22.2.1 Customer Identification Program (CIP)
The Customer Identification Program (CIP) is a critical component of the Anti-Money Laundering (AML) framework, mandated by the USA PATRIOT Act. It requires financial institutions, including broker-dealers, to implement procedures to verify the identity of individuals and entities opening accounts. This section provides an in-depth exploration of CIP, discussing its importance, procedures, acceptable identification documents, and verification methods.
Overview of the Customer Identification Program (CIP)
The CIP is designed to prevent money laundering and terrorist financing by ensuring that financial institutions know their customers. It forms part of the broader “Know Your Customer” (KYC) requirements, which aim to identify and verify the identity of account holders. The CIP must be integrated into a financial institution’s AML program and is subject to regulatory oversight.
Key Objectives of CIP
- Verification of Identity: Ensure that the identity of each customer is verified through reliable documentation.
- Risk Assessment: Evaluate the risk associated with each customer to prevent illicit activities.
- Recordkeeping: Maintain accurate records of the information used to verify identities.
- Notification: Inform customers about the CIP requirements and the necessity of providing identification.
Regulatory Framework
The CIP requirements are primarily governed by the USA PATRIOT Act, particularly Section 326, which mandates that financial institutions implement reasonable procedures for verifying the identity of any person opening an account. The Financial Crimes Enforcement Network (FinCEN) and the Securities and Exchange Commission (SEC) provide additional guidance and enforcement.
Procedures for Verifying Customer Identity
The CIP must outline procedures for verifying the identity of customers, which typically include:
Financial institutions must collect the following information from customers:
- Name: The full legal name of the individual or entity.
- Date of Birth: For individuals, the date of birth is required.
- Address: A residential or business street address for individuals, or a principal place of business for entities.
- Identification Number: For U.S. persons, a taxpayer identification number (TIN) is required. For non-U.S. persons, a passport number and country of issuance, or other government-issued document evidencing nationality or residence, is acceptable.
The verification process involves confirming the identity of the customer using documents, non-documentary methods, or a combination of both.
Document Verification
Acceptable documents for verifying identity include:
- For Individuals:
- Government-issued identification such as a driver’s license or passport.
- Social Security card (in conjunction with other documents).
- For Entities:
- Certified articles of incorporation.
- Government-issued business license.
- Partnership agreement or trust instrument.
Non-Documentary Verification
In cases where documents are not available or sufficient, non-documentary methods may be used, such as:
- Contacting the customer.
- Independently verifying the customer’s identity through public databases.
- Checking references with other financial institutions.
3. Risk-Based Approach
CIP procedures should be risk-based, meaning that the level of verification should correspond to the risk level of the customer. High-risk customers, such as those from jurisdictions with weak AML controls, may require enhanced due diligence.
Recordkeeping Requirements
Financial institutions must maintain records of the information obtained and the methods used to verify identity. These records should include:
- Copies of Documents: Copies of any documents relied upon for verification.
- Description of Non-Documentary Methods: A description of the non-documentary methods used.
- Resolution of Discrepancies: Documentation of how any discrepancies in identity verification were resolved.
Customer Notification
Customers must be informed that their identity is being verified. This can be done through written notice or orally, and should include:
- The purpose of the verification.
- The requirement to provide identifying information.
- Assurance of confidentiality and data protection.
Examples of CIP Policies
To illustrate how CIP policies are implemented, consider the following examples:
Example 1: Individual Account Opening
A new customer, John Doe, wishes to open a brokerage account. The broker-dealer collects John’s full name, date of birth, residential address, and Social Security number. John provides his driver’s license as a form of identification. The broker-dealer verifies the information by checking the driver’s license against public records and confirms John’s identity.
Example 2: Corporate Account Opening
XYZ Corporation, a newly formed company, seeks to open a trading account. The broker-dealer collects the company’s name, principal place of business, and taxpayer identification number. The corporation provides its articles of incorporation and a government-issued business license. The broker-dealer verifies the documents and conducts a non-documentary check through a business verification service to confirm the legitimacy of XYZ Corporation.
Common Challenges and Best Practices
Challenges
- Inconsistent Documentation: Customers may provide inconsistent or outdated documents, complicating verification.
