
| Approve, release, or co-approve access | Treat as exception-only pending formal review | Routine final or shared release authority | Client finance owner or named approver | Access request record, admin export, exception memo |
| User-admin or credential-reset access | Usually restrict for external operators | Any user-management action that can create indirect control | Client admin owner | Admin screenshot, user-admin policy, audit log |
Capture this evidence at onboarding, after each permission change, and before year-end so you can catch role drift before it becomes a filing problem.
Use a short negotiation playbook#
Lead with one clear position: you can prepare and document transactions, while the client keeps final release authority on non-U.S. accounts. Then work through a fallback sequence:
- View-only access when visibility is enough.
- Preparer-only access when execution support is needed.
- Dual-approval structures when the client needs operational backup.
These labels are not legal safe harbors. The filing analysis still turns on whether you can control disposition by direct communication to the institution, alone or with others.
If broader access is requested, escalate before accepting it. Get written confirmation on four points: account location, exact permissions, who can directly instruct the institution, and whether the access is temporary or permanent.
Know when to involve a professional#
Bring in professional review when the facts are mixed or the stakes are high. That includes cross-border entities, mixed ownership and control facts, unclear permission rights, or authority over 25 or more accounts in the special-rule context.
| Trigger | Action |
|---|---|
| Cross-border entities | Bring in professional review |
| Mixed ownership and control facts | Bring in professional review |
| Unclear permission rights | Bring in professional review |
| Authority over 25 or more accounts | Bring in professional review in the special-rule context |
| U.S. person with signature or other authority over one or more foreign accounts with an aggregate value over $10,000 at any time during the year | Escalate immediately if the facts may already meet a filing trigger |
Also add an annual deadline check to your controls. Current IRS guidance states an April 15 due date with automatic extension to October 15. eCFR text still contains June 30 language, so verify current-year filing timing before you rely on prior templates.
If you cannot narrow the access enough, or the facts already point toward filing, stop treating this as a design issue and move to execution. Related: FBAR and FATCA Reporting for US Expats.
Before you lock client permissions, run a quick scenario check in the FBAR Calculator to pressure-test whether your access setup likely creates a filing duty.
Step 3: The "Peace of Mind" Workflow: Your System for Filing (When You Must)#
When filing is required or likely, use one repeatable process: collect, validate, file, and retain. Every input should tie back to a named owner so you can defend the filing later without rebuilding the story from scratch.
The excerpt available for this section is SEC reporting language, not FBAR instructions. Treat FBAR-specific thresholds, deadlines, exceptions, and retention rules as unverified here and confirm them before you file.
Run an operations checklist, not an inbox scramble#
Your obligation may be personal, but most of the inputs come from other people. Assign one requester, one confirmer, one timing rule, and one storage location for every item.
| Item to collect | Who requests | Who confirms | When to request | Where stored |
|---|---|---|---|---|
| Legal name of account holder | You or tax preparer | Client or employer finance owner | Current filing window (after verification) | Annual filing folder |
| Financial institution details | You or tax preparer | Platform admin or finance owner | Same cycle as above | Annual filing folder |
| Account identifier | You or tax preparer | Finance owner using official records | Same cycle as above | Restricted-access record sheet |
| Key account values used for filing (if required) | You or tax preparer | Finance owner with statement or export backup | After reporting-period close and rule verification | Value support subfolder |
| Dates of your access or authority | You | Client approver or internal access-log owner | Onboarding, role change, year-end | Role evidence subfolder |
| Permission export or screenshots | You | Platform or client admin | Onboarding and after every access change | Access evidence subfolder |
| Filing-required status (Yes/No after rule check) | You | Advisor or preparer after verification | Current rule check (after verification) | Annual compliance log |
Do not accept "same as last year" as confirmation. Require a dated response or system evidence.
Use a decision gate before relying on any employer exception#
Default to verification, not assumption. The material here does not confirm FBAR exception criteria, so treat exception use as a yes or no control point that must be documented.
- If an exception might apply, get written confirmation from the responsible legal, tax, or compliance owner before relying on it.
- If your worker status, entity structure, or permissions are unclear, treat the exception as unconfirmed and route to professional review.
- If your status or permissions changed during the year, route the issue to professional review before deciding whether to file.
Use a binary checkpoint in your log: "Exception confirmed for this person and year: Yes/No." If the answer is "No" or "unclear," escalate.
Keep records so your filing logic is auditable later#
The filing should be easy to reconstruct later. Keep a compact file set that connects your authority, the account data, and what you filed.
| Required record | Why it matters | Retention rule | Evidence location |
|---|---|---|---|
| Role definition and contract language | Shows intended scope of authority | Keep for the applicable record period after verification | Client legal or compliance folder |
| Permissions evidence, including exports or screenshots | Shows actual system access | Keep for the applicable record period after verification | Access evidence subfolder |
| Filing input sheet | Centralizes values and identifiers used | Keep for the applicable record period after verification | Annual filing folder |
| Statements or exports supporting reported values | Backs key reported figures | Keep for the applicable record period after verification | Value support subfolder |
| Filed return copy and submission confirmation | Proves what was submitted and when | Keep for the applicable record period after verification | Filed returns subfolder |
| Exception memo or approval, if used | Shows why an exception was relied on | Keep for the applicable record period after verification | Tax memo or advisor folder |
Close with a short post-filing QA loop#
Before you close the task, confirm receipt, archive the filed copy, log the next review trigger, and note any unresolved facts. If account control is mixed, unclear, or changed midyear, talk to a qualified tax professional before you rely on assumptions.
