Federal financial regulators have instructed banks to extend procedures for collecting customer identification information to certain holders of prepaid cards.
Under the Patriot Act, banks are required to ask for a customer's name, date of birth and address – as well as an identification number – before letting someone open an account. Institutions must also have procedures in place to verify that information.
The guidance requires banks to consider prepaid card holders as their customers if their card manager uses an account or accounts at the bank to offer functionality typical of a bank account, such as access to credit, overdraft or the ability to reload funds.
"[T]he money laundering and other financial crime risks faced by banks that issue prepaid cards and process prepaid card transactions require the implementation of strong and effective mitigating controls," the five agencies said in a joint guidance Monday. (They are the Federal Reserve Board, the Federal Deposit Insurance Corp., the National Credit Union Administration, the Financial Crimes Enforcement Network and the Office of the Comptroller of the Currency.)
The agencies said in the joint letter that banks and prepaid card companies have already worked to "mitigate" risks with controls like limits on card value and transfers, but "questions have arisen regarding the application of the [customer identification program] rule to prepaid cards issued by banks, including [for those] under arrangements with third-party program managers."
The letter said that third-party card program managers should be treated as agents of the bank for the purposes of the CIP rule, "rather than as the bank's customer." The banks are also required to contractually enforce these requirements with third-party card companies.