Federal Deposit
Insurance Corporation

Office of the Comptroller of the Currency - regs.comments@occ.treas.gov

Federal Reserve Board - regs.comments@federalreserve.gov

Federal Deposit Insurance Company - comments@FDIC.gov

Securities and Exchange Commission - rulecomments@sec.gov

Treasury - regcomments@fincen.treas.gov

RE: Bank Secrecy Act, Customer Identification Program Proposal
Attention: OCC: Docket No. 02-11
Federal Reserve: Docket No. R-1127
FDIC - Executive Secretary: Comments/OES
SEC: File No. S7-25-02
FinCEN: Section 326 Bank/Broker-Dealer Rule Comments

Ladies and Gentlemen:

Financial Institutions, Inc., a bank/financial holding company, provides support services for the following financial service companies:

1. Wyoming County Bank (WCB): WCB is a community bank with assets of $580 million. They are regulated by the FDIC and have 14 branch offices. WCB has approximately 67,000 accounts serving 26,468 households and not more than 100 customers are non-resident aliens.
2. The National Bank of Geneva (NBG): NBG is a community bank with assets of $588 million. They are regulated by the OCC and have 8 branch offices. NBG has approximately 68,000 accounts serving 24,180 households and not more 100 customers are non-resident aliens.
3. The Pavilion State Bank (PSB): PSB is a community bank with assets of $184 million. They are regulated by the FDIC and have 6 branch offices. PSB has approximately 29,000 accounts serving 13,199 households and not more than 100 customers are non-resident aliens. 4. First Tier Bank & Trust (FTB): FTB is a community bank with assets of $189 million. They are regulated by the Federal Reserve and have 5 branch offices. FTB has approximately 19,000 accounts serving 8,564 households and not more than 400 customers are non-resident aliens.
5. Bath National Bank (BNB): BNB is a community bank with assets of $405 million. They are regulated by the OCC and have 10 branch offices. BNB has approximately 48,000 accounts serving 18,548 households and not more than 100 customers are non-resident aliens.
6. The FI Group Inc. (FIGI): A broker/dealer firm, FIGI's revenues in 2001 were $1.4 million. FIGI has approximately 21,000 accounts of which approximately 17,000 accounts are held by persons who also have an account at a subsidiary bank. FIGI does not open accounts for non-U.S. persons.

All of these companies are located in Western and Central New York State.

On behalf of Financial Institutions, Inc. (FII) and subsidiary financial services companies, we respectfully submit the following remarks in response to the regulators' request for comments to the Customer Identification Program (CIP) proposals published July 23, 2002 in the Federal Register:

1. Immediately after this comment period ends, announce that compliance with the final regulations will not be mandatory until October 25, 2003.

Generally, we only currently obtain, document and verify identification via a government issued identification document bearing a photograph from a single signer on each consumer deposit account we open. We do not conduct this process for commercial or not-for-profit deposit account signers, consumer, commercial or not-for-profit loan accounts, trust accounts, safe deposit box customers, or minors, among others. If the final regulation scope does not significantly change from the proposal, the new requirements will have a major impact on our organizations. We will need extra time to evaluate the final regulation as compared to our current processes, finalize a written program, present the program to our boards for their evaluation and final approval, identify retention processes, develop and conduct training and evaluate, purchase, install, and implement electronic consumer reports and electronic OFAC services in most departments of our organization.

2. Include a definition of "Verification" and within the definition specify that document authentication is not a CIP requirement. Also, include a safe harbor provision in the regulation to protect us from lawsuits when we follow our risk-based procedures and yet a fraudulent account is opened.

In an effort to prohibit and actively prevent money laundering and any activity that facilitates money laundering or the funding of terrorist or criminal activities, our companies are committed to complying with the requirements of the final regulation and subsequent interagency guidelines and/or examination procedures, while attempting to carry out our mission to provide financial services to the members of our local communities. We are subject to examination by our federal functional regulator who will, with experience, be in a position to evaluate our compliance to the CIP verification "reasonable and practicable" standards. With this in mind, we are of the opinion that the government should demonstrate that they recognize that the financial services industry cannot be held responsible for authenticating all possible forms of government issued identification.

3. The definition of U.S. Person should match the definition of U.S. Person (including resident aliens) established by IRS Form W-9, Request for Taxpayer Identification Number and Certification. Likewise, a non-U.S. Person would be defined as a person who is not entitled to certify their TIN on Form W-9 but who would instead certify their foreign status on a W-8 series form.

The definition of U.S. Person in the proposal does not take into consideration non-resident aliens whereas IRS Form W-9 does. Therefore, it could be interpreted that the current definition implies that we are responsible to verify citizenship status. It is noted that all departments within our company currently use Form W-9 and Form W-8BEN and W-8ECI (for foreign status persons).

4. An exemption from the requirements of the CIP with respect to verifying the identities of authorized signers for customers who are entitled to have an exemption from currency transaction reporting (CTR) under the Phase I rules as presented in 31 CFR 103.22(d)(2)(i)(ii)(iii)(iv) and (v) should be incorporated into the final CIP. We request that such an exemption be allowed without additional recordkeeping requirements on our part other than fraud control identification verification processes that we believe are necessary.

Banks, government agencies, whether federal, state or local, and listed corporations and their subsidiaries are regulated entities that are adequately controlled through appropriate means.

5. For existing and/or known customers, institutions should be free to decide how verification will be handled in all cases even if that means that document verification is not conducted.

There is no need for us to subject our existing and/or known customers to the verification standards of the proposal unless we identify a reason to conduct such a process. As we work within the community bank/company business model, our companies serve our local communities and many of our customers are personally known to us.

6. The Recordkeeping requirement to photocopy documents should be modified. In the case of an individual presenting an unexpired government-issued identification document, we are requesting that the regulation allow us to make a written record of the document's issuer and serial number, or other such control identifiers, for long-term storage.

The additional processes/procedures necessary to photocopy an individual's identifying documentation is one of the more costly, burdensome requirements of the regulation, as it requires extra time, hardware, software and systems to implement. In addition, Section 326 of the U.S.A. Patriot Act (PL 107-56) does not mandate that copies of the actual document be retained, only that the information used to verify be retained.

7. Model language for the Customer Notice requirements of Section 103.121(b)(5) should be provided in the final CIP.

There will be customer resistance to the identification requirements, particularly from commercial customers and individuals serving not-for-profit organizations. The more consistently the identification requirements are communicated to the public and the more obvious it is that all banks and broker/dealers are obligated by law to comply with them, the more readily they will be accepted as a routine part of opening an account. Also, no purpose is served by leaving specific wording of the notice to individual institutions. However, it should be permissible for us to add additional information to any model language that might be provided.

We appreciate your consideration of these matters that directly affect the efficient, competitive operation of our companies. If you have any questions regarding any matter addressed in this communication, please do not hesitate to contact Deirdre Weatherbee, our Corporate Compliance Officer.

Sincerely,

Peter G. Humphrey, Chairman, President & CEO, Financial Institutions, Inc.; CEO, The
Pavilion State Bank

Jon J. Cooper, President & CEO, Wyoming County Bank

Thomas L. Kime, President & CEO, The National Bank of Geneva

Randolph C. Brown, President & CEO, First Tier Bank & Trust

Douglas L. McCabe, President & CEO, Bath National Bank

David L. MacIntyre, President, The FI Group, Inc.