[Federal Register Volume 68, Number 90 (Friday, May 9, 2003)]
[Rules and Regulations]
[Pages 25149-25162]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 03-11016]


-----------------------------------------------------------------------

COMMODITY FUTURES TRADING COMMISSION

17 CFR Part 42

RIN 3038-AB90

DEPARTMENT OF THE TREASURY

31 CFR Part 103

RIN 1506-AA34


Customer Identification Programs For Futures Commission Merchants 
and Introducing Brokers

AGENCIES: Financial Crimes Enforcement Network, Treasury; Commodity 
Futures Trading Commission.

ACTION: Joint final rule.

-----------------------------------------------------------------------

SUMMARY: The Department of the Treasury, through the Financial Crimes 
Enforcement Network (FinCEN), and the Commodity Futures Trading 
Commission (CFTC) are jointly adopting a final rule to implement 
section 326 of the Uniting and Strengthening America by Providing 
Appropriate Tools Required to Intercept and Obstruct Terrorism (USA 
PATRIOT ACT) Act of 2001. Section 326 requires the Secretary of the 
Treasury to jointly prescribe with the CFTC a rule that, at a minimum, 
requires futures commission merchants and introducing brokers to 
implement reasonable procedures to verify the identity of any person 
seeking to open an account, to the extent reasonable and practicable; 
maintain records of the information used to verify the person's 
identity; and determine whether the person appears on any lists of 
known or suspected terrorists or terrorist organizations provided to 
futures commission merchants or introducing brokers by any government 
agency. This final rule applies to all futures commission merchants and 
introducing brokers, except for futures commission merchants and 
introducing brokers that register with the CFTC solely because they 
effect transactions in security futures products.

DATES: Effective Date: This rule is effective June 9, 2003.
    Compliance Date: Futures commission merchants and introducing 
brokers subject to this final rule must comply with it by October 1, 
2003.

FOR FURTHER INFORMATION CONTACT: Commodity Futures Trading Commission: 
Office of the General Counsel, (202) 418-5120, Commodity Futures 
Trading Commission, 1155 21st Street, NW., Washington, DC 20581; or 
[email protected].
    Treasury: Office of the Chief Counsel (FinCEN), (703) 905-3590; 
Office of the General Counsel (Treasury), (202) 622-1927; or the Office 
of the Assistant General Counsel for Banking & Finance (Treasury), 
(202) 622-0480.

SUPPLEMENTARY INFORMATION: 

I. Background

A. Section 326 of the USA PATRIOT Act

    On October 26, 2001, President Bush signed into law the Uniting and 
Strengthening America by Providing Appropriate Tools Required to 
Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001 
(Act).\1\ Title III of the Act, captioned ``International Money 
Laundering Abatement and Anti-terrorist Financing Act of 2001,'' added 
several new provisions to the Bank Secrecy Act (BSA).\2\ These 
provisions are intended to facilitate the prevention, detection, and 
prosecution of international money laundering and the financing of 
terrorism. Section 326 of the Act added a new subsection (l) to 31 
U.S.C. 5318 of the BSA that requires the Secretary of the Treasury 
(Secretary or Treasury) to prescribe regulations ``setting forth the 
minimum standards for financial institutions and their customers 
regarding the identity of the customer that shall apply in connection 
with the opening of an account at a financial institution.''
---------------------------------------------------------------------------

    \1\ Pub. L. 107-56.
    \2\ 31 U.S.C. 5311 et seq.
---------------------------------------------------------------------------

    Section 326 of the Act applies to all ``financial institutions.'' 
This term is defined broadly in the BSA to encompass a variety of 
entities, including commercial banks, agencies and branches of foreign 
banks in the United States, thrifts, credit unions, private banks, 
trust companies, brokers and dealers in securities, investment 
companies, futures commission merchants (FCMs), introducing brokers 
(IBs),\3\ insurance companies, travel agents, pawnbrokers, dealers in 
precious metals, check-cashers, casinos, and telegraph companies, among 
many others.\4\
---------------------------------------------------------------------------

    \3\ Treasury has clarified that the term ``a broker or dealer in 
securities or commodities'' in the BSA, 31 U.S.C. 5312(a)(2)(H), 
includes IBs within the definition of ``financial institution.'' 67 
FR 48328, 48329 n.2 (July 23, 2002); see also 67 FR 21110, 21111 n.5 
(April 29, 2002).
    \4\ See 31 U.S.C. 5312(a)(2), 5312(c)(1)(A). For any financial 
institution engaged in financial activities described in section 
4(k) of the Bank Holding Company Act of 1956, the Secretary is 
required to prescribe the regulations issued under section 326 of 
the Act jointly with the Office of the Comptroller of the Currency, 
the Board of Governors of the Federal Reserve System, the Federal 
Deposit Insurance Corporation, the Office of Thrift Supervision, and 
the National Credit Union Administration (collectively, the banking 
agencies), the CFTC, and the Securities and Exchange Commission 
(SEC).
---------------------------------------------------------------------------

    The regulations implementing section 326 of the Act must require, 
at a minimum, financial institutions to implement reasonable customer 
identification procedures for: (1) Verifying the identity of any person 
seeking to open an account, to the extent reasonable and practicable; 
(2) maintaining records of the information used to verify the person's 
identity, including name, address, and other identifying information; 
and (3) determining whether the person appears on any lists of known or 
suspected terrorists or terrorist organizations provided to the 
financial institution by any government agency. In prescribing these 
regulations, the Secretary is directed to take into consideration the 
types of accounts maintained by different types of financial 
institutions, the various methods of opening accounts, and the types of 
identifying information that are available.

B. Overview of Comments Received

    On July 23, 2002, Treasury and the CFTC jointly proposed a rule to 
implement section 326 of the Act with respect to FCMs and IBs.\5\ 
Treasury and the CFTC received three comments directed to this 
proposal.\6\ Commenters

[[Page 25150]]

were a registered futures association and two futures industry trade 
associations. Commenters generally supported the proposal but suggested 
a few revisions.
---------------------------------------------------------------------------

    \5\ Customer Identification Programs for FCMs and IBs, 67 FR 
48328 (July 23, 2002) (NPRM). Treasury simultaneously published: (1) 
jointly with the banking agencies, a proposed rule applicable to 
banks (as defined in 31 CFR 103.11(c)) and foreign branches of 
insured banks (67 FR 48290 (July 23, 2002)); (2) a proposed rule 
applicable to credit unions, private banks and trust companies that 
do not have a Federal functional regulator (67 FR 48299 (July 23, 
2002)); (3) jointly with the SEC, a proposed rule applicable to 
broker-dealers (67 FR 48306 (July 23, 2002)); and (4) jointly with 
the SEC, a proposed rule applicable to mutual funds (67 FR 48318 
(July 23, 2002)). Treasury, the CFTC, the SEC, and the banking 
agencies received approximately 500 comments in response to these 
proposed rules. Many of those commenters raised similar issues 
applicable to all the affected sectors of the financial services 
industry.
    \6\ The comment letters are available for public inspection and 
copying in the CFTC's Reading Room, located in Room 4072 at the 
CFTC's principal office at Three Lafayette Centre, 1155 21st Street, 
NW., Washington, DC 20581. The telephone number is (202) 418-5025. 
Comment letters are also available on the CFTC's Internet website at 
http://www.cftc.gov/foia/comment02/foi02--009--1.htm.
---------------------------------------------------------------------------

    One commenter addressed the rule's definition of ``customer,'' 
specifically the definition's inclusion of persons with authority to 
effect transactions in the account. This commenter argued that the 
definition was overly broad and suggested that a risk-based approach be 
adopted instead.
    Two commenters addressed the proposed rule's identity verification 
requirement. One commenter supported the proposed rule's framework for 
when verification would be required of existing customers that open new 
accounts. The other commenter requested clarification as to what would 
be considered a ``new account'' for which verification would be 
necessary. Both commenters suggested that the final rule text include 
the exception discussed in the NPRM for certain non-customer initiated 
transfers of accounts between FCMs.\7\
---------------------------------------------------------------------------

    \7\ See NPRM, 67 FR at 48330.
---------------------------------------------------------------------------

