On our old website, we had customers print off the application for internet banking and bring/mail it in. On the new website, enrollment will be completely on-line. What should our due diligence be to help prevent a fraudulent application?

Ask them one or two questions that only your customer would actually know.

You should be cross refrencing their application to what is on file on your core. For example, their SS, name, DOB, and other items- they also need to know their account numbers, and security questions if you set that up at the time of account opening. any differences should be investigated before access is granted.