Trying to lay my hands on the reference for statute/regulation from the Patriot Act that says we have to verify address. Irate professor is on his way to the bank.

I'm not sure why people get so upset with banks on this. Tell him to talk to his congressman.

Section 326.
SEC. 326. VERIFICATION OF IDENTIFICATION.
https://www.gpo.gov/fdsys/pkg/BILLS-107hr3162enr/pdf/BILLS-107hr3162enr.pdf

Professors like to parse words. Here's the regulation that interprets part 326 of the statute. It says you must obtain the address and verify it.

have the cashier's check with his outstanding balance available for him when he arrives with his irateness, let him take his ire elsewhere

Compliance officers (and former compliance officers) also like to parse words, especially words in regulations.

The regulation (cited by Ken, above) does require that the financial institution obtain the new customer's name, identifying number (TIN for U.S. persons), a business or residential street address, and, for individuals, their date of birth. the regulation then requires the FI to verify the identity of the customer, using the three or four bits of information I just listed, using documents, non-documentary methods, or a combination of documentary and non-documentary methods. It also says "The procedures must enable the bank to form a reasonable belief that it knows the true identity of each customer." It does not say that each of the three or four elements of information received from the customer must individually be verified. It says that you take the information, run a procedure against it, and decide whether you know the customer's true identity.

However, if you cannot verify each of those elements of information, how can you say you have verified the customer's identity sufficiently to form a reasonable belief that you know his/her/its true identity?

The address is the least reliable of the three bits of information for verification of identity, because it's the one piece of information that can change. That said, you must obtain it and you have to at least reconcile the address provided by the customer with some document or non-documentary source. Reconciliation of the address may require that you get additional documentation if the customer has recently relocated to the address the customer provided. In fact, you may (if your policy permits) accept the street address of a friend or family member if the customer doesn't have a permanent street address or is serving in the military overseas. And there is an exception for individuals who have legitimate reasons to conceal their actual street address (victims of domestic abuse, for example), who have a bona fide alternative mailing address under state-sponsored protective programs.

I've satisfied my urge to nitpick. We will now return to our regular programming.