Federal Deposit
Insurance Corporation

FinCEN
Section 326 Bank Rule Comments
P.O. Box 39
Vienna, VA 22183

Dear Sir or Madam:

In response to the notice of proposed rulemaking published in the July 23, 2002 Federal Register, the New York Bankers Association is submitting these comments on the customer identification programs for banks and other depository institutions to implement Section 326 of the USA PATRIOT Act. Our Association is comprised of the community, regional and money center commercial banks of New York State which have aggregate assets in excess of $1 trillion and which employ more than 220,000 persons within the State.

The proposed regulations are intended to fulfill the requirements of Section 326 that the Treasury Department and financial regulators adopt rules that, at a minimum: 1) require financial institutions to implement reasonable procedures to verify the identity of any person seeking to open an account, to the extent reasonable and practicable; 2) maintain records of the information used to verify the person's identity; and 3) determine whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency.

Our Association strongly supports the fight against terrorism and all reasonable efforts to identify assets or accounts used by terrorists to support their activities. New York banks have been vigilant in searching for accounts that may be held in the name of terrorists and terrorist organizations identified to date by the government and are firmly committed to cooperate in all efforts to eliminate the use of the banking system in terrorist acts. However, we believe the proposed regulations can be significantly improved to better balance the need to identify customers establishing relationships with banking institutions with legitimate expectations of privacy that bank customers have in their accounts.

Our comments follow the order of the proposed regulation. At the outset, however, there are several comments we wish to highlight. First, compliance with any regulation finally adopted by October 25, 2002 will be extremely difficult. We strongly urge that the effective date of the final regulation be extended for at least a year. Second, we urge that the agencies provide additional definitions and examples for "customer" and "account." Third, we strongly urge that the requirement that depository institutions copy and maintain copies of documents used to verify identities be replaced with a less onerous record-keeping requirement. And, finally, we suggest that the agencies adopt a standard form notice that would permit depository institutions to inform their customers of the requirement for identity verification.

Sec. 103.121 (a) Definitions
(1) Account. The proposal defines an account as a "formal banking or business relationship established to provide ongoing services, dealings or other financial transactions." We would suggest that the definition of account be further clarified through the use of additional examples and by the statement that an isolated, occasional transaction does not constitute an account. Our Association also urges that Treasury clarify whether other relationships such as sales of travelers' checks, sales of stored value cards, leasing of safe deposit boxes, etc. fall within or outside the definition of "account."

(3) Customer. The definition of customer includes both parties seeking to open a new account and any signatory on an account at the time it is opened or who is added later to the account. Our Association urges that the definition be clarified to limit the circumstances in which banks must seek verification information for many individuals with no direct contact to the bank. With regard to parties seeking to open a new account, the regulation should clarify that a mere inquiry will be insufficient to trigger the account verification procedures in the regulation. Otherwise, parties who are shopping around for the best terms for an account relationship may be asked to furnish verification information on multiple occasions for a single account, and depository institutions may be burdened with verifying identities for many parties with whom they have no relationship.

For accounts with multiple signatories, we strongly urge that the regulations limit the number of signatories for whom verification of identities must be provided. Large corporations and municipal governments, for example, may have numerous signatories entitled to use particular accounts and the names and identities of these signatories may change with some frequency. We have been informed that some banks have literally pages of signatories for some accounts. In the case of accounts with large numbers of signatories, therefore, where a depositor or other account holder maintains independent records sufficient to verify the identity of signatories to its account, we urge that the regulations be amended to accept certification of that independent verification by the accountholder in lieu of independent verification of every signatory by the depository institution.

(5) Person. It would be helpful to permit banks to clarify the distinction between "U.S. person" and "non-U.S. person", in the case of individuals, through reference to some independently verifiable source of identification, such as the use of the IRS Form W-9, Request for Taxpayer Identification Number and Certification, for a U.S. person and the IRS W-8 series form for those not entitled to certify their taxpayer identification number of Form W-9.

(b) Customer Identification Program. The proposed regulation sets forth the minimum standards necessary for a depository institution to comply with the requirements of the USA PATRIOT Act's Section 326 customer identification and verification program. The proposal is designed to maintain a delicate balance between the need to verify the identity of customers who may be engaged in financing terrorism with the protection of legitimate expectations of privacy in their bank records by the average bank customer. At the same time as banks strongly desire to have in place all of the procedures necessary to ensure that no individuals may use the proceeds of an account relationship to support terrorism, no bank wants to unduly burden the vast bulk of its customers with unnecessary paperwork requirements. The risk-based nature of the proposal, which recognizes that the minimums set forth may need to be exceeded with regard to customers or accounts that may have a greater risk of involvement with money laundering or financing of terrorism - appears designed to maintain this balance.