    Two commenters addressed the issue of permissible reliance between 
FCMs and IBs that share an account relationship with respect to the 
performance of customer identification and verification functions. The 
commenters requested clarification regarding the requirement that the 
relied-upon firm provide a certification to the relying firm. They 
suggested that the relied-upon firm be allowed to provide one 
certification that would suffice for all customers for which the two 
financial institutions share an account relationship. The commenters 
also suggested that reliance upon non-U.S. financial institutions, 
particularly affiliates, be permitted as well.
    One commenter addressed the proposed rule's customer notice 
requirement. This commenter suggested that notice should not be 
required of FCMs and IBs, and that if it is required, posting a notice 
on the firm's Internet website should be deemed sufficient for all 
customers.
    Treasury and the CFTC have modified the proposed rule in light of 
these comments. It is the intent of Treasury, the CFTC, the SEC and the 
banking agencies that all the final rules implementing 31 U.S.C. 
5318(l) be substantively identical, which approach was supported by 
commenters from all affected sectors of the financial services 
industry. Accordingly, Treasury and the CFTC also have modified the 
proposed rule for FCMs and IBs to maintain consistency and parallel 
treatment with the final rules imposing customer identification and 
verification requirements upon other financial institutions.\8\ The 
section-by-section analysis that follows discusses the comments and the 
modifications that Treasury and the CFTC have made to the proposed 
rule.
---------------------------------------------------------------------------

    \8\ See supra notes 4 and 5. Treasury and the CFTC believe that 
these changes either clarify or liberalize the scope of the proposed 
rule with respect to FCMs and IBs.
---------------------------------------------------------------------------

C. Codification of the Joint Final Rule

    The joint final rule applies to any person that is registered or 
required to be registered with the CFTC under the Commodity Exchange 
Act (CEA) \9\ as either an FCM or IB, except persons who register as an 
FCM or IB solely for the purpose of effecting any transactions in a 
security futures product (SFP).\10\ The substantive requirements of 
this joint final rule will be codified as part of Treasury's BSA 
regulations located in 31 CFR Part 103.\11\
---------------------------------------------------------------------------

    \9\ 7 U.S.C. 1, et seq.
    \10\ FCMs and IBs that limit their futures business to effecting 
transactions in SFPs may register with the CFTC pursuant to 7 U.S.C. 
6f(a)(2). These persons will be subject to the customer 
identification rule being issued by the SEC with respect to 
securities brokers or dealers.
    \11\ The rule will be codified at 31 CFR 103.123.
---------------------------------------------------------------------------

    As proposed, the CFTC is adding a rule in its own regulations that 
will cross-reference the joint rule in 31 CFR Part 103. Specifically, 
the CFTC is concurrently amending Chapter I of 17 CFR to add a new Part 
42 and adopting a new rule in this Part, Rule 42.2 (Compliance with 
Bank Secrecy Act).\12\ CFTC Rule 42.2 will require each FCM and IB to 
comply with the applicable provisions of the BSA and the implementing 
regulations, including 31 U.S.C. 5318(l) and the implementing 
regulation jointly promulgated by Treasury and the CFTC at 31 CFR 
103.23, requiring customer identification and verification procedures 
as part of the FCM's or IB's anti-money laundering (AML) compliance 
program.
---------------------------------------------------------------------------

    \12\ 17 CFR 42.2.
---------------------------------------------------------------------------

    Final rules governing the applicability of section 326 of the Act 
to certain other financial institutions, including banks, thrifts, 
credit unions, mutual funds and securities broker-dealers, are being 
issued separately. Treasury, the CFTC, the SEC and the banking agencies 
consulted extensively in the development of all joint rules 
implementing section 326 of the Act. These agencies intend the effect 
of the final rules to be uniform throughout the financial services 
industry. Treasury intends to issue separate rules under section 326 of 
the Act for certain non-bank financial institutions that are not 
regulated by one of the Federal functional regulators.

D. Compliance Date

    Many commenters on the other proposed rules \13\ requested that 
financial institutions be given adequate time to develop and implement 
the requirements of any final rule adopted under section 326 of the 
Act. The transition periods suggested by these commenters ranged from 
60 days to two years after the publication of a final rule.
---------------------------------------------------------------------------

    \13\ See supra note 5.
---------------------------------------------------------------------------

    The final rule for FCMs and IBs modifies various aspects of the 
proposed rule and eliminates some of the requirements that commenters 
identified as being most burdensome. Nonetheless, Treasury and the CFTC 
recognize that some FCMs and IBs will need time to develop and 
implement the customer identification program (CIP) required by the 
rule, because doing so may include various measures, such as training 
staff, reprinting forms, and programming automated systems. 
Accordingly, although this rule will be effective 30 days after 
publication, FCMs and IBs will have a transition period to implement 
the rule. FCMs and IBs must fully implement their CIPs under the final 
rule by October 1, 2003.\14\
---------------------------------------------------------------------------

    \14\ The final CIP rules issued by Treasury and the other 
Federal functional regulators also require full implementation by 
October 1, 2003.
---------------------------------------------------------------------------

II. The Joint Final Rule Implementing Sections 326 of the Act

A. Section-by-Section Analysis

Section 103.123(a) Definitions

    Section 103.123(a)(1) Account. The proposed rule defined 
``account'' as any formal business relationship with an FCM, including, 
but not limited to, any relationship established to effect transactions 
in contracts of sale for future delivery, options on contracts of sale 
for future delivery, or options on physicals in any commodity.\15\
---------------------------------------------------------------------------

    \15\ See NPRM, 67 FR at 48337.
---------------------------------------------------------------------------

    The final rule includes certain changes to this definition. First, 
the reference to a ``business relationship'' has been removed from the 
definition of ``account.'' This change has been made to clarify that 
the rule applies to the FCM's provision of financial services,\16\

[[Page 25151]]

as opposed to general business dealings such as those established in 
connection with an FCM's own operations or premises. Second, in order 
to clarify the covered relationships, the final rule refers to 
transactions in ``contracts of sale of a commodity for future delivery, 
options on any contract of sale of a commodity for future delivery, or 
options on a commodity.''
---------------------------------------------------------------------------

    \16\ This term is intended to operate broadly to include all 
financial services provided by an FCM. It would include, for 
example, the provision of any guarantee or clearing services 
provided by an FCM. It would also include an FCM's provision of 
financial services involving any foreign currency futures contract, 
option on any foreign currency futures contract, or option on a 
foreign currency that occurs on an off-exchange basis. See 7 U.S.C. 
2(c)(1)-(2).
---------------------------------------------------------------------------

    Two commenters requested that the final rule codify the ``transfer 
exception'' to the definition of an ``account.'' The NPRM stated that 
transfers of accounts from one FCM to another that are not initiated by 
the customer fall outside the scope of section 326 of the Act,\17\ and 
would not be covered by the proposed rule.\18\ The final rule codifies 
this exception \19\ by excluding from the definition of ``account'' any 
account that an FCM acquires through an acquisition, merger, purchase 
of assets, or assumption of liabilities.\20\
---------------------------------------------------------------------------

    \17\ Section 326 of the Act applies with respect to persons 
seeking to open an account at a financial institution. If a 
financial institution acquires an account through a non-customer 
initiated transaction, such as a transfer due to the insolvency of 
an FCM, the customer is not seeking to open an account with the 
financial institution.
    By the same reasoning, the final rule does not, as one commenter 
requested, expand the ``transfer exception'' to include transfers 
where a customer account follows an associated person who moves from 
one firm to another, because such transfers are, at a minimum, 
undertaken with the acquiescence of the customer. Nonetheless, as 
discussed, infra, while the final rule requires that certain minimum 
customer information be obtained prior to opening an account, 
verification of the customer's identity may be done within a 
reasonable time before or after the account is opened.
    \18\ See NPRM, 67 FR at 48330 (discussion of definition of the 
term ``customer'').
    \19\ Nevertheless, there may be situations involving the 
transfer of accounts where it would be appropriate for an FCM, as 
part of its anti-money laundering compliance program (see, infra, 
note 89 and accompanying text) to verify the identity of customers 
associated with accounts that it acquires from another financial 
institution. For example, it may be appropriate to verify 
transferred account holders if the accounts are coming from a 
financial institution that has failed to establish or maintain a 
CIP. Treasury and the Federal functional regulators expect financial 
institutions to implement reasonable procedures to detect money 
laundering in any account, however acquired.
    \20\ This ``transfer exception'' includes bulk transfers made in 
accordance with CFTC Rule 1.65, 17 CFR 1.65, or as required by the 
CFTC's minimum financial requirements in CFTC Rule 1.17(a)(4), 17 
CFR 1.17(a)(4). This exception would also cover transfers of 
accounts that result when an IB changes its introducing relationship 
from one FCM to another. For customers that open accounts after the 
transfer, however, the IB and the new FCM would need to meet the 
requirements in paragraph (b)(6) (including entering into a contract 
and providing certifications) to the extent they intend to rely on 
each other to undertake CIP requirements with respect to these 
customers.
---------------------------------------------------------------------------

