KYC vs. CIP

Please correct me if I am wrong here-there never were any regulations requiring a KYC policy were there? I thought it was just "strongly recommended".

Most of what we have in our KYC policy would be repeated in our CIP. Does anyone see anything wrong in dropping the KYC policy and replace it with the CIP? If we keep both, I am afraid they will be redundant.

The KYC regulations were withdrawn. Their spirit remained behind in the minds of the regulators, but they recoined it as "enhanced due diligence."

There are varying interpretations, but mine is that KYC required both customer identification and customer monitoring. CIP clearly takes the place of the identification requirements, but it does not require monitoring after the account is opened. Nevertheless monitoring is an essential part of any anti-money laundering program.

My suggestion is that you use the current "labels" in your anti - money laundering program, one section called "customer identification program" and another called "customer monitoring."

BSA/AML/EDD/CIP - That would be the suite of policies.

Bank Secrecy Act, Anti-Money Laundering, Enhanced Due Dilligence, Customer Identification Program.

Now here's the good part - next time a vendor calls to sell you something for your "Know Your Customer" program, you will know that that vendor is not in touch with current events!

Thanx Ken, and great job on the seminar yesterday!

As part of our CIP program and KYC(now EDD) goes we have worksheets that new accounts staff complete which basically allow us to "probe" for answers needed regarding source of funds, source of wealth, expected transactions; in other words all the details pertaining to Enhanced Due Diligence issues. Since the final CIP rules have been distributed I'm struggling with "where" we should file these records since the CIP issues can easily be retained on the signature cards themselves. The sig cards we have do not have the space to indicate this addtional info. Will examiners want to review this additional EDD related data? How are others handling this? Is there a guide for Enhanced Due Diligence (where is it specifically in the regs)? Thanks.

I can think of two choices with variations on procedure:

1. Make a "Customer Profile" file for each of those accounts and file the paperwork in those. You can either keep this by branch or file them in a central processing location.

2. Scan or input the answers into electronic format and store them in a secure network folder, perhaps either by customer name, account number, or portfolio/relationship number.

We have made a New Account Scoring Form, that the customer service reps fill out when a new customer opens and account. There is a box to check if ChexSystems was run and if not, why. Also space for their ID (type and number), what they are opening the account with (cash, wire, payroll check, official check, direct deposit, etc), and whether at they were at their address or job for more than a year. These answers are listed under a low risk or high risk heading. If high risk, a branch manager OK is required to open the account. There is also space to note verification of address and employment through phone book and phone calls.

These are scanned into our optical storage, with the hard copy run by my desk to check for any usual situations.

Thanks for the responses-