Click to return to BOL home page
Banker Store Read A Reg Vendor Connect Career Connect Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads Background Checks BOL Conferences CrimeDex FREE Briefings Banker Tools

   

















    Site Map

    Our Sponsors

    Home


Print Friendly! Email This Article! Discuss NOW!


Proposed Rules on Customer ID Just Issued
by BOL Guru Mary Beth Guard

The wait is over! The Treasury Department has just announced the release of proposed rules under Section 326 of the USA PATRIOT Act to deal with standards for customer identification and verification. The rules were developed jointly by regulators for banks and trust companies, savings associations, credit unions, securities brokers and dealers, mutual funds, futures commission merchants, and futures introducing brokers. Interested parties will have 45 days from publication in the Federal Register to submit written comments.

The purpose of the rules is to require financial institutions to implement reasonable procedures for:
  • verifying the identity of any person seeking to open an account, to the extent reasonable and practicable;
  • maintaining records of the information used to verify the person’s identity and;
  • determining whether the person appears on any list of known or suspected terrorists or terrorist organizations.
The proposed rules (and the accompanying explanatory material) are quite detailed and lengthy, so crank up the printer, get out your reading glasses and a highlighter, and settle in for a good long read.

The rule would apply in connection with opening an "account" or adding a signatory to an account. They propose to define the term account to mean "each formal banking or business relationship established to provide ongoing services, dealings, or other financial transactions. For example, a deposit account, a transaction or asset account and a credit account or other extension of credit would each constitute an account."

Under the proposed rules, financial institutions would:
  • be required to establish programs specifying procedures for obtaining identifying information from customers seeking to open new accounts. This would include the customer’s name, address, date of birth and an identification number (for U.S. persons, a social security number and for non-U.S. persons, a similar number from a government-issued document). Customers with signature authority over business accounts would furnish substantially similar information.
  • be required to include in their customer identification program procedures to verify the identity of customers within a reasonable period of time. The proposed rules contemplate that financial institutions will generally use the same forms of identity verification that are already in place, such as examining driver’s licenses, passports, credit reports, and other similar means.

Specifics
It is perhaps not surprising that the most detailed requirements relate to the identification of non-U.S. persons. The proposed rule contains fairly specific guidance about what is acceptable identification for such persons, with less specific guidance for U.S. persons: In terms of specifics:
    What you must obtain:
  • Each institution's program must, at a minimum, require the following information to be obtained prior to opening or adding a signatory to an account:
    • Name
    • Date of birth (for individuals)
    • Residence (for individuals), as well as a mailing address, if that is different from the residence address
    • Principal place of business and, if different, mailing address (for persons other than individuals, such as corporations, partnerships, and trusts.)
    • a Taxpayer ID number (for U.S. persons), or one or more of the following (for non-U.S. persons): a U.S. taxpayer identification number; passport number and country of issuance; alien ID card number; or number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard.
      There is an exception that allows an institution to open or add a signatory to an account for an entity such as a corporation that has applied for, but not yet received, an E.I.N., but in order for the exception to apply, the financial institution must obtain a copy of the application for the EIN and the institution must obtain the EIN within a reasonable time period after it opens or adds a signatory to the account.
  • An institution must adopt risk-based procedures for verifying the elements of customer identification.
  • If the institution has previously verified an existing customer's identity in accordance with these procedures and continues to have a reasonable belief that it knows the true identity of the customer it is not required to verify the customer's identity again in connection with a new account.

    Two categories of standards for verification of identity:
  • There are two categories of standards for verification of identity: verification through documents and non-documentary verification methods.
  • Your program must have procedures that describe l) when you will verify identity through documents and 2) what documents you will use for this purpose. The proposal offers two examples of documents that may be included:
    1. On individuals, you may want to use government-issued identification that evidences nationality or residence and bears a photograph or similar safeguard. It must be unexpired.
    2. For non-individuals, you may want to use documents showing the existence of the entity, such as registered articles of incorporation, a government-issued business license, partnership agreement, or trust instrument.
  • Your program must also contain procedures that
    1. describe non-documentary methods you will use to verify identity
    2. describe when these methods will be used in addition to, or instead of, relying on documents.
    3. address the following four situations
      • where an individual is unable to present an unexpired government-issued ID document that has a photo or similar safeguard
      • where the financial institution is not familiar with the documents presented;
      • where the account is not opened in a face-to-face transaction; and
      • where the type of account increases the risk that the bank will not be able to verify the true identity of the customer through documents.

Suggestions for other verification methods:
Suggestions are provided for other verification methods. The suggestions include:
  • contacting a customer
  • independently verifying documentary information through credit bureaus, public databases, or other sources
  • checking references with other financial institutions
  • obtaining a financial statement.
When You Are Unable to Verify Identity
You will also need procedures for dealing with circumstances where you are unable to form a reasonable belief that you know the true identity of a customer.

Record Retention Requirements
You must maintain a record of all information obtained to verify identity, including a copy of any document relied upon to establish identity. The copy needs to be clear enough to show the type of document and any identification number it may contain. You also must keep records of the methods and results of any measures undertaken to verify the identity of a customer through non-documentary verification methods. Plus, if there is a discrepancy in the identifying information obtained, you must keep records on the resolution of the discrepancy.

The record retention for these records runs for five years after the date the account is closed.

Checking the Lists
Of note is the fact the proposed rules would also require your program to include procedures for determining whether the customer appears "on any list of known or suspected terrorists or terrorist organizations provided to the bank by any federal government agency." [This wouldn't necessarily mean the OFAC list, since it contains information on drug traffickers and other non-terrorists, but that isn't really of consequence because you have to check the OFAC list anyway, due to the OFAC regulations.

Related News
In related news, the Treasury Department and Social Security Administration also announced today an agreement to develop and implement a system by which financial institutions may access a database to verify the authenticity of Social Security Numbers provided by customers at account opening. Details are still being worked out. We'll keep you posted as more information is available.

Links
Proposed rule for banks, savings associations and credit unions {Note: If that link (from Treasury's site) doesn't work for you, try this one.

FinCEN Proposed Rule for Credit Unions, Private Banks and Trust Companies) That do not Have a Federal Functional Regulator

Broker-Dealer Proposed Rule

USCFTC Proposed Rule

Mutual Fund Proposed rule

Treasury Department Press Release

First published on BankersOnline.com 07/17/02


Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives    Privacy Policy    Important Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.