However, the risk-based system assumes, in most cases, the validity of the documentation presented by customers and potential customers to verify their identities. Our Association is concerned that customers using false or fraudulent identification documents not create potential liability for the depository institution to whom the documents are presented. In the absence of actual knowledge or evidence that documentation is false or fraudulent, therefore, banks that are victimized by fraud in the documentation provided by customers opening accounts should not be subject to penalties for violation of these regulations. Such a safe harbor would be consistent with the risk-based intent behind the verification requirements.

(2) Identity Verification Procedures.
(i) Information required. Some concern has been raised with regard to requiring that banks collect date of birth information on all individual customers. Many bank customers prefer not to share their dates of birth with any institutions with which they do business. Although we recognize the value that date of birth information may have with respect to identifying individuals, we would respectfully request that alternative information be permitted to be used in the case of individuals with a low risk of involvement in money laundering or terrorism financing.
(ii) Verification. The proposal requires banks to verify the identity of existing customers who are opening new accounts if their identities have not previously been verified. We suggest that an exception be provided for long-standing customers for whom there is little or low risk of involvement in money laundering or terrorism financing. Many elderly customers or customers who may have moved since establishing accounts may be inconvenienced by the need to provide verification for their identities. Where these customers have long-established account histories that demonstrate little or no risk of money laundering or terrorist activities, it would seem consistent with the intent of the statute to provide a risk-based exception for verifying their identities. We would respectfully suggest that such an exception be incorporated in the regulation.

(3) Recordkeeping. Our Association strongly opposes the requirement that copies of documents relied on to verify customer identities be maintained. The statute requires that banks maintain a record of the information used to verify identities. Recording driver's license or passport numbers and similar identifying information should be considered adequate minimum compliance with the statute. With regard to certain high-risk customers or accounts, it may be appropriate to keep copies of documents, but, for the average customer or account, copying and storage costs and space requirements militate against maintaining such copies. Moreover, several states limit copies that can be made of driver's licenses. Even in the absence of such state laws, many customers regard the information contained thereon as private and would object to copies being made and maintained at their financial institution. We therefore urge that this provision be eliminated from the regulation, substituting therefor a recordkeeping requirement that would capture the information necessary to identify what documents were used for identity verification.

This provision also requires that records relied on to verify identities be maintained for five years after accounts are closed. We would respectfully suggest that the five-year requirement be reduced to two years. Two years is a recordkeeping period consistent with other Federal regulations, such as Regulation B of the Federal Reserve System, and should provide adequate verification in most cases.

(5) Customer Notice.
The proposal requires that depository institutions develop procedures for providing customers with adequate notice that the institutions are requesting information to verify their identity. We strongly urge that the final regulations contain an approved sample notice that banks may use to inform their customers of the requirements of these regulations. Many banks would like to ensure that the notice they provide does not cause customer resentment or misapprehension and would greatly welcome a standard form of notice for that purpose. Because other banks may wish to develop customized notices for their customers, we would suggest that the use of any standard notice developed be optional with each financial institution.

Effective Date.

This regulation will require banks to develop extensive new procedures affecting every office. The procedures are required to be reviewed and approved by boards of directors and will require retraining of all existing new account officers and many other bank officers and employees. Moreover, new systems and procedures for recordkeeping and reporting must be developed and put into effect. This proposal took nine months to be developed. It is anticipated that, after the close of the comment period, it will be at least several additional weeks before final regulations can be released and published. The requirement that banks must comply with the final regulation by October 25, 2002 is therefore a tremendous burden. We would therefore strongly urge that compliance with any regulation finally adopted be deferred until October 25, 2003.

We appreciate the opportunity the Department and the regulators have provided to comment on this proposal. The banking industry of New York strongly supports all reasonable efforts to combat money laundering and financing of terrorism. We believe these regulations go far toward accomplishing those goals and urge that the amendments we suggest be taken into account in developing final regulations.

Sincerely,
Michael P. Smith
New York Bankers Association

cc: Office of the Comptroller of the Currency
250 E Street, SW
Public Information Room, Mailstop 1-5
Washington, DC 20219
Attn: Docket No. 02-11

Board of Governors of the Federal Reserve System
Attn: Secretary - RE: Docket No. R-1127
20th Street and Constitution Avenue, NW
Washington, DC 20551

Federal Deposit Insurance Corporation
550 17th Street, NW
Washington, DC 20429
Attn: Executive Secretary - Comments/OES

Regulation Comments
Chief Counsel's Office
Office of Thrift Supervision
1700 G Street, NW
Washington, DC 20552
Attn: No. 2002-27