Regulators on Friday issued an order exempting banks from the requirement to collect taxpayer identification numbers, or TINs, directly from customers before opening an account under the Customer Identification Program, or CIP, a joint rule implementing section 326 of the USA Patriot Act.
The new standards were issued by the Federal Deposit Insurance Corp, Financial Crimes Enforcement Network, the Office of the Comptroller of the Currency and the National Credit Union Administration.
"The importance of collecting TIN information from the customer rather than through another method for identification and verification purposes has lessened since regulations implementing section 326 were adopted in 2003," the agencies wrote in a release. "There are, and will be, other available customer identifying attributes that banks may obtain, some of which vary in accuracy and authenticity, that could be used holistically."
Under the new rules banks can now collect customers' taxpayer identification numbers from third-party sources before accounts are opened, as is already the case with credit card accounts. The Patriot Act was enacted in 2001 to strengthen customer verification procedures and prevent the financing of terrorism. In addition to checking identity, banks have to maintain records and confirm whether individuals are on terrorist watch lists. The agencies have some discretion to consider the types of available forms of identification when drafting the regulations.
The change, the agencies say, is meant to simplify the customer verification process.
"Fincen has not identified heightened [money-laundering/terrorism financing] or other illicit finance risk solely relating to the method of collection of TINs," a release
The move follows a March 2024 request for information by Fincen in which the agency considered comments from interested parties. The agency says the results of the comments were mixed, with one bank trade group expressing hesitation with the move.
"Those in support of alternative collection methods commonly referenced the success of the credit card exception and innovation in customer verification methods," the joint release noted. "Several commenters questioned the reliability of third-party sources, with one bank trade association cautioning that the intended purpose of these types of vendors was not true fraud prevention or customer verification."
Use of the exemption would be optional, and banks would still need to maintain risk-based CIP procedures enabling them to "form a reasonable belief" they know their customers' true identities.
Acting Comptroller Rodney Hood said in a statement the rule provides customers and banks benefits without compromising on rooting out financial crime.
"The Order promotes an innovative approach to CIP compliance by supporting greater use and acceptance of online or mobile banking activities and allowing banks to leverage the use of online identity verification services that were neither available nor contemplated by regulators when this rule was adopted in 2003," Hood said in a statement. The Order also promotes financial inclusion, allowing greater access to financial products and services by addressing the legitimate concerns of customers who are unwilling to provide their full TIN in an electronic format."
