Skip to Content

Proposed Rule

Customer Identification Programs for Financial Institutions

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

Departmental Offices, Treasury.

ACTION:

Notice of inquiry.

SUMMARY:

The Department of the Treasury seeks additional comments from all interested persons on two discrete issues relating to final regulations issued recently pursuant to section 326 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001: Whether and under what circumstances financial institutions should be required to retain photocopies of identification documents relied on to verify customer identity; and, whether there are situations when the regulations should preclude reliance on certain forms of foreign government-issued identification to verify customer identity.

DATES:

Written comments may be submitted on or before July 31, 2003.

ADDRESSES:

Commenters are strongly encouraged to submit comments by accessing the following Department of the Treasury Internet site: http://regcomments.treasury.gov.

Comments may also be sent by electronic mail as follows: Electronic mail comments relating to the recordkeeping requirement (as described in section II(A) below), should be sent to recordkeeping@regcomments.treasury.gov with the caption in the body of the text, “Section 326 Notice of Inquiry: Recordkeeping.” Electronic mail comments relating to documentary verification of identity (as described in section II(B) below) should be sent to identification@regcomments.treasury.gov with the caption in the body of the text, “Section 326 Notice of Inquiry: Identification.” Commenters are requested to distinguish between the two issues and submit comments to the appropriate e-mail address.

Comments also may be submitted by paper mail (preferably an original plus three copies). For comments relating to the recordkeeping requirement (as described in section II(A) below), paper mail comments should be sent to: 326 Recordkeeping Comments, U.S. Department of the Treasury, Office of the General Counsel, 1500 Pennsylvania Avenue, NW., Washington, DC 20220-0002.

For comments relating to documentary verification of identity (as described in section II(B) below), paper mail comments should be sent to: 326 Identification Comments, U.S. Department of the Treasury, Office of the General Counsel, 1500 Pennsylvania Avenue, NW., Washington, DC 20220-0002.

Please send comments by one method only. Commenters should not include materials or information in comments that they do not wish to be made available to the public. Comments may be inspected at the Department of the Treasury between 10 a.m. and 4 p.m. beginning approximately July 11, 2003. Persons wishing to inspect the comments submitted must request an appointment by telephoning (202) 622-0990 (not a toll-free number).

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Office of the General Counsel at (202) 622-1927.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

I. Background

On October 26, 2001, the President signed into law the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT Start Printed Page 39040ACT) Act of 2001 (Pub. L. 107-56) (the Act). Title III of the Act made a number of amendments to the anti-money laundering provisions of the Bank Secrecy Act (BSA), which are codified in subchapter II of chapter 53 of title 31, United States Code.[1] These amendments are intended to promote the prevention, detection, and prosecution of money laundering and the financing of terrorism.

Section 326 of the Act added a new subsection (l) to 31 U.S.C. 5318 of the BSA that requires the Secretary of the Treasury (Secretary) to prescribe regulations “setting forth the minimum standards for financial institutions and their customers regarding the identity of the customer that shall apply in connection with the opening of an account at a financial institution.” For any financial institution engaged in financial activities described in section 4(k) of the Bank Holding Company Act of 1956 (section 4(k) institutions), the Secretary is required to prescribe the regulations issued under section 326 jointly with the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, the Office of Thrift Supervision, the National Credit Union Administration, the Securities and Exchange Commission, and the Commodity Futures Trading Commission (collectively, the federal functional regulators).

Section 326 of the Act provides that the regulations must require, at a minimum, financial institutions to implement reasonable procedures for (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. In prescribing these regulations, section 326 of the Act directs the Secretary to take into consideration the various types of accounts maintained by various types of financial institutions, the various methods of opening accounts, and the various types of identifying information available.

On May 9, 2003, the Department of the Treasury (Treasury), through the Financial Crimes Enforcement Network (FinCEN), together with the federal functional regulators, published final rules implementing section 326.[2] These regulations require Federally regulated banks, securities broker-dealers, mutual funds, and futures commission merchants and introducing brokers to establish reasonable procedures for the identification and verification of new accountholders. Although separate rules were issued for the various types of financial institutions, the substantive requirements of the rules are intended to be the same.

