Agencies Issue Exemption Order to Customer Identification Program Requirements

WASHINGTON—The Federal Deposit Insurance Corporation, the Office of Comptroller of the Currency, and the National Credit Union Administration (collectively, “agencies”), with the concurrence of the Financial Crimes Enforcement Network, today issued an order granting an exemption from a requirement of the Customer Identification Program (CIP) Rule implementing Section 326 of the USA PATRIOT Act. The CIP Rule requires a bank or credit union to obtain taxpayer identification number (TIN) information from its customer before opening an account, and the exemption permits a bank or credit union to use an alternative collection method to obtain TIN information from a third-party rather than from the customer. 

The order applies to accounts at all entities supervised by the agencies. Since the CIP Rule was issued initially in 2003, there has been a significant evolution in the ways consumers access financial services, along with a rise in reported customer reluctance to provide their full TIN due, in part, to data breaches and identity theft concerns. Accordingly, this exemption provides flexibility to those entities supervised by the agencies that must comply with the CIP Rule. The exemption does not change the underlying requirement for banks and credit unions to have risk-based CIP procedures that enable them to form a reasonable belief they know the true identity of each customer.