The CIP helps prevent these customers from laundering money and financing terrorism. The CIP is implemented as part of the USA Patriot Act and is a requirement under the Bank Secrecy Act (BSA) to help financial institutions prevent fraud.
History of the Customer Identification Program
After the terrorist attacks of Sept. 11, 2001, the U.S. Congress determined that requiring banks to verify the identities of their customers would help combat terrorism and aid in anti-money laundering efforts. The CIP went into effect on June 9, 2003.
How Does the Customer Identification Program Work?
The purpose of the Customer Identification Program is to prevent customers from using financial transactions to commit fraud. As such, banks must ensure that customers tell the truth about who they are when they open new accounts.
The CIP has minimum requirements for banks to follow when onboarding new clients. These requirements differ, depending on the organization’s size and location. For example, large banks that offer a wide variety of products and services will have different requirements than small, local community banks.
Although financial institutions develop their own CIPs, they have to follow six general regulations under the BSA:
1. Clear, comprehensive written procedures: Financial institutions must create a well-written and clear customer identification program outlining its procedures and practices in detail. They must also clearly indicate the conditions individuals must meet before they can become customers.
2. Collect customer information: Financial institutions must collect a minimum of four pieces of identifying information from every consumer: name, date of birth, address, and taxpayer identification number, i.e., a Social Security number for a U.S. citizen. For a non-U.S. citizen, the financial institution can collect a tax ID number or the number from any other government-issued document and the country where it was issued. A corporation or other legal business entity may need to provide additional information, including the address of its headquarters, employer identification number, certified articles of incorporation, and government-issued business license.
3. Procedures to verify identity: A financial institution should create reasonable, practical, risk-based procedures to verify each customer’s identity – procedures that provide the FI with a reasonable belief it knows the customer’s true identity.
4. Recordkeeping requirements: Every financial institution must keep a record of all the information it collects on a customer for at least five years after a customer closes an account.
5. Comparison with government lists: Financial institutions must check that potential customers aren’t included on any government terrorist list by comparing the names of potential customers to the names on these lists.
6. Customer notice: Financial institutions must give adequate notice that they are requesting information to verify potential customers’ identities.
Compliance refers to the regulations, laws, and guidelines governing businesses and financial institutions.
- 1What is SOC 2?
- 2What is Section 314(b)?
- 3Financial Crimes Enforcement Network (FinCEN)
- 4Customer Due Diligence
- 5Customer Identification Program
- 6What is Section 314(a)?
- 7Suspicious Activity Report
- 8Politically Exposed Person
- 9Specially Designated Nationals
- 10What is a Currency Transaction Report?
- 11What is OFAC?
- 12What is the Bank Secrecy Act (BSA)?
- 13What is PCI DSS Certification?
- 14What is AML Compliance?
- 15Office of the Comptroller of the Currency (OCC)
- 16What is the Electronic Fund Transfer Act?
- 17Personal Identifiable Information (PII)
- 18Compliance Risk Management
- 19What is Know Your Customer (KYC)?
- 20Know Your Business (KYB)
Subscribe to Journal updates
Discover product features and get primers on the payments industry.