    The final rule also excludes from the definition of ``account'' 
those accounts that are opened for the purpose of participating in an 
employee benefit plan established pursuant to the Employee Retirement 
Income Security Act of 1974. These accounts are less susceptible to 
being used for the financing of terrorism and money laundering because, 
among other reasons, they are funded through payroll deductions in 
connection with employment plans that must comply with Federal 
regulations imposing, among other requirements, low contribution limits 
and strict distribution requirements.
    Section 103.123(a)(2) Commission. The proposed rule defined 
``Commission'' as the United States Commodity Futures Trading 
Commission. There were no comments on the definition, and Treasury and 
the CFTC have adopted it as proposed.
    Section 103.123(a)(3) Commodity. The proposed rule defined 
``commodity'' by reference to Section 1a(4) of the CEA, 7 U.S.C. 1a(4). 
There were no comments on the definition, and Treasury and the CFTC 
have adopted it as proposed.
    Section 103.123(a)(4) Contract of sale. The final rule adds a 
definition of ``contract of sale.'' The term is used in the definition 
of ``account.''\21\ The final rule defines ``contract of sale'' as any 
sale, agreement of sale or agreement to sell as described in Section 
1a(7) of the CEA, 7 U.S.C. 1a(7).
---------------------------------------------------------------------------

    \21\ See final rule, 103.123(a)(1).
---------------------------------------------------------------------------

    Section 103.123(a)(5) Customer. The proposed rule defined 
``customer'' to mean any person who opens a new account with an FCM, 
and any person granted authority to effect transactions in an 
account.\22\ For consistency with the text of section 326 of the Act, 
the final rule defines ``customer'' as ``a person that opens a new 
account.'' Except in the case of minors and informal groups with a 
common interest (e.g., civic clubs), this means that the ``customer'' 
is the person identified as the account holder, or persons in the case 
of a joint account. It does not refer to a person who fills out the 
account opening paperwork or provides information necessary to open an 
account, if such person is not the account holder as well. Thus, an FCM 
or IB is not required to look through a trust or similar account to its 
beneficiaries, and is required only to verify the identity of the named 
account holder.\23\ The final rule provides for similar treatment of 
intermediated accounts.
---------------------------------------------------------------------------

    \22\ See NPRM, 67 FR at 48337.
    \23\ However, as discussed below, under paragraph (b)(2)(ii)(C) 
of the final rule, an FCM or IB, based on its risk-assessment of a 
new account, may need to take additional steps to verify the 
identity of a non-individual, such as obtaining information about 
persons with control over the account. In addition, the due 
diligence procedures required under other provisions of the BSA or 
the futures laws may require FCMs and IBs to look through to owners 
of certain types of accounts.
---------------------------------------------------------------------------

    As stated in the NPRM,\24\ the focus of the CIP with respect to 
intermediated accounts will be the intermediary itself. If the 
intermediary is the account holder, such as in the case of an omnibus 
account, an FCM is not required to look through the intermediary to the 
underlying beneficiaries. Likewise, if the intermediary opens an 
account in the name of a collective investment vehicle, such as 
commodity pools, an FCM or IB is not required to look through the 
collective investment vehicle to the underlying participants.\25\
---------------------------------------------------------------------------

    \24\ See NPRM, 67 FR at 48331.
    \25\ This is not because the FCM or IB is relying upon the 
intermediary to perform its required due diligence. It is because 
under the final rule, FCMs and IBs are required only to verify the 
identity of their customers, and when an intermediary opens an 
account in its own name (or in the name of its collective investment 
vehicle), the intermediary (or collective investment vehicle) is the 
firm's ``customer.''
    By contrast, if an intermediary were to open an account not in 
its own name (or the name of a collective investment vehicle) but in 
the name of its client, then under the final rule the FCM's or IB's 
customer would be the client. In this situation, the FCM or IB may 
indeed seek to rely upon the intermediary for performance of its CIP 
procedures with respect to these shared customers. See discussion 
infra regarding final rule, 103.123(b)(6) (reliance on other 
financial institutions).
---------------------------------------------------------------------------

    After revisiting the ``authorized person'' component of the 
proposed ``customer'' definition, Treasury and the CFTC have determined 
that requiring limited resources to be expended on verifying the 
identities of persons with authority over accounts could interfere with 
an FCM's or IB's ability to focus on customers that present a higher 
risk of not being properly identified. Accordingly, the final rule does 
not include persons with authority to effect transactions in accounts 
within the definition of ``customer.'' Instead, paragraph (b)(2)(ii)(C) 
of the final rule requires FCMs and IBs to address situations where 
they will take additional steps to verify the identity of a customer 
that is not an individual by seeking information about individuals with 
authority or control over the account in order to verify the customer's 
identity.
    The definition of ``customer'' has been revised to clarify the 
treatment of

[[Page 25152]]

accounts for an individual who lacks legal capacity (such as a minor) 
and accounts for an entity that is not a legal person (such as informal 
groups with a common interest, which includes civic clubs).\26\ In the 
case of a minor child or informal group, the ``customer'' for purposes 
of the rule is the individual who undertakes to open the account in the 
name of the minor or group. Generally, this will be the person who 
fills out the account opening paperwork and provides the information 
necessary to open the account in the name of the minor or group.
---------------------------------------------------------------------------

    \26\ See final rule, 103.123(a)(5)(i)(B).
---------------------------------------------------------------------------

    In order to make the rule less burdensome, the final rule excludes 
from the definition of ``customer'' certain readily identifiable 
entities, including: (1) Financial institutions regulated by a Federal 
functional regulator; (2) banks regulated by a state bank regulator; 
and (3) persons described in Sec.  103.22(d)(2)(ii)-(iv), which 
includes entities such as governmental agencies and instrumentalities 
and companies that are publicly traded.\27\ The definition of 
``customer'' also excludes a person who has an existing account, 
provided that the FCM or IB has a reasonable belief that it knows the 
true identity of the person.\28\
---------------------------------------------------------------------------

    \27\ See final rule,103.123(a)(5)(ii)(A)-(B). Section 
103.22(d)(2)(iv) exempts such companies only to the extent of their 
domestic operations. Accordingly, an FCM's or IB's CIP will apply to 
any foreign offices, affiliates, or subsidiaries of such entities 
that open new accounts.
    \28\ The proposed rule provided for similar treatment of 
existing customers, however, it included this exclusion in a 
different paragraph of the rule. Whereas the existing customer 
exclusion appears in the final rule's definition of ``customer,'' 
this exclusion appeared in the proposed rule's paragraph detailing 
the required verification procedures. Compare 103.123(a)(5)(ii) with 
NPRM, 67 FR at 48338 (proposed 103.123(d)).
---------------------------------------------------------------------------

    Finally, the proposed definition of ``customer'' stated that when 
an account is introduced to an FCM by an IB, the person or individual 
opening the account shall be deemed to be a customer of both the FCM 
and the IB. There were no comments on this portion of the definition, 
and Treasury and the CFTC have adopted it as proposed.\29\
---------------------------------------------------------------------------

    \29\ Treasury and the CFTC believe that the revisions made to 
the definition of ``customer'' in the proposed rule address the 
suggestion by one commenter that a risk-based approach be taken to 
determining who is a customer whose identity must be verified.
---------------------------------------------------------------------------

    Section 103.123(a)(6) Federal functional regulator. The final rule 
adds a definition of ``Federal functional regulator.'' The term is used 
in the revised definition of ``customer'' and in a new provision 
allowing FCMs and IBs to rely on certain other financial institutions 
to perform procedures of their CIPs.\30\ The final rule defines 
``Federal functional regulator'' by reference to Sec.  103.120(a)(2).
---------------------------------------------------------------------------