- Non-U.S. Customers: Verifying the identity of non-U.S. customers can be challenging due to differences in documentation standards.
- Privacy Concerns: Customers may be hesitant to provide personal information due to privacy concerns.
Best Practices
- Use of Technology: Implement advanced technology solutions such as biometric verification and machine learning for identity verification.
- Training and Awareness: Regularly train staff on CIP procedures and the importance of compliance.
- Continuous Monitoring: Implement ongoing monitoring to detect changes in customer risk profiles.
Compliance and Enforcement
Regulatory bodies such as the SEC and FINRA enforce CIP requirements. Non-compliance can result in penalties, including fines and reputational damage. Regular audits and reviews are essential to ensure adherence to CIP policies.
Conclusion
The Customer Identification Program (CIP) is a fundamental aspect of AML compliance, critical for preventing financial crimes. By understanding and implementing effective CIP procedures, financial institutions can safeguard against money laundering and terrorist financing, ensuring compliance with regulatory requirements.
Series 7 Exam Practice Questions: Customer Identification Program (CIP)
### What is the primary objective of the Customer Identification Program (CIP)?
- [x] To verify the identity of customers opening accounts
- [ ] To assess the creditworthiness of customers
- [ ] To determine the investment goals of customers
- [ ] To evaluate the financial history of customers
> **Explanation:** The primary objective of CIP is to verify the identity of customers opening accounts to prevent money laundering and terrorist financing.
### Which of the following is NOT typically required information for CIP?
- [ ] Name
- [ ] Date of Birth
- [x] Employment History
- [ ] Identification Number
> **Explanation:** Employment history is not typically required for CIP. The required information includes name, date of birth, address, and identification number.
### Which document is acceptable for verifying the identity of a U.S. individual under CIP?
- [ ] Utility Bill
- [ ] Credit Card Statement
- [x] Driver's License
- [ ] Lease Agreement
> **Explanation:** A driver's license is a government-issued identification document acceptable for verifying identity under CIP.
### What is a non-documentary method of verifying customer identity?
- [ ] Checking references with other financial institutions
- [ ] Reviewing a driver's license
- [ ] Examining a passport
- [x] Contacting the customer directly
> **Explanation:** Contacting the customer directly is a non-documentary method of verifying identity, used when documents are insufficient.
### What is a key challenge in implementing CIP for non-U.S. customers?
- [ ] Language Barriers
- [x] Differences in documentation standards
- [ ] Currency Conversion
- [ ] Time Zone Differences
> **Explanation:** A key challenge is the differences in documentation standards, which can complicate the verification process for non-U.S. customers.
### How should discrepancies in identity verification be handled?
- [ ] Ignore them if they are minor
- [x] Document the resolution of discrepancies
- [ ] Report them to law enforcement immediately
- [ ] Ask the customer to provide more funds
> **Explanation:** Discrepancies should be documented with a clear resolution process to ensure compliance with CIP requirements.
### What is the purpose of customer notification in CIP?
- [ ] To inform customers of their account balance
- [ ] To solicit additional business
- [x] To inform customers that their identity is being verified
- [ ] To provide investment advice
> **Explanation:** Customers must be informed that their identity is being verified as part of the CIP process.
### Which regulatory body provides guidance on CIP requirements?
- [ ] Federal Reserve
- [ ] Internal Revenue Service (IRS)
- [x] Financial Crimes Enforcement Network (FinCEN)
- [ ] Department of Labor
> **Explanation:** FinCEN provides guidance on CIP requirements as part of the AML framework.
### What is a best practice for managing privacy concerns in CIP?
- [ ] Avoid collecting sensitive information
- [ ] Use manual verification processes
- [x] Implement data protection measures
- [ ] Share information with third parties
> **Explanation:** Implementing data protection measures is a best practice to manage privacy concerns while complying with CIP requirements.
### What is the consequence of non-compliance with CIP?
- [ ] Increased customer satisfaction
- [ ] Higher interest rates
- [x] Penalties and fines
- [ ] Tax deductions
> **Explanation:** Non-compliance with CIP can result in penalties and fines, as well as reputational damage to the financial institution.