The final rules require financial institutions to develop a customer identification program (“CIP”) that includes risk-based procedures for verifying the identity of each customer to the extent reasonable and practicable. Among other things, the CIP must enable the financial institution to form a reasonable belief that it knows the true identity of the customer. Financial institutions must develop their CIP to minimize the relevant risks, including those presented by the types of accounts maintained by the institution, the various methods of opening accounts, the types of identifying information available, as well as the financial institution's size, location, and type of business or customer base.

The rules implementing section 326 became effective on June 9, 2003, although financial institutions have until October 1, 2003 to come into compliance.

II. Request for Comments

The CIP implemented pursuant to the section 326 final rules will form an integral part of a financial institution's efforts to detect and prevent money laundering and the financing of terrorism. Moreover, the information collected and maintained by financial institutions is designed to provide an effective audit trail should an investigation be conducted. Since publishing the final regulations, concerns have been raised about two provisions relating to recordkeeping and the acceptance of certain forms of identification. As a result of these concerns, and as part of Treasury's continuing efforts to ensure that BSA regulations strike the appropriate balance between the burdens imposed on the financial system and the prevention of money laundering and the financing of terrorism, Treasury seeks additional input on the two provisions.

A. Recordkeeping Requirement

The final rules implementing section 326 permit financial institutions to verify customer identity through both documentary and non-documentary means. In proposed rules issued in July of 2002, Treasury and the federal functional regulators included a new requirement that, when a financial institution relies on a document—such as an identification card—to verify identity, the financial institution must make and maintain a photocopy of that document.[3] Virtually all of the substantial number of comments relating to this provision were critical of the requirement.[4] In light of these comments and the terms of section 326 of the Act, Treasury and the federal functional regulators eliminated the photocopy requirement in the final rule, instead requiring financial institutions to make and maintain a record of the description of any document upon which the financial institution relies to verify customer identity. The description must include the type of document, any identification number contained in the document, the place of issuance, and, if any, the date of issuance and expiration date. While financial institutions are not required to maintain photocopies of identification documents relied upon in all cases, Treasury has noted publicly that, so long as it is consistent with any applicable laws, financial institutions may want to retain a photocopy of identification documents in instances where risk factors are present.

Treasury seeks additional comment on whether and under what circumstances financial institutions should be required to make and maintain photocopies of identification Start Printed Page 39041documents used to verify the identity of customers. In particular:

1. Should the regulations require financial institutions to make and maintain a photocopy of identification documents upon which the financial institution relies to verify identity in all cases?

2. Should the regulations identify specific instances in which photocopies of documents relied upon must be made and maintained?

3. Should the regulations provide guidance to financial institutions concerning risk factors indicating when photocopying identification documents relied upon may be appropriate?

The views of law enforcement, the industry, and others are sought, even if such views have been expressed previously in connection with the proposed rulemakings. This inquiry focuses on the recordkeeping requirements when a financial institution relies on documents to verify identity.

B. Documentary Verification of the Identity of Foreign Individuals

Under the risk-based approach of both the proposed and final rules, to the extent documents are used, financial institutions are given some discretion to determine which documentary forms of identification may be used to verify the identity of foreign individuals who seek to open an account. First, the final rules require financial institutions to obtain an identification number from all customers. For a non-U.S. person, an institution must obtain one or more of the following: a taxpayer identification number (social security number, individual taxpayer identification number, or employer identification number); passport number and country of issuance; alien identification card number; or number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard. Noting the absence of a uniform, standard identification number that non-U.S. persons could provide to financial institutions,[5] Treasury and the federal functional regulators permitted financial institutions to choose among a variety of identification numbers that it may accept from a non-U.S. person, provided that the identifying information the institution accepts must permit the institution to form a reasonable belief that it knows the true identity of the customer.