    \30\ See final rule, 103.123(a)(5) and (b)(6), respectively.
---------------------------------------------------------------------------

    Section 103.123(a)(7) Financial institution. The final rule adds a 
definition of ``financial institution.'' The term is used in the 
revised definition of ``customer'' and in a new provision allowing FCMs 
and IBs to rely on certain other financial institutions to perform 
procedures of their CIPs.\31\ This new definition cross-references the 
BSA, 31 U.S.C. 5312(a)(2) and (c)(1). This is a more expansive 
definition of ``financial institution'' than that in 31 CFR 103.11, and 
includes entities such as FCMs.
---------------------------------------------------------------------------

    \31\ Id.
---------------------------------------------------------------------------

    Section 103.123(a)(8) FCM. The proposed rule defined ``FCM'' as any 
person registered or required to be registered as an FCM with the CFTC 
under the CEA, except persons who register pursuant to section 4f(a)(2) 
of the CEA solely to effect transactions in SFPs. There were no 
comments on the definition, and Treasury and the CFTC have adopted it 
as proposed.
    Section 103.123(a)(9) IB. The proposed rule defined ``IB'' as any 
person registered or required to be registered as an IB with the CFTC 
under the CEA, except persons who register pursuant to section 4f(a)(2) 
of the CEA solely to effect transactions in SFPs. There were no 
comments on the definition, and Treasury and the CFTC have adopted it 
as proposed with the addition of a U.S.C. citation for section 4f(a)(2) 
of the CEA, 7 U.S.C. 6f(a)(2).
    Section 103.123(a)(10) Option. The final rule adds a definition of 
``option.'' The term is used in the definition of ``account.'' \32\ The 
final rule defines ``option'' as an agreement, contract or transaction 
described in Section 1a(26) of the CEA, 7 U.S.C. 1a(26).
---------------------------------------------------------------------------

    \32\ See final rule, 103.123(a)(5).
---------------------------------------------------------------------------

    Section 103.12(a)(11) Taxpayer identification number. The proposed 
rule defined ``taxpayer identification number'' (TIN) by reference to 
the provisions of section 6109 of the Internal Revenue Code of 1986 and 
the regulations of the Internal Revenue Service (IRS) promulgated 
thereunder. There were no comments on the definition, and Treasury and 
the CFTC have adopted it substantially as proposed.
    Section 103.123(a)(12) U.S. Person and Sec.  103.123(a)(13) Non-
U.S. person. The proposed rule defined ``U.S. person'' as an individual 
who is a U.S. citizen, or an entity established or organized under the 
laws of a State or the United States.\33\ A ``non-U.S. person'' was 
defined as a person who did not satisfy either of these criteria.\34\
---------------------------------------------------------------------------

    \33\ The proposed rule contained a definition of ``person'' that 
cross-referenced the definition in 31 CFR 103.11(z). See NPRM, 67 FR 
at 48337. Since the final rule is being codified in 31 CFR Part 103, 
it will incorporate the definition in Sec.  103.11(z) without the 
need for a specific cross-reference. Therefore, the definition has 
been removed from the final rule. The definition of ``person'' in 
Sec.  103.11(z) is: ``an individual, a corporation, a partnership, a 
trust or estate, a joint stock company, an association, a syndicate, 
joint venture, or other unincorporated organization or group, an 
Indian tribe (as that term is defined in the Indian Gaming 
Regulatory Act), and all entities cognizable as legal 
personalities.''
    \34\ See NPRM, 67 FR at 48337.
---------------------------------------------------------------------------

    Under these definitions, an FCM or IB will not necessarily need to 
establish whether a potential customer is a U.S. citizen. As described 
in greater detail below, the FCM or IB will have to ask each customer 
for a U.S. TIN (social security number, employer identification number, 
or individual TIN). If a customer cannot provide one, the FCM or IB may 
then obtain an identification number from some other form of 
government-issued document evidencing nationality or residence and 
bearing a photograph or similar safeguard. There were no comments on 
these definitions, and Treasury and the CFTC have adopted them as 
proposed.

Section 103.123(b) Customer Identification Program: Minimum 
Requirements

    Section 103.123(b)(1) In general. Treasury and the CFTC proposed to 
require that each FCM and IB implement a written CIP as part of its AML 
program required under 31 U.S.C. 5318(h),\35\ and that the procedures 
of the CIP enable each FCM and IB to form a reasonable belief that it 
knows the true identity of each customer.\36\ The CIP procedures were 
to be based on the type of identifying information available and on an 
assessment of relevant risk factors, including the FCM's or IB's size, 
location and methods of opening accounts, the types of accounts 
maintained and the types of transactions executed for customers, and 
the FCM's or IB's reliance on another FCM or IB with which it shares an 
account relationship.
---------------------------------------------------------------------------

    \35\ National Futures Association (NFA) Compliance Rule 2-9(c) 
sets forth minimum requirements for these AML programs.
    \36\ See NPRM, 67 FR at 48337-48338.
---------------------------------------------------------------------------

    The NPRM discussed these risk factors and explained that, although 
the rule would require certain minimum identifying information and 
suitable verification methods, FCMs and IBs should consider on an 
ongoing basis

[[Page 25153]]

whether other information or methods are appropriate, particularly as 
they become available in the future.\37\ Commenters generally supported 
the risk-based approach of the proposed CIP requirements.
---------------------------------------------------------------------------

    \37\ See NPRM, 67 FR at 48331.
---------------------------------------------------------------------------

    In the final rule, paragraph (b)(1) continues to set forth the 
general requirement that FCMs and IBs must implement a written CIP as 
part of their required AML programs. It provides that the CIP should be 
appropriate for the FCM's or IB's size and business and that, at a 
minimum, it must contain the requirements set forth in paragraphs 
(b)(1) through (b)(5), which are discussed below. The final rule has 
been re-organized to be structurally consistent with the rules being 
issued by Treasury and the other Federal functional regulators. Thus, 
requirements that had been set forth in paragraphs (c) through (h) in 
the proposed rule are now contained in paragraphs (b)(2) through (b)(5) 
of the final rule to the extent they have been adopted. The rule's 
structure was changed in order to affirm the intent of Treasury and the 
Federal functional regulators that all the CIP rules impose the same 
requirements.
    Finally, the reference to risk factors has been moved to paragraph 
(b)(2) of the final rule, which requires FCMs and IBs to establish 
identity verification procedures. This change was made to clarify that 
the risk factors apply only to the identity verification procedures of 
the CIP, and not to standard requirements, such as procedures for 
providing notice to customers, recordkeeping, or checking government 
lists, which may not vary depending upon the perceived risk.

Section 103.123(b)(2) Identity Verification Procedures

    Treasury and the CFTC proposed to require that the FCMs' and IBs' 
CIPs include procedures for verifying the identity of customers, to the 
extent reasonable and practicable, using information specified in the 
rule, and that such verification occur within a reasonable time before 
or after the customer's account is opened.\38\ On the whole, commenters 
supported these general requirements, although they recommended greater 
use of a risk-based approach.
---------------------------------------------------------------------------

    \38\ See NPRM, 67 FR at 48338.
---------------------------------------------------------------------------

    The final rule continues to strike a balance between flexibility 
and detailed guidance, and Treasury and the CFTC are adopting the 
provisions on identity verification procedures substantially as 
proposed. Under the final rule, an FCM's or IB's CIP must include risk-
based procedures for verifying the identity of each customer to the 
extent reasonable and practicable. Such procedures must enable the FCM 
or IB to form a reasonable belief that it knows the true identity of 
each customer. The procedures must be based on the FCM's or IB's 
assessment of the relevant risks, including those presented by the 
various types of accounts maintained, the various methods of opening 
accounts, the various types of identifying information available, and 
the FCM's or IB's size, location and customer base.

