On January 8, 2004, the OCC issued a bulletin announcing that
a “Frequently Asked Questions” publication had been
produced for guidance regarding the Customer Identification Program
rule. We have reprinted the first half of the FAC here, and will
reprint the rest of the publication in the next issue of the Community
Bankers’ Advisor.
FREQUENTLY ASKED QUESTIONS:
Final Customer Identification Program Rule
(Reprint of OCC 2004-3 Attachment)
[Various government Agencies] are issuing these frequently asked
questions (“FAQs”) regarding the application of 31 C.F.R.
§ 103.121. This joint regulation implements section 326 of
the USA PATRIOT Act and requires banks, savings associations, credit
unions and certain non-federally regulated banks (“bank”)
to have a Customer Identification Program (“CIP”). (Section
326 of the Act adds a new subsection (1) to 31 U.S.C. § 5318
of the Bank Secrecy Act (“BSA”)).
While the purpose of the FAQs document is to provide interpretive
guidance with respect to the CIP rule, the Agencies recognize that
this document does not answer every question that may arise in connection
with the rule. The Agencies encourage banks to use the basic principles
set forth in the CIP rule, as articulated in these answers, to address
variations on these questions that may arise, and expect banks to
design their own programs in accordance with the nature of their
business.
The Agencies wish to emphasize that a bank’s CIP must include
risk-based procedures for verifying the identity of each customer
to the extent reasonable and practicable. It is critical that each
bank develop procedures to account for all relevant risks including
those presented by the types of accounts maintained by the bank,
the various methods of opening accounts provided, the type of identifying
information available, and the bank’s size, location, and
type of business or customer base. Thus, specific minimum requirements
in the rule, such as the four basic types of information to be obtained
from each customer, should be supplemented by risk-based
|
|
verification procedures,
where appropriate, to ensure that the bank has a reasonable belief
that it knows each customer’s identity.
The Agencies note that the CIP, while important, is only one part
of a bank’s BSA/AML compliance program. Adequate implementation
of a CIP, standing alone, will not be sufficient to meet a bank’s
other obligations under the BSA, regulations promulgated by its primary
Federal regulator, such as Suspicious Activity Reporting requirements,
or regulations promulgated by the Office of Foreign Assets Control.
Finally, these FAQs have been designed to help banks comply with the
requirements of the CIP rule. They do not address the applicability
of any other Federal or state laws.
31 C.F.R. §103.121(a)(1)
Definition of “account”
1. The CIP rule applies to a “customer,” which
is generally “a person that opens a new account.” (Emphasis
added.) At what point does the CIP rule apply when the account is
a loan? When is the account opened?
“Customer” does not include a person who does not receive
banking services, such as a person whose loan application is denied.
See 68 FR 25090, 25093 (May 9, 2003). Therefore, when the account
is a loan, the account is opened when the bank enters into an enforceable
agreement to provide a loan to the customer.
2. Are loan participations purchased from third parties and
loans purchased from a car dealer or mortgage broker within the exclusion
from the definition of “account” for loans acquired through
an acquisition, merger, purchase of assets, or assumption of liabilities?
Yes, this exclusion is intended to cover loan participations purchased
from third parties and loans purchased from a car dealer or mortgage
broker. If, however, the bank is extending credit to the borrower
using a car dealer or mortgage broker as its agent, then it must ensure
that the dealer or broker is performing the bank's CIP.
|