Federal Deposit
Insurance Corporation

Federal Deposit Insurance Corporation
550 17th Street, N.W.
Washington, DC 20429

RE: Comment Regarding Proposed Rules - Section 326 USA Patriot Act of 2001

Dear Sirs:

    I am writing to comment on the proposed rules with regard to implementing Section 326 of the USA Patriot Act regarding the establishment of a Customer Identification Program.  I am employed as a compliance consultant to community banks in the east Tennessee and north Georgia area.  In my work, I am responsible for assisting banks in developing policies and procedures, training, and audits with regard to the Bank Secrecy Act and similar issues concerning anti-money laundering programs, Know Your Customer principles, and OFAC procedures. 

    A predominate compliant from my bank clients is that laws that are written unclearly are often interpreted by banks and regulatory agencies differently and applied unevenly in the industry.  Overall, I believe that there are issues with in the proposed rules that deserve more clarity so that there is a consistent understanding within the industry, both by banks and regulatory agencies. My specific suggestions as follows.

    Section 103.121(b)(2)(ii)(B) Non-Documentary Verification.  The proposed rules state that the Program must contain procedures that describe non-documentary methods the bank will use to verify identity and when these methods will be used in addition to, or instead of, relying on documents.   Does the sentence fragment 'in addition to' mean that there is a requirement or will there be an expectation by the regulatory agencies to go beyond verifying through documents, or only when the institution is unable to verify through documents?  Or, is the bank able to choose not to go beyond the Verification Through Documents procedures if the bank sufficiently knows its customer.

    Section 103.121(b)(3) Recordkeeping.   Under the proposal, a bank is required maintain a record of the identifying information provided by the customer and where a bank relies upon a document to verify identity, the bank must obtain a copy of the document that the bank relied on that clearly evidences the type of document and any identifying information it may contain (which would bear a photograph).  The proposed rule goes on to say that the collection and retention of information about a customer such as an individual's race or sex, as an ancillary part of colleting identifying information do not relieve a bank from its obligation to comply with anti-discrimination laws or regulations, such as the prohibition in the Equal Credit Opportunity Act (ECOA) against discrimination.  There is an obvious inconsistency with the proposed rule and Section 202.5 of the ECOA that forbids a creditor from recording this information except for certain home loans. Yet, the proposed rule merely addresses this issue with, basically, a homily regarding the Treasury's and Agencies emphasis on the collection and retention of the information.   For instance, consider the incongruence when a loan officer requires, obtains and makes a copy of a driver's license for the bank's records in accordance with the proposed rule, and then follows ECOA's prescriptions of requesting the same information but advising that it is for government monitoring of discrimination and is not required for approval of the loan. I do not believe that the proposed rule addresses the practical application of the one law that requires the making and retaining copies of documents bearing a photograph and another law that prohibits it.   Further, it has been my experience that examiners criticize banks for making copies of driver's license for deposit accounts in the off-chance that that same customer may make a credit application and the bank therefore has inadvertently gathered prohibited information; many banks would have made this a standard practice to mitigate against fraud long ago except for the criticism levied against the practice by federal examiners.   I suggest that there is a safe harbor against liability for banks that gather and retain Section 202.5 information, as it is required now under the proposed rules pursuant to Section 326 of the USA Patriot Act.  Otherwise, I suggest a detailed explanation on how the two regulations may be specifically reconciled under real-world application (rather than by a vague or indistinct statement of expectations).

    Section 103.121(b)(5) Customer Notice.   The bank must provide adequate notice in that it may post a sign, or provide customers with any other form of written or oral notice.  To create consistency, I recommend that the regulation provides the language for 'adequate notice' as the regulatory agencies have done under the Home Mortgage Disclosure Act, the Community Reinvestment Act, the Fair Housing Act, and other law requiems notification to the customer.

    Lastly, Section 103.121(b)(1) General Rule.  The proposed rule requires the Customer Identification Program to be written and approved by the bank's board of directors or a committee of the board.  It states that it must be incorporated into a banks anti-money laundering  or BSA program.   As a practical matter for existing bank operations, the proposals will have the effect of amending all the Know Your Customer polices that the industry has adopted.   I suggest that the proposed rule also clarifies that the written Customer Identification Program may also be approved by the board, or committee thereof, through its Know Your Customer policies, practices, and framework.

Sincerely,
Patrick T. Hubbs, CRCM, CBCO
497 Brookhaven Drive
Chattanooga, TN 37343