Customer Identification Program (CIP) Implementation
The Customer Identification Program (CIP) was implemented on June 9, 2003, as a provision of the USA Patriot Act (2001) to combat terrorism and aid in anti-money laundering efforts (Modern Treasury; Wikipedia). The Department of the Treasury, through the Financial Crimes Enforcement Network (FinCEN), along with other regulatory agencies, jointly adopted the final rule to implement the CIP requirement (FFIEC).
Legislative Background
The CIP requirement was implemented as a provision of the USA Patriot Act (2001) to enhance the ability of law enforcement to prevent and detect terrorist activity (Wikipedia). The Act was passed in response to the terrorist attacks of September 11, 2001, and aimed to strengthen the nation’s security and financial system against potential threats (Modern Treasury).
Compliance Deadline
US financial institutions were required to comply with the CIP final rule by October 1, 2003 (FFIEC). This deadline provided institutions with ample time to develop and implement the necessary procedures to meet the CIP requirements.
Components of CIP
The CIP must be incorporated into the bank’s Bank Secrecy Act/Anti-money laundering compliance program and include procedures for (FFIEC):
Key Facts
- Start Date: The CIP went into effect on June 9, 2003.
- Purpose: The CIP was implemented to combat terrorism and aid in anti-money laundering efforts.
- Legislative Background: The CIP requirement was implemented as a provision of the USA Patriot Act.
- Regulatory Agencies: The Department of the Treasury, through the Financial Crimes Enforcement Network (FinCEN), along with other regulatory agencies, jointly adopted the final rule to implement the CIP requirement.
- Compliance Deadline: US financial institutions were required to comply with the CIP final rule by October 1, 2003.
- Components of CIP: The CIP must be incorporated into the bank’s Bank Secrecy Act/Anti-money laundering compliance program and include procedures for obtaining identifying information, verifying customer identity, responding to situations where identity cannot be verified, recordkeeping, checking new accounts against government lists, providing customer notice, and relying on other financial institutions.
- Risk-Based Approach: Financial institutions should conduct a risk assessment of their customer base and product offerings to determine the appropriate level of CIP procedures.
- Obtaining identifying information (name, date of birth, address, identification number)
- Verifying customer identity (risk-based procedures)
- Responding to situations where identity cannot be verified (including filing SARs)
- Recordkeeping (maintaining identifying information and verification results)
- Checking new accounts against government lists (if applicable)
- Providing customer notice (informing customers of CIP requirements)
- Relying on other financial institutions (if applicable)
Risk-Based Approach
Financial institutions should conduct a risk assessment of their customer base and product offerings to determine the appropriate level of CIP procedures (FFIEC). This risk-based approach allows institutions to tailor their CIP programs to the specific risks associated with their business activities and customer profiles.
Conclusion
The implementation of the CIP on June 9, 2003, was a significant step in strengthening the financial system against terrorism and money laundering. By requiring financial institutions to verify the identity of their customers, the CIP helps to prevent criminals from using the financial system for illicit activities. The CIP remains an essential component of the Bank Secrecy Act/Anti-money laundering compliance programs of US financial institutions.
References
- Customer Identification Program
- Customer Identification Program
- Assessing Compliance with BSA Regulatory Requirements – Customer Identification Program
FAQs
When did the CIP start?
The CIP went into effect on June 9, 2003.
Why was the CIP implemented?
The CIP was implemented to combat terrorism and aid in anti-money laundering efforts.
What is the purpose of the CIP?
The CIP helps prevent criminals from using the financial system for illicit activities by requiring financial institutions to verify the identity of their customers.
Who is required to comply with the CIP?
All US financial institutions are required to comply with the CIP.
What are the key components of the CIP?
The key components of the CIP include obtaining identifying information, verifying customer identity, responding to situations where identity cannot be verified, recordkeeping, checking new accounts against government lists, providing customer notice, and relying on other financial institutions (if applicable).
What is a risk-based approach to CIP?
A risk-based approach to CIP allows financial institutions to tailor their CIP programs to the specific risks associated with their business activities and customer profiles.
What are the consequences of not complying with the CIP?
Financial institutions that do not comply with the CIP may be subject to penalties and enforcement actions.
How can financial institutions ensure compliance with the CIP?
Financial institutions can ensure compliance with the CIP by developing and implementing a written CIP program, conducting risk assessments, training staff, and regularly monitoring and updating their CIP procedures.