Section 103.123(b)(2)(i) Customer Information Required

    The proposed rule provided that an FCM's or IB's CIP must require 
the firm to obtain certain identifying information about its customers, 
including, at a minimum: (1) Names; (2) dates of birth, for natural 
persons; (3) certain addresses; \39\ and (4) certain identification 
numbers.\40\ The NPRM further stated that in certain circumstances, an 
FCM or IB should obtain additional identifying information, and that 
the CIP should set forth guidelines regarding those circumstances and 
the additional information that should be obtained.\41\
---------------------------------------------------------------------------

    \39\ The proposed rule would have required FCMs and IBs to 
obtain residence and mailing addresses (if different) for a natural 
person, or principal place of business and mailing addresses (if 
different) for a person other than a natural person. See NPRM, 67 FR 
at 48337.
    \40\ The proposed rule would have required FCMs and IBs to 
obtain: (1) for a customer that is a U.S. person, a TIN, or (2) for 
a customer that is not a U.S. person, a TIN, passport number and 
country of issuance, alien identification card number, or number and 
country of issuance of any other government-issued document 
evidencing nationality or residence and bearing a photograph or 
similar safeguard. See NPRM, 67 FR at 48337.
    \41\ See NPRM, 67 FR at 48332.
---------------------------------------------------------------------------

    Treasury and the CFTC are adopting the customer information 
requirements substantially as proposed, with changes to accommodate 
individuals who may not have a physical address. Treasury and the CFTC 
believe that FCMs and IBs, for the most part, already collect the 
information required by the rule,\42\ and that this information not 
only is necessary for the verification process, but also serves an 
important law enforcement function.
---------------------------------------------------------------------------

    \42\ See NPRM, 67 FR at 48335 n.17. See also CFTC Rule 
1.37(a)(1), 17 CFR 1.37(a)(1), which requires FCMs and IBs to 
obtain, among other things, the true name and address of the person 
for whom such account is carried or introduced. Although an FCM or 
IB can utilize the customer information that is obtained and 
verified under the final rule to fulfill this obligation under Rule 
1.37, an FCM or IB still will need to obtain the principal 
occupation or business of its customers as well as the name of any 
other person guaranteeing or exercising trading control with respect 
to its customers' accounts, because these are among the additional 
requirements under CFTC Rule 1.37. Further, FCM and IB members of 
NFA will still need to comply with the additional minimum 
requirements in NFA Compliance Rule 2-30(c) (requires FCM and IB 
members to obtain from customers that are natural persons, at least 
the following: ``(2) The customer's current estimated annual income 
and net worth; (3) the customer's approximate age; and (4) an 
indication of the customer's previous investment and futures trading 
experience'').
---------------------------------------------------------------------------

    Accordingly, prior to opening an account, FCMs and IBs must obtain, 
at a minimum, a customer's (1) Name; (2) date of birth, for an 
individual; (3) address; and (4) identification number.\43\ The address 
must be: (1) For an individual, a residential or business street 
address, or for an individual who does not have a residential or 
business street address, an Army Post Office or Fleet Post Office box 
number, or the residential or business street address of next of kin or 
another contact individual; or (2) for a person other than an 
individual, a principal place of business, local office or other 
physical location.
---------------------------------------------------------------------------

    \43\ Based on an assessment of the relevant risk factors, the 
FCM's or IB's CIP may require a customer to provide additional 
information to enable the firm to form a reasonable belief that it 
knows the customer's true identity.
---------------------------------------------------------------------------

    Treasury and the CFTC are adopting the identification number 
requirement substantially as proposed. For a customer that is a U.S. 
person, the identification number is a TIN (social security number, or 
employer identification number). For a customer that is not a U.S. 
person, the identification number is one or more of the following: a 
TIN, passport number and country of issuance, alien identification card 
number, or number and country of issuance of any other government-
issued document evidencing nationality or residence and bearing a 
photograph or similar safeguard. This provision provides FCMs and IBs 
with some flexibility to choose among a variety of identification 
numbers that they may accept from a non-U.S. person.\44\ However, the 
identifying information the FCM or IB accepts must enable it to form a 
reasonable belief that it knows the true identity of the customer.\45\
---------------------------------------------------------------------------

    \44\ The rule provides this flexibility because there is no 
uniform identification number that non-U.S. persons would be able to 
provide to an FCM or IB. See Treasury Department, ``A Report to 
Congress in Accordance with section 326(b) of the USA PATRIOT Act,'' 
October 21, 2002.
    \45\ Treasury and the CFTC emphasize that the rule neither 
endorses nor prohibits an FCM or IB from accepting information from 
particular types of identification documents issued by foreign 
governments. The FCM or IB must determine, based upon appropriate 
risk factors, including those discussed above, whether the 
information presented by a customer is reliable. Treasury and the 
CFTC recognize that a foreign business or enterprise may not have an 
identification number. Therefore the final rule notes that when 
opening an account for such a customer, the FCM or IB must request 
alternative government-issued documentation certifying the existence 
of the business or enterprise.

---------------------------------------------------------------------------

[[Page 25154]]

    The proposed rule included an exception from the requirement to 
obtain a TIN from a customer opening a new account.\46\ The exception 
would have allowed an FCM or IB to open an account for a customer that 
has applied for, but has not yet received, an employer identification 
number (EIN).\47\ Treasury and the CFTC are adopting an expanded 
version of this exception in the final rule. As proposed, the exception 
was limited to customers that are not natural persons.\48\ On further 
consideration, Treasury and the CFTC have determined that it is 
appropriate to expand the exception to include natural persons who have 
applied for, but have not received, a TIN. Treasury and the CFTC also 
have modified the exception to reduce the recordkeeping burden. The 
proposed rule would have required an FCM or IB to retain a copy of the 
customer's application for a TIN.\49\ The FCM's or IB's CIP must 
include procedures to confirm that the application was filed before the 
customer opens the account and to obtain the TIN within a reasonable 
period of time after the account is opened. The final rule permits the 
FCM or IB to exercise discretion in determining how to confirm that a 
customer has filed an application.
---------------------------------------------------------------------------

    \46\ See NPRM, 67 FR at 48337-48338.
    \47\ This position is analogous to that in regulations issued by 
the IRS concerning ``awaiting--TIN certificates.'' The IRS permits a 
taxpayer to furnish an ``awaiting--TIN certificate'' in lieu of a 
TIN to exempt the taxpayer from the withholding of taxes owed on 
reportable payments (i.e., interest and dividends) on certain 
accounts. See 26 CFR 31.3406(g)-3.
    \48\ In the NPRM, Treasury and the CFTC explained that the 
exception was for businesses that may need to open an account before 
they receive an EIN from the IRS. See NPRM, 67 FR at 48332-48333.
    \49\ See NPRM, 67 FR at 48338.
---------------------------------------------------------------------------

Section 103.123(b)(2)(ii) Customer Verification

    Treasury and the CFTC proposed to require that an FCM's or IB's CIP 
include procedures for verifying the identity of customers, to the 
extent reasonable and practicable, using the information obtained under 
the rule.\50\ Treasury and the CFTC also proposed to require such 
verification to occur within a reasonable time before or after the 
customer's account is opened. The NPRM stated that an FCM or IB need 
not establish the accuracy of each piece of identifying information if 
it is able to form a reasonable belief that it knows the customer's 
identity after verifying only certain of the information.\51\ The NPRM 
also stated that the flexibility to undertake verification within a 
reasonable time must be exercised in a reasonable manner.\52\
---------------------------------------------------------------------------

    \50\ Id.
    \51\ See NPRM, 67 FR at 48333.
    \52\ Id.
---------------------------------------------------------------------------

    The sole commenter on this aspect of the proposed rule suggested 
that the rule should require verification each time the customer opens 
a new type of account, and not each time the customer establishes a 
different account at the FCM to trade the same type of product. As 
discussed above, however, the definition of ``customer'' in the final 
rule has been changed to exclude persons who have an existing account, 
provided the FCM or IB has a reasonable belief that it knows the 
customer's true identity. Accordingly, FCMs and IBs will not be 
required to verify the identities of such persons, which may include 
persons who open successive accounts of either the same type or 
multiple types to trade either the same or different products.
    The final rule adopts the customer verification requirements 
substantially as proposed. The final rule requires that an FCM's or 
IB's CIP contain procedures for verifying the identity of the customer, 
using the customer information obtained in accordance with paragraph 
(b)(2)(i), within a reasonable time before or after the account is 
opened. As stated in the NPRM, FCMs and IBs must reasonably exercise 
the flexibility to undertake verification before or after an account is 
opened.\53\ The appropriate amount of time may depend on various 
factors, such as the type of account opened, whether the customer opens 
the account in person, and the type of identifying information that is 
available.\54\
---------------------------------------------------------------------------