Second, financial institutions must set forth the types of documentary identification that they will accept to verify identity. Financial institutions are encouraged to use multiple forms of identification to minimize risks. The final rules provide an illustrative list of identification documents that may be used. For an individual, these may include an unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard, such as a driver's license or passport.

Treasury and the federal functional regulators emphasized that the final rules neither endorsed nor prohibited a financial institution's acceptance of particular types of identification documents issued by foreign governments. Instead, a financial institution must decide for itself, based upon consideration of the appropriate risk factors, whether the information presented by a customer is reliable.

Ensuring the appropriate identification of all persons opening accounts at financial institutions, including non-U.S. citizens, is a significant goal of the final regulations. Therefore, Treasury seeks additional comment on whether there are situations in which the regulations should preclude reliance on certain forms of foreign government-issued identification to verify customer identity. The regulations presently rely on financial institutions to determine which forms of foreign-issued identification to accept and under what circumstances, in light of the risks associated with each form of identification.

1. Should the regulations preclude financial institutions' reliance on certain forms of identification issued by certain foreign governments?

2. Should the regulations require financial institutions to obtain a passport number from all customers who are non-U.S. citizens?

a. What are the anticipated effects on non-U.S. citizens in the United States who are not required to have a passport?

b. What are the anticipated effects on non-U.S. citizens who open accounts from abroad, and thus are not required to have a passport?

3. Is there sufficient empirical information to enable Treasury to assess the utility of the various forms of foreign-issued identification for purposes of accurately identifying the holder?

4. What would the impact be on the use of the conventional financial system if financial institutions were prohibited from accepting certain forms of government-issued identification?

The views of law enforcement, the industry, and others are sought, even if such views have been expressed previously in connection with the proposed rulemakings.

The purpose of this Notice of Inquiry is to solicit further comment on the two issues outlined above and to enhance the administrative record. Only after considering all comments received in response to this notice of inquiry will Treasury determine whether to discuss with the federal functional regulators if it would be appropriate to jointly propose amendments to the final rules published on May 9, 2003, through a notice of proposed rulemaking. Financial institutions covered by the final rules are reminded of their obligation to be in compliance with the final rules by October 1, 2003.

III. Procedural Requirements

This document has been reviewed by the Office of Management and Budget as a significant regulatory action under Executive Order 12866.

Start Signature

Dated: June 25, 2003.

David D. Aufhauser,

General Counsel.

End Signature End Supplemental Information

Footnotes

1.  Regulations implementing the BSA appear at 31 CFR part 103. The authority of the Secretary of the Treasury to administer the BSA and its implementing regulations has been delegated to the Director of the Financial Crimes Enforcement Network (FinCEN).

Back to Citation

2.  See 68 FR 25089-25162. In addition to the joint rules, FinCEN also issued separately a rule applicable to various state-chartered banks lacking a federal functional regulator.

Back to Citation

3.  See, e.g., 67 FR 48290, 48299 (proposed section 103.121(b)(3)(B)).

Back to Citation

4.  Commenters raised several arguments against the photocopy requirement, including: (1) The difficulty and burden of storing and retrieving copies of documents; (2) the fact that many kinds of identification documents, particularly some new driver's licenses, have security features that prevent them from being copied legibly; (3) the difficulty of safeguarding copies, which could facilitate identity theft; (4) the fact that this requirement would substantially deviate from current banking practice and would violate certain state laws; (5) the difficulty for banks offering credit card accounts through retailers, which require the customer to provide identifying documents at the point of sale, in complying with such a requirement, especially given the reduced risks of money-laundering and the financing of terrorism through retail store credit cards; and (6) the potential for claims of unlawful discrimination, especially since the banking regulators have discouraged the practice of retaining photocopies when extending credit.

Back to Citation

5.  Treasury previously issued a report to Congress discussing the absence of a single identification number for non-U.S. persons. See Treasury Department, “A Report to Congress in Accordance with Section 326(b) of the USA PATRIOT Act,” October 21, 2002.

Back to Citation

[FR Doc. 03-16562 Filed 6-30-03; 8:45 am]

BILLING CODE 4810-25-P