Acceptable Forms of Customer ID for CIP Purposes
By Scott Birrenkott
While there have been no changes to Customer Identification Program (CIP) requirements, WBA legal is frequently asked: what forms of identification are acceptable for purposes of verifying a customer’s identity? The short answer is that it depends on bank policy. Meaning that theoretically, any form of ID could potentially be used to verify a customer’s identity, and meet CIP requirements.
In order to understand why, it helps to start with the basics of CIP. As part of compliance with Bank Secrecy Act (BSA) regulatory requirements, banks must have a written CIP policy. The more specific components are that a CIP policy must include risk-based procedures to verify the identity of each customer at account-opening. At a minimum, each program must obtain the name, date of birth, address, and identification number from each customer. This information must be verified, using documentary, non-documentary, or a combination of both methods, depending on bank’s procedures.
When relying upon documentary methods to verify a customer’s identity, a bank’s policy must specify which documents to obtain. Similarly, if procedures permit non-documentary methods, a bank’s procedures must specify which methods to use. A bank need not establish the accuracy of every element of identifying information obtained, but it must verify enough information to form a reasonable belief that it knows the true identity of the customer. For most customers who are individuals, banks typically review an unexpired government-issued form of identification evidencing a customer’s nationality or residence and bearing a photograph or similar safeguard. Non-documentary methods may include contacting a customer, or otherwise independently verifying the customer’s identity through other sources.
BSA requirements don’t get much more specific than that. Meaning, they don’t specify which forms of identification can or cannot be used. After all, banks can use documentary or non-documentary methods. A non-documentary method, for example, being the fact that a customer might be a neighbor of yours. Whether a bank can verify a customer’s identity based on the fact that they are an employee’s neighbor isn’t addressed by BSA directly – it’s addressed by bank policy. The same applies to documentary methods. Meaning, all forms of verification depend on bank policy, and thus which forms of identification are acceptable for CIP purposes fully depends on each bank’s CIP policy.
As described previously, perhaps the most common form of verification is a driver’s license. However, that’s not the only acceptable form of identification. Any form of identification which meets the considerations above and, ultimately, bank’s CIP policy is potentially an acceptable form of identification. In consideration of this, banks may encounter unique forms of identification. In addition to a state-issued driver’s license or other state-issued ID card, some examples include a passport or alien ID card. There are also a variety of forms issued by the United States Citizenship and Immigration Services. For example, the U.S. Department of Homeland Security may provide certain records to refugees or asylees, who may also possess identification documents through the United States Citizenship and Immigration Services. These, and other forms of identification may be acceptable for CIP purposes if bank policy permits. Lastly, don’t forget the possibility of non-documentary methods. The types of verification a bank uses will be tailored to its risk considerations and, likely, its customer base. For example, if a bank serves a community with an Amish population, it may encounter customers who don’t have any form of physical identification at all. In these situations, and others, consider what bank policy requires in order to properly identify and verify customers.
Birrenkott is the WBA director – legal
