Answer by Andy Zavoina:
There is no requirement for this. OFAC and any 326 lists for CIP will have stated requirements as do 314(a) checks on existing/past relationships. The last list immediately coming to mind is that of those past due on child support. FBI and others may be advantageous for knowing your customer, but they are not required by law. (Ensure you are not violating an internal policy if you stop.)
Answer by Ken Golliher:
Andy is correct, but this hits an emotional nerve with me, so feel free to discount my response somewhere between 5 and 95 percent. If the vendor is including lists other than OFAC; e.g., the FBI's Most Wanted, I would tell them in terms they would understand to take them out.
As for why, here's a repeat of what I posted here in August of last year, when the control list was still alive and before any of us realized 314(a) would be interpreted as allowing "e-mail searches" of customer lists:
...your vendor is overzealous to the point it may put you in the soup. The civil libertarians' "slippery slope" argument against requiring banks to search their records for people on the "control list" is that it is an unreasonable search lacking probable cause. They would argue that such a mechanism might be justified by national security, but its danger is that it could easily be expanded to look for people who are not the equivalent of "terrorists" and that the risk of its expansion might outweigh its value as a law enforcement tool. Your vendor has just proven that the argument is not ridiculous.
If you get a "hit" on the control list and report it, the Patriot Act regulations are designed to protect you -- it is a disclosure you are required by federal law to make and, thus, an exception to the RFPA.
However, if you get a hit on someone with the same name as an alleged ax murderer in Kansas and you report it, your best justification is that it was a voluntary SAR. It's a thin argument that I would not want to be stuck with just because a vendor's employee decided to enhance the data. I would tell them to take it out.
As of today, there is a Richard Goldberg on the FBI's most wanted list. He's a pedophile. (No one wants to know what I think should be done to pedophiles.) In our local phone book there are two Richard Goldbergs. Which one do you think it is, the one on Third Street or the one on Arapaho Road? Maybe it's the Richard Goldberg who opened an account with you this morning. Maybe it is not.
I've dealt with banks who have gotten "hits" of this kind and they are simply in no man's land as for what is an appropriate response.
I can't control the government's decisions except by voting, but heaven help me if I can't control a vendor.
First published on BankersOnline.com 10/6/03