CIP Implementation Deadline
by Mary Beth Guard, BOL Guru
Each financial institution will be required to adopt and implement a Customer Identification Program. The big questions are "when?" and "what must the program include?". At this point, we have the legislation and only the proposed rules. So, where does that leave us?
As we noted in a Compliance Briefing a few weeks ago, John Byrne with ABA had been told by Treasury that although the rules would be issued in late October, compliance with them would not be immediately mandatory. In at least one thread on Bankers' Threads, users expressed skepticism about whether that could really be the case. Today, ABA has confirmed that it has been asked by several bank agencies and the Treasury Department to alert its members that the implementation date for Section 326 (Account Opening Verification) will NOT be October 26, 2002 but a "reasonable" period of time to be determined shortly. We are passing on that alert to BOL users.
One question some bankers have posed is whether Treasury has the authority to provide such a delay. I believe it does. The statute merely does four things:
- l) It requires the Treasury to prescribe regulations setting forth the minimum standards for financial institutions and their customers regarding the identity of the customer that shall apply in connection with the opening of an account at a financial institution;
- 2) it describes minimum requirements that the regulation must include;
- 3) It requires the Treasury, in prescribing the regulations, to take into consideration the various types of accounts maintained by various types of financial institutions, the various methods of opening accounts, and the various types of identifying information available, and it gives Treasury and the bank regulatory agencies the authority to exempt any financial institution or type of account from the requirements; and
- 4) it specifies that the final regulations must take effect before October 26, 2002.
Some bankers have read the language regarding the mandatory effective date as meaning the Treasury has no choice -- the regs must be effective October 26, 2002, and therefore all financial institutions must be in compliance by that date. Those are really two different things, however: l) the effective date for the regulations; versus 2) the mandatory compliance deadline. There are many recent examples of instances where the regulatory agencies have adopted final regulations and made them effective as of a particular date, but have provided a later deadline for mandatory compliance. The HOEPA-related changes to Reg Z's Section 226.32 were handled that way, for example.
The bottom line is to just hang in there. In just over two weeks, we'll have the final regulations and we'll know exactly what we'll be required to do -- and by when we will have to do it.
Want to see for yourself exactly what the PATRIOT Act says about the issue? Here's a tip to find it fast. You'll use this link to access the PATRIOT Act. Once you're there, click on the binoculars in the Adobe Acrobat toolbar. Type in Sec. 326 in the dialog box that comes up. [Be sure to use the abbrevation, Sec. 326] It will search for any instance where that appears. Then click the second set of binoculars (the one to the right of the first set) to keep searching. It will take you right down to the Section 326 part of the Act. MUCH better than scrolling!
Copyright, 2002, Bankers Online. First published on BankersOnline.com 10/10/02.
First published on 10/10/2002