    \53\ See NPRM, 67 FR at 48333.
    \54\ An FCM or IB member of NFA would violate CFTC Rule 1.37 and 
NFA Compliance Rule 2-30, however, if it allowed a natural person to 
transact business before obtaining specified information about the 
individual's true identity. Moreover, an FCM or IB must also comply 
with Treasury's Office of Foreign Asset Control's (OFAC) regulations 
prohibiting transactions involving designated foreign countries or 
their nationals. See 31 CFR Part 500.
---------------------------------------------------------------------------

    Although the location of the provision has been moved, the final 
rule continues to require that an FCM's or IB's CIP include procedures 
that describe when the firm will use documents, non-documentary 
methods, or a combination of both to verify customer identities.\55\ 
Depending on the type of customer and the method of opening an account, 
it may be more appropriate to use either documentary or non-documentary 
methods, and in some cases it may be appropriate to use both methods. 
The CIP should set forth guidelines describing when documents, non-
documentary methods, or a combination of both will be used. These 
guidelines should be based on the FCM's or IB's assessment of the 
relevant risk factors.
---------------------------------------------------------------------------

    \55\ See final rule, 103.123(b)(2)(ii).
---------------------------------------------------------------------------

Section 103.123(b)(2)(ii)(A) Customer Verification--Through Documents

    Treasury and the CFTC proposed to require that an FCM's or IB's CIP 
describe documents that the firm will use to verify a customer's 
identity. There were no comments directly addressing the documentary 
verification provisions of the proposed rule, and the final rule adopts 
the documentary verification provisions substantially as proposed. 
Specifically, the final rule requires an FCM's or IB's CIP to contain 
procedures that set forth the documents that the firm will use to 
verify a customer's identity. Each FCM or IB will conduct its own risk-
based analysis of the types of documents that it believes will enable 
it to verify the true identities of its customers.
    In light of recent increases in identity theft and the availability 
of fraudulent documents, Treasury and the CFTC believe that the value 
of documentary verification is enhanced by redundancy. Treasury and the 
CFTC encourage each FCM and IB to obtain more than one type of 
documentary verification to ensure that it has a reasonable belief that 
it knows its customer's true identity. Moreover, Treasury and the CFTC 
encourage FCMs and IBs to use a variety of methods to verify the 
identity of a customer, especially when it does not have the ability to 
examine original documents. The final rule continues to include, 
without significant change, an illustrative list of identification 
documents. For an individual, these documents may include unexpired 
government-issued identification evidencing nationality or residence 
and bearing a photograph or similar safeguard, such as a driver's 
license or passport.\56\ For a person other than an individual, these 
documents may include documents showing the existence of the entity, 
such as certified articles of incorporation, a government-issued 
business license, a partnership agreement, or a trust instrument.\57\ 
An FCM or IB may use other documents,\58\ provided they allow the firm 
to form a

[[Page 25155]]

reasonable belief that it knows the true identity of the customer.
---------------------------------------------------------------------------

    \56\ See final rule, 103.123(b)(2)(ii)(A)(1).
    \57\ See final rule, 103.123(b)(2)(ii)(A)(2).
    \58\ The list of documents in the rule is meant to be 
illustrative. Other documents, such as trust certificates and legal 
opinions, also may be appropriate for verification.
---------------------------------------------------------------------------

    In addition to the risk factors described in paragraph (b)(2), the 
FCM or IB should take into consideration the problems associated with 
authenticating documents and the inherent limitations of documents as a 
means of identity verification. These limitations will affect the types 
of documents that will be necessary to establish a reasonable belief 
that the FCM or IB knows the true identity of the customer, and may 
require the use of non-documentary methods of verification in addition 
to documents.
    Once an FCM or IB verifies the identity of a customer through a 
document, such as a driver's license or passport, it is not required to 
take steps to determine whether the document has been validly issued. 
An FCM or IB generally may rely on government-issued identification as 
verification of a customer's identity; however, if a document shows 
obvious indications of fraud, the FCM or IB must consider that in 
determining whether it can form a reasonable belief that it knows the 
customer's true identity.

Section 103.123(b)(2)(ii)(B) Customer Verification--Through Non-
documentary Methods

    Treasury and the CFTC proposed to require that an FCM's or IB's CIP 
describe the non-documentary methods the firm would use to verify 
customers' identities and when the firm would use these methods in 
addition to, or instead of, relying on documents.\59\ Treasury and the 
CFTC explained that the proposed rule would allow the exclusive use of 
non-documentary methods because some accounts are opened by telephone, 
by mail, or over the Internet.\60\ Treasury and the CFTC also noted 
that, even if a customer presents identification documents, it still 
might be appropriate to use non-documentary verification methods as 
well.
---------------------------------------------------------------------------

    \59\ See NPRM, 67 FR at 48338.
    \60\ See NPRM, 67 FR at 48333.
---------------------------------------------------------------------------

    The proposed rule provided examples of non-documentary verification 
methods that an FCM or IB may use. In the NPRM, Treasury and the CFTC 
observed that FCMs and IBs may wish to analyze whether there is logical 
consistency between the identifying information provided, such as the 
customer's name, street address, ZIP code, telephone number (if 
provided), date of birth, and social security number.\61\
---------------------------------------------------------------------------

    \61\ See NPRM, 67 FR at 48334.
---------------------------------------------------------------------------

    Treasury and the CFTC proposed to require FCMs and IBs to use non-
documentary methods when: (1) A customer who is a natural person cannot 
present an unexpired, government-issued identification document that 
bears a photograph or similar safeguard; (2) the FCM or IB is presented 
with unfamiliar documents to verify the identity of a customer; or (3) 
the FCM or IB does not obtain documents to verify the identity of a 
customer, does not meet face-to-face with a customer who is a natural 
person, or is otherwise presented with circumstances that increase the 
risk the FCM or IB will be unable to verify the true identity of a 
customer through documents.\62\ Treasury and the CFTC recognize that 
there are many scenarios and combinations of risk factors that FCMs and 
IBs may encounter, and they have decided to adopt general principles 
that are illustrated by examples, in lieu of a lengthy and possibly 
unwieldy regulation that attempts to address a wide variety of 
situations with particularity.
---------------------------------------------------------------------------

    \62\ See NPRM, 67 FR at 48338.
---------------------------------------------------------------------------

    There were no comments specifically regarding the non-documentary 
verification provisions of the proposed rule, and thus the final rule 
adopts them substantially as proposed. Under the final rule, an FCM or 
IB relying on non-documentary verification methods must describe them 
in its CIP. The final rule includes an illustrative list of non-
documentary verification methods, similar to the list that was included 
in the proposed rule. These methods may include: (1) Contacting a 
customer; (2) independently verifying the customer's identity through 
the comparison of information provided by the customer with information 
obtained from a consumer reporting agency, public database,\63\ or 
other source; (3) checking references with other financial 
institutions; and (4) obtaining a financial statement.\64\ As Treasury 
and the CFTC stated in the NPRM, FCMs and IBs may wish to analyze 
whether there is logical consistency between the identifying 
information provided, such as the customer's name, street address, ZIP 
code, telephone number (if provided), date of birth, and social 
security number.\65\
---------------------------------------------------------------------------

    \63\ The specific types of databases that would be suitable for 
verification ultimately will depend on the circumstances and the 
FCM's or IB's assessment of the relevant risk factors.
    \64\ See final rule, 103.123(b)(ii)(B)(1).
    \65\ See NPRM, 67 FR at 48334.
---------------------------------------------------------------------------

    The final rule also includes a list, again similar to that in the 
proposal, of circumstances that may require the use of non-documentary 
verification procedures.\66\ Specifically, an FCM's or IB's non-
documentary procedures must address situations in which: (1) An 
individual is unable to present an unexpired government-issued 
identification document that bears a photograph or similar safeguard; 
(2) the FCM or IB is not familiar with the documents presented; (3) the 
account is opened without obtaining documents; (4) the customer opens 
the account without appearing in person; and (5) the circumstances 
presented increase the risk that the FCM or IB will be unable to verify 
the true identity of a customer through documents.
---------------------------------------------------------------------------

    \66\ See final rule, 103.123(b)(ii)(B)(2).
---------------------------------------------------------------------------

    As explained in the NPRM,\67\ because identification documents may 
be obtained illegally and may be fraudulent, and in light of the recent 
increase in identity theft, Treasury and the CFTC encourage FCMs and 
IBs to use non-documentary methods even when the customer has provided 
identification documents.
---------------------------------------------------------------------------

