Enter Search TextSubmitSearch
Home > News & Events > Financial Institution Letters
Financial Institution Letters
FAQs: Final CIP Rule
The staff of the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation,
Financial Crimes Enforcement Network, National Credit Union Administration, Office of the Comptroller of the
Currency, Office of Thrift Supervision, and the United States Department of the Treasury (“Agencies”) are issuing
these frequently asked questions (“FAQs”) regarding the application of 31 C.F.R. § 103.121. This joint regulation
implements section 326 of the USA PATRIOT Act and requires banks, savings associations, credit unions and
certain non-federally regulated banks (“bank”) to have a Customer Identification Program (“CIP”).
While the purpose of the FAQs document is to provide interpretive guidance with respect to the CIP rule, the
Agencies recognize that this document does not answer every question that may arise in connection with the rule.
The Agencies encourage banks to use the basic principles set forth in the CIP rule, as articulated in these answers,
to address variations on these questions that may arise, and expect banks to design their own programs in
accordance with the nature of their business.
The Agencies wish to emphasize that a bank’s CIP must include risk-based procedures for verifying the identity of
each customer to the extent reasonable and practicable. It is critical that each bank develop procedures to account
for all relevant risks including those presented by the types of accounts maintained by the bank, the various
methods of opening accounts provided, the type of identifying information available, and the bank’s size, location,
and type of business or customer base. Thus, specific minimum requirements in the rule, such as the four basic
types of information to be obtained from each customer, should be supplemented by risk-based verification
procedures, where appropriate, to ensure that the bank has a reasonable belief that it