If you want help with mechanics after your file is complete, use A Step-by-Step Guide to Filling Out the FBAR (FinCEN Form 114). That guide is the right companion.
You might also find this useful: FBAR for a Foreign-Owned US LLC and the Filing Path That Works.
Conclusion: You Are the CEO of Your Compliance#
Use this rule at year-end: the ability to move funds is a practical signal of potential signature-authority exposure, and limited operational access supports a non-filing position only when your documents and live permissions match.
Keep the same operating cadence every year: Assess actual account controls, Mitigate by limiting access to preparation and support where possible, and Systematize a documented annual review so you are not relying on memory. Before deciding whether Form 114 belongs on your filing list, run this checklist:
- Access level: Can you initiate, approve, or release funds, or only prepare or view?
- Documentation trail: Do your permission exports, access logs, approval history, and signed role-definition or contract language align with real access?
- Who files: Are you filing personally, or does a valid exception path apply, for example, accounts reported on a consolidated FBAR?
- What changed: Did permissions, platform setup, account scope, or responsibilities change during the year?
Escalate to a qualified cross-border tax professional when permissions are unclear, your role mixes preparation and approval, controls conflict between documents and live access, or a special signature-authority extension for certain financial professionals may apply.
If your review ends in filing, use your mechanics workflow: A Step-by-Step Guide to Filling Out the FBAR (FinCEN Form 114). For internal notes, keep this placeholder and verify it against current guidance before filing: current filing trigger (after verification).
For a step-by-step walkthrough, see A guide to the Foreign Account Tax Compliance Act (FATCA) for individuals.
If you want a tighter year-round compliance workflow beyond this article, use Gruv's Tools workspace to keep your decision checks and tax tasks organized.
Frequently Asked Questions
Do I need to file an FBAR for a client's account?
This hinges entirely on whether you possess 'signature or other authority.' Your formal title is irrelevant. The decisive factor is control. If you can, by yourself, initiate a wire transfer or direct a payment to a new vendor without needing a secondary, client-side approval to execute the transaction, you are exercising the kind of authority that triggers the filing requirement.
Does being an admin on a Wise or PayPal account count as signature authority?
Yes, it most likely does. FinCEN's term is 'signature or other authority,' and the ability to unilaterally direct funds as an administrator on a FinTech platform falls squarely under 'other authority.' If your admin status allows you to add new beneficiaries and send money from the account, you can control the assets. Given this, the most prudent strategy is to assume you have a filing requirement and manage the liability accordingly.
What is the FBAR signature authority penalty for an employee or contractor?
The penalties are identical regardless of your employment status or financial interest in the account. The IRS holds the individual with authority personally responsible. For a non-willful violation, the civil penalty can be up to $16,536 per violation (as of 2025, adjusted for inflation). For a willful violation, the penalties are far more severe: the greater of $165,353 or 50% of the account's balance at the time of the violation.
How do I prove I don't have signature authority?
Documentation is your single most powerful tool. You cannot prove a negative, but you can build a body of evidence demonstrating your limited role. This includes a signed contract with a 'Limited Access Clause,' a separate 'Role Definition' document signed by the client, and a clear email trail confirming payment approval procedures. Together, these documents create a compelling record that you did not possess the requisite control.
Can I refuse signature authority on a company account?
Absolutely. For most independent professionals, this should be your default position. Refusing FBAR signature authority is not an obstacle; it is a responsible professional boundary. Explain that to mitigate personal liability and avoid unnecessary US tax complexity, you will operate through systems that do not grant you signatory control. Clients will almost always respect this clear, professional stance.
A certified financial planner specializing in the unique challenges faced by US citizens abroad. Ben's articles provide actionable advice on everything from FBAR and FATCA compliance to retirement planning for expats.
With a Ph.D. in Economics and over 15 years at a Big Four accounting firm, Alistair specializes in demystifying cross-border tax law for independent professionals. He focuses on risk mitigation and long-term financial planning.
Sources
- apps.irs.gov/pub/epostcard/cor/263015634_202303_990_20240...trusted
- bsaefiling.fincen.gov/resources/FBAR_EFILING_FAQ.pdftrusted
- ecfr.gov/current/title-31/subtitle-B/chapter-X/part-1...trusted
- ecfr.gov/current/title-31/subtitle-B/chapter-X/part-1...trusted
- fincen.gov/system/files/shared/FBAR%20Line%20Item%20Fil...trusted
- fincen.gov/report-foreign-bank-and-financial-accountstrusted
- irs.gov/businesses/small-businesses-self-employed/re...trusted
- irs.gov/irm/part4/irm_04-026-011rtrusted
Educational content only. Not legal, tax, or financial advice.
Related Posts
Portugal NHR vs Spain Beckham Law for High-Earning US Expats in 2026
Start with documentation, not tax projections. In the portugal nhr vs spain beckham law decision, the safer first move is to choose the path you can prove from end to end before you optimize for headline outcomes.
How to Fill Out FBAR (FinCEN Form 114) Step by Step
The cleanest way to handle FBAR is to decide whether it applies, then file through the right channel with the right records in hand. Treat it as a separate annual compliance task, not as part of your income tax return process.
How to Respond to a Subpoena for Business Records
Move fast, but do not produce records on instinct. If you need to **respond to a subpoena for business records**, your immediate job is to control deadlines, preserve records, and make any later production defensible.