    \67\ Id.
---------------------------------------------------------------------------

Section 103.123(b)(2)(ii)(C) Customer Verification--Additional 
Verification for Certain Customers

    As described above, Treasury and the CFTC proposed to require 
verification of the identity of any person authorized to effect 
transactions in a customer's account. Commenters objected to this 
requirement, and it has been omitted from the final rule. For the 
reasons discussed below, however, the final rule does require that an 
FCM's or IB's CIP address the circumstances in which it will obtain 
information about such individuals in order to verify a customer's 
identity.
    Treasury and the CFTC believe that, while FCMs and IBs may be able 
to verify the identity of the majority of customers through the 
documentary or non-documentary verification methods described above, 
there may be circumstances when these methods are inadequate. The risk 
that an FCM or IB will not know the customer's true identity may be 
heightened for certain types of accounts, such as an account opened in 
the name of a corporation, partnership, or trust that is created or 
conducts substantial business in a jurisdiction that has been 
designated by the United States as a primary money laundering concern 
or has been designated as non-cooperative by an international body. 
Treasury and the CFTC believe that, in order to identify customers that 
pose a heightened risk of not being properly identified, an FCM's or 
IB's CIP must prescribe additional measures that may be used to obtain

[[Page 25156]]

information about the identities of the individuals associated with the 
customer when standard documentary or non-documentary verification 
methods prove to be insufficient.
    The final rule, therefore, includes a new provision requiring that 
the CIP address situations in which, based on the FCM's or IB's risk 
assessment of a new account opened by a customer that is not an 
individual, the firm also will obtain information about individuals 
with authority or control over the account (e.g., persons authorized to 
effect transactions in the account) in order to verify the customer's 
identity. This additional verification method applies only when the FCM 
or IB cannot adequately verify the customer's identity after using the 
documentary and non-documentary verification methods described 
above.\68\
---------------------------------------------------------------------------

    \68\ An FCM or IB need not undertake any additional verification 
if it chooses not to open an account when it cannot verify the 
customer's identity after using standard documentary and non-
documentary verification methods.
---------------------------------------------------------------------------

Section 103.123(b)(2)(iii) Lack of Verification

    Treasury and the CFTC proposed to require that an FCM's or IB's CIP 
include procedures for responding to circumstances in which the firm 
cannot form a reasonable belief that it knows the true identity of the 
customer.\69\ Treasury and the CFTC explained in the NPRM that the CIP 
should specify the actions to be taken, which could include closing the 
account or placing limitations on additional trading.\70\ Treasury and 
the CFTC also explained that there should be guidelines for when an 
account will not be opened (e.g., when the required information is not 
provided), and that the CIP should address the terms under which a 
customer may conduct transactions while the customer's identity is 
being verified.\71\
---------------------------------------------------------------------------

    \69\ See NPRM, 67 FR at 48338.
    \70\ See NPRM, 67 FR at 48334.
    \71\ Id.
---------------------------------------------------------------------------

    There were no comments on this aspect of the proposed rule, and 
Treasury and the CFTC have adopted the provision substantially as 
proposed. The final rule, however, adds a description of the 
recommended features of these procedures, similar to the features that 
were described in the NPRM. Thus, the final rule provides that the 
CIP's procedures should describe: (1) When an account should not be 
opened; (2) the terms under which a customer may conduct transactions 
while the FCM or IB attempts to verify the customer's identity; (3) 
when the FCM or IB should file a suspicious activity report (SAR) in 
accordance with applicable law and regulation; \72\ and (4) when an 
account should be closed, after attempts to verify a customer's 
identity have failed.
---------------------------------------------------------------------------

    \72\ FinCEN has not yet published a rule requiring FCMs and IBs 
to report suspicious activities. These firms may, however, 
voluntarily file SARs with FinCEN to report suspicious activities.
---------------------------------------------------------------------------

Section 103.123(b)(3) Recordkeeping

    Section 103.123(b)(3)(i) Required Records. Treasury and the CFTC 
proposed to require that CIPs of FCMs and IBs include certain 
recordkeeping procedures.73-74 First, the proposed rule 
would have required that an FCM or IB maintain a record of the 
identifying information provided by customers. Second, if an FCM or IB 
relied on a document to verify a customer's identity, the proposed rule 
would have required the firm to maintain a copy of the document. Third, 
the proposed rule would have required FCMs and IBs to record the 
methods and results of any additional measures undertaken to verify the 
identity of customers. Finally, the proposed rule would have required 
FCMs and IBs to record the resolution of any discrepancy in the 
identifying information obtained.
---------------------------------------------------------------------------

    \73-74\ See NPRM, 67 FR at 48338.
---------------------------------------------------------------------------

    Although there were no comments on this aspect of the proposed 
rule, Treasury and the CFTC have reconsidered and modified the 
recordkeeping requirements of the rule based on comments received with 
respect to the parallel recordkeeping provisions in the proposed CIP 
rules jointly issued by Treasury and the other Federal functional 
regulators. The final rule provides that an FCM's or IB's CIP must 
include procedures for making and maintaining records related to 
verifying the identities of customers. However, the final rule is more 
flexible than the proposed rule in this regard.
    Under the final rule, FCMs and IBs still must make a record of all 
identifying information obtained about each customer. However, rather 
than requiring that copies of verification documents be maintained, the 
final rule requires that an FCM's or IB's records include a description 
of any document that the firm relied on to verify the identity of the 
customer, noting the type of document, any identification number 
contained in the document, the place of issuance, and the issuance and 
expiration dates, if any. With respect to non-documentary verification, 
the final rule requires the records to include a description of the 
non-documentary methods and the results of any additional measures 
undertaken to verify the identity of the customer. The final rule also 
requires a description of the resolution of any ``substantive 
discrepancy'' discovered when verifying the identifying information 
obtained. This is intended to make clear that a record would not have 
to be made in the case of a minor discrepancy, such as one that might 
be caused by typographical mistakes.

Section 103.123(b)(3)(ii) Record Retention

    Treasury and the CFTC proposed to require that an FCM or IB retain 
all required records for five years after the account is closed.\75\ 
Although there were no comments on this aspect of the proposed rule, 
commenters on the other Federal functional regulators' proposed CIP 
rules expressed concern regarding this requirement as costly and overly 
burdensome, particularly with respect to the length of time that 
certain records would need to be retained and the requirement that 
financial institutions retain copies of the documents used to verify 
customer identities. The final rules adopted by Treasury and the 
Federal functional regulators address many of these concerns.
---------------------------------------------------------------------------

    \75\ See NPRM, 67 FR at 48338.
---------------------------------------------------------------------------

    Treasury and the Federal functional regulators have, in the final 
rules, eliminated the requirement that a financial institution retain 
copies of documents used to verify customer identities. Treasury and 
the Federal functional regulators also believe that, while the 
identifying information provided by customers should be retained as 
proposed, there is little value in requiring financial institutions to 
retain the remaining records for five years after an account is closed, 
because this information is likely to grow stale. Therefore, the final 
rule prescribes a bifurcated record retention schedule that is 
consistent with a general five-year retention requirement.
    Under the final rule, an FCM or IB must retain the information 
obtained about a customer pursuant to paragraph (b)(3)(i)(A) (i.e., all 
minimum identifying information obtained under (b)(2)(ii)(A)) for five 
years after the date the account is closed.\76\ The remaining records 
required under paragraphs (b)(3)(i)(B), (C), and (D) (i.e., 
descriptions of: any document relied upon to verify identity; methods 
and results of any measure taken to verify identity; and the resolution 
of each substantive discrepancy discovered

[[Page 25157]]

when verifying the identifying information obtained) need only be 
retained for five years after the record is made. The final rule 
continues to provide that in all other respects, these records shall be 
maintained in accordance with the provisions of the CFTC's 
recordkeeping rule 1.31.\77\
---------------------------------------------------------------------------

    \76\ The Secretary has determined that the records required to 
be retained under section 326 of the Act have a high degree of 
usefulness in criminal, tax, or regulatory investigations or 
proceedings, or in the conduct of intelligence or 
counterintelligence activities, to protect against international 
terrorism.
    \77\ 17 CFR 1.31.
---------------------------------------------------------------------------

Section 103.123(b)(4) Comparison With Government Lists

    Treasury and the CFTC proposed to require that an FCM's or IB's CIP 
have procedures for determining whether the customer appears on any 
list of known or suspected terrorists or terrorist organizations 
prepared by any Federal government agency and made available to the 
firm.\78\ In addition, the proposed rule provided that FCMs and IBs 
must follow all Federal directives issued in connection with such 
lists.
---------------------------------------------------------------------------

    \78\ See NPRM, 67 FR at 48338.
---------------------------------------------------------------------------

    Although there were no comments on this aspect of the proposed 
rule, commenters on the other Federal functional regulators' proposed 
CIP rulemakings raised a number of concerns regarding this provision. 
Some commenters were concerned about how a financial institution would 
be able to determine what lists should be checked and how these lists 
would be made available. Other commenters suggested that all such lists 
be consolidated or provided through a designated government agency, 
such as FinCEN, that would serve as a clearinghouse. Still other 
commenters suggested that the rule should allow for the lists to be 
checked after an account is opened.
    The final rule provides that an FCM's or IB's CIP must include 
procedures for determining whether the customer appears on any list of 
known or suspected terrorists or terrorist organizations issued by any 
Federal government agency and designated as such by Treasury in 
consultation with the Federal functional regulators. Because Treasury 
and the Federal functional regulators have not yet designated any such 
lists, the final rule cannot be more specific with respect to the lists 
that FCMs and IBs must check. However, FCMs and IBs will not have an 
affirmative duty under this rule to seek out all lists of known or 
suspected terrorists or terrorist organizations compiled by the Federal 
government. Instead, they will receive notification by way of separate 
guidance regarding the lists that they must consult for purposes of 
this provision.
    Treasury and the CFTC have modified the proposed rule to provide 
that the CIP's procedures must require the FCM or IB to determine 
whether a customer appears on a list ``within a reasonable period of 
time'' after the account is opened, or earlier if required by another 
Federal law or regulation or by a Federal directive issued in 
connection with the applicable list. The final rule also requires an 
FCM's or IB's CIP to include procedures that require the firm to follow 
all Federal directives issued in connection with such lists. Again, 
because no lists have yet been designated under this provision, the 
final rule cannot provide more guidance in this area.\79\
---------------------------------------------------------------------------

    \79\ This is not to say, however, that FCMs and IBs do not have 
obligations under other laws to screen their customers against 
government lists. For example, FCMs and IBs should already have AML 
compliance programs in place to ensure they comply with OFAC's 
rules. See supra note 54; see also OFAC's Foreign Assets Control 
Regulations For The Securities Industry (http://www.ustreas.gov/offices/enforcement/ofac/regulations/t11facsc.pdf).
---------------------------------------------------------------------------

Section 103.123(b)(5) Customer Notice

    Treasury and the CFTC proposed to require that an FCM's or IB's CIP 
include procedures for providing customers with adequate notice that 
the firm is requesting information to verify their identities.\80\ The 
NPRM stated that an FCM or IB could satisfy that notice requirement by 
generally notifying its customers about the firm's verification 
procedures.\81\ It also stated that if an account is opened 
electronically, such as through an Internet website, the FCM or IB 
could provide notice electronically.\82\
---------------------------------------------------------------------------

    \80\ See NPRM, 67 FR at 48338.
    \81\ See NPRM, 67 FR at 48334.
    \82\ Id.
---------------------------------------------------------------------------

    Section 326 of the Act provides that the regulations issued ``shall 
at a minimum, require financial institutions to * * * [give] customers 
* * * adequate notice'' of the procedures they adopt concerning 
customer identification. Based on this statutory requirement, the final 
rule requires an FCM's or IB's CIP to include procedures for providing 
customers with adequate notice that the firm is requesting information 
to verify their identities.
    The final rule contains additional guidance regarding what 
constitutes adequate notice and the timing of the notice requirement. 
The final rule provides that notice is adequate if the FCM or IB 
describes the identification requirements of the final rule and 
provides notice in a manner reasonably designed to ensure that a 
customer is able to view the notice, or is otherwise given notice, 
before opening an account. The final rule also provides that, depending 
on how an account is opened, an FCM or IB may post a notice in the 
lobby or on its website, include the notice on its account 
applications, or use any other form of oral or written notice.\83\ In 
addition, the final rule includes sample language that, if appropriate, 
will be deemed adequate notice to an FCM's or IB's customers when 
provided in accordance with the requirements of the final rule.
---------------------------------------------------------------------------

    \83\ One commenter suggested that a firm's posting of the 
required notice on its Internet Web site should be deemed sufficient 
notice for all customers, regardless of how any particular account 
is opened. Because such posting would not ensure that every customer 
would be able to view the notice before opening an account, Treasury 
and the CFTC do not believe that this approach would satisfy the 
statutory requirement of section 326 of the Act.
---------------------------------------------------------------------------

Section 103.123(b)(6) Reliance on Other Financial Institutions

    In the proposed rule, Treasury and the CFTC included as a risk 
factor an FCM's or IB's reliance on another FCM or IB to perform 
procedures of its CIP.\84\ In the NPRM, Treasury and the CFTC stated 
that this would require an assessment of whether the FCM or IB can rely 
on another FCM or IB, with which it shares an account relationship, to 
undertake any of the steps required by the firm's CIP with respect to 
the shared account.
---------------------------------------------------------------------------

    \84\ See NPRM, 67 FR at 48331-48332.
---------------------------------------------------------------------------

    Treasury and the CFTC have expanded the reliance provision of the 
proposed rule in recognition that there may be circumstances in which 
an FCM or IB should be able to rely on the performance by another 
financial institution of some or all of the elements of the firm's CIP. 
The final rule provides that an FCM's or IB's CIP may include 
procedures that specify when the firm will rely on the performance by 
another financial institution (including an affiliate) of any 
procedures of the firm's CIP, and thereby satisfy the FCM's or IB's 
obligations under the rule. Reliance is permitted if a customer of the 
FCM or IB is opening, or has opened, an account or has established a 
similar business relationship with the other financial institution to 
provide or engage in services, dealings, or other financial 
transactions.
    In order for an FCM or IB to rely on the other financial 
institution: (1) Such reliance must be reasonable under the 
circumstances; (2) the other financial institution must be subject to a 
rule implementing the AML compliance program requirements of 31 U.S.C. 
5318(h) and be regulated by a Federal functional regulator, and (3) the 
other financial institution must enter into a contract requiring it to 
certify annually to the FCM or IB that it has implemented an AML 
program and that it will perform (or its agent will perform) the 
specified requirements of

[[Page 25158]]

the FCM's or IB's CIP.\85\ The contract and certification will provide 
a standard means for an FCM or IB to demonstrate the extent to which it 
is relying on another financial institution to perform its CIP, and 
that the other institution has, in fact, agreed to perform those 
functions.\86\ If it is not clear from these documents, an FCM or IB 
must be able to otherwise demonstrate when it is relying on another 
financial institution to perform its CIP with respect to a particular 
customer.
---------------------------------------------------------------------------

    \85\ As discussed in the NPRM, the required contractual 
commitments in the case of shared accounts involving FCMs and IBs 
may be made a part of an introducing agreement (in the context of 
introduced business) or a give-up agreement (in the context of give-
up business). See NPRM, 67 FR at 48332. And as urged by one 
commenter, the required annual certification under the final rule 
may cover all customers for which the two financial institutions 
share an account relationship, and need not be on a customer-by-
customer basis.
    \86\ FCMs and IBs must obtain annual certifications 
acknowledging performance of CIP functions from financial 
institutions that are affiliates as well as those that are non-
affiliates. This requirement maintains parity with the CIP rule 
applicable to securities broker-dealers, many of which are dually 
registered as FCMs.
---------------------------------------------------------------------------

    An FCM or IB will not be held responsible for the failure of the 
other financial institution to fulfill adequately the FCM's or IB's CIP 
obligations, provided that the FCM or IB can establish that its 
reliance was reasonable and that it has the requisite contracts and 
certifications. Treasury and the CFTC emphasize that the FCM or IB and 
the other financial institution upon which it relies must satisfy all 
the conditions for reliance set forth in the final rule. If they do 
not, then the FCM or IB remains solely responsible for applying its own 
CIP to each customer in accