WASHINGTON-While credit union trade associations expressed their support for the overall goals of the proposed regulation implementing the USA PATRIOT Act, CUNA and NAFCU suggested that some of its provisions were overly burdensome and that the compliance deadline should be moved back. The interagency PATRIOT Act regulation requires that financial institutions, including credit unions, implement procedures to verify the identity of a consumer opening an account; file the verification information employed; and determine if the person is on a list of known or suspected terrorists. The PATRIOT Act requires that final rules be in place by Oct. 25. While NAFCU supports the customer identification program (CIP) in the proposal to prevent fraudulent use of identifying information, NAFCU President and CEO Fred Becker said that board approval is not necessary for the CIP; the board should just ensure the credit unions' commitment to compliance and let senior management handle the details. CUNA suggested that the CIP only require financial institutions to get either mailing address or principal place of business, not both as required by the proposal. Additionally, CUNA Associate General Counsel Mary Dunn recommended a `safe harbor' provision for credit unions that meet the minimum requirements in the reg. Both groups were also concerned about the record retention requirements in the rule, but offered different solutions. CUNA suggested that the financial institutions keep a list of the information used to identify a member, as well as a two-year retention period of the records. Becker on the other hand recommended that records should be kept five years from the time the account was opened rather than when it was closed. "NAFCU believes this retention period is excessive and will create a significant burden for many federal credit unions due to the volume of paper this requirement will generate," the letter read. "Even if a federal credit union utilizes alternative methods to the storage of paper records, these methods would require significant amounts of computer memory, optical files, magnetic tape or other similar resources. Also, retention of documents for this length of time could require member service centers from around the world to send copies to a central location for an expensive process of imaging and storing the information. NAFCU believes the requirement will impose major changes in the operating procedures at significant expense for a federal credit union of any size." CUNA and NAFCU also expressed concern over the October 25 compliance date included in the statute when the regulation has not even been finalized. Dunn suggested a 12-month waiting period for full compliance. Additional clarification of the consumer notification of the necessary information was a common theme in both letters as well. While both groups supported the information institutions would be required to collect, CUNA requested further guidance on accounts opened online, while NAFCU asked that the regulators provide some sort of media outlet, such as a public service announcement or pamphlet, to explain the data collection to the consumers. Additional recommendations in CUNA's official comment letter included: * using the term `credit union' in the final rule; * specifying one location for all federal government agency lists or providing a list of the several lists institutions have to check; and * notation of some conflicting state laws. Dunn also has requested a meeting with Office of Foreign Assets Control's (OFAC's) Compliance Programs Division Chief Dennis Wood to facilitate compliance with OFAC requirements. Special Circumstances The Association of Corporate Credit Unions (ACCU) pointed to the unique circumstances of a corporate credit union regarding compliance with the PATRIOT Act regulations. First, the rule defines `account' as "each formal banking or business relationship established to provide ongoing services, dealings, or other financial transactions," the letter quoted. ACCU requested clarification of how corporates should be treated since they deal with numerous wire transfers for natural person credit unions not included in the definition. Also, corporates require a separate definition of `customer' because their customers could include each natural person credit union member plus all the employees listed as signatories of corporate accounts and "may change as often as 100 times each year in a single credit union," ACCU's letter read. The organization recommended that corporates be allowed to rely on their member credit unions' identity verification procedures in these instances. [email protected]