Banking Agencies Issue Final CIP Rule Guidance

WASHINGTON-The Financial Crimes Enforcement Network, together with the banking regulators, Treasury, and NCUA, issued an interpretive guidance April 28 on Customer Identification Program Requirements under the USA PATRIOT Act. The guidance was issued in the form of a Frequently Asked Questions document. The agencies stressed that CIPs must include risk-based procedures for verifying the identity of each customer to the extent reasonable and practicable. Each financial institution must develop procedures to account for all relevant risks including those presented by the types of accounts maintained, the various methods of opening accounts provided, the type of identifying information available, and the institution’s size, location, and type of business or customer base. “Thus, specific minimum requirements in the rule, such as the four basic types of information to be obtained from each customer, should be supplemented by risk-based verification procedures, where appropriate, to ensure that the bank has a reasonable belief that it knows each customer’s identity,” the guidance read. The agencies also warned that a CIP alone is not sufficient to meet other Bank Secrecy Act requirements as issued by the institution’s primary regulator, including Suspicious Activity Reporting requirements, or regulations promulgated by the Office of Foreign Assets Control.