According to provisions of the USA Patriot Act
, all financial institutions must verify the identity of individuals wishing to conduct financial transactions. The law was implemented by regulations in 2003 which require financial institutions to develop a Customer Identification Program
(CIP) appropriate to the size and type of its business. The CIP must be incorporated into the bank's Bank Secrecy Act
compliance program, which is subject to approval by the financial institution's board of directors.
The CIP is intended to enable the bank to form a reasonable belief that it knows the true identity of each customer. The CIP must include new account opening procedures that specify the identifying information that will be obtained from each customer. It must also include reasonable and practical risk-based procedures for verifying the identity of each customer. Financial institutions should conduct a risk assessment of their customer base and product offerings, and in determining the risks, consider:
- The types of accounts offered
- The methods of opening accounts.
- The types of identifying information available
- The institution's size, location, and customer base
31 CFR 103.121 - Federal regulations requiring the CIP.
FDIC Guidance Letter
Guidance information for banks provided by the FFIEC
Restricted Party Screening (RPS) for international Shippments