Answer by John Burnett:
It is up to the bank to determine, after doing its risk assessment, whether it wants to impose a 2-document requirement. If your bank determines that 1 primary document is enough, it should be enough for your regulator, unless you are in an area where there are a lot of fake documents circulating.
If that's the case, your risk assessment probably will be the target of criticism.
Answer by Ken Golliher:
John is correct; the choice is yours. However, on page 40 of the supplementary information or preamble to the final regulation, the agencies indicated:
...a bank is encouraged to obtain more than one type of documentary verification to ensure that it has a reasonable belief that it knows the customer’s true identity. Moreover, banks are encouraged to use a variety of methods to verify the identity of a customer, especially when the bank does not have the ability to examine original documents.
My personal opinion is that requiring two forms of documentary verification and at least one form of nondocumentary verification will become the industry's "best practice" standard.
First published on BankersOnline.com 10/6/03