A customer is calling (and frankly wanting to argue) what authority do banks have in asking for a person's Social Security Number as a sencondary form of ID, when verifying their identity over the phone.

I believe bank's have the authority from the Bank Secrecy Act and knowing our customer to make sure we verify that the person on the phone is our customer.

What are you'alls thoughts...

BOL User

Look to 31 CFR 103.34(a). Changes to the BSA statutes brought about by the USA PATRIOT Act require us to obtain the customer's TIN.

Since we've got it, and it's often readily available on account inquiry screens, we should be able to use it to identify the telephone customer.

Thanks for the info Bart...

The bank has the responsibility of verifying the customer's identity over the phone and knowing the customer, but I don't believe the SSN is mandated. Anything you can think of could be used, ranging from mother's maiden name, to date and amount of last deposit, to a prearranged password. It should be something that only the customer should know and quite frankly, SSN isn't all that reliable as an identity thief could obtain that information easily.

If your system allows it, for this customer perhaps you could arrange a password and note it on their accounts. Then anyone who happens to take the call would see that unless they give this password, no information is to be given over the phone. It would appease the customer and show them that your bank does take the privacy issue seriously.

Thanks Susan for your great help...

PS...I like your disclaimer...Very cool...

While we're on the subject...
Where is it required that we obtain a SSN/TIN for loan customers? It looks like 31 CFR 103.34 covers deposit accounts only. Is there another place to look?

Proposed PATRIOT Act, section .121(b)(2)(i)(A), based on information I received at a seminar back in October.

I agree that we have authority from the US Gov, Dept of Treasury with the BSA Regulations

Still just proposed though right? Nothing I can hang my hat on? I have a COO that only wants to check loans once a year for missing TIN and I need some backup to do it more often. We have the tools, just need to get something in black and white.

If the borrower is an individual and the loan is secured by real estate, IRS regulations require you to obtain an SSN for 1098 reporting purposes.

Final CIP regs have not been published - last credible estimate I heard was that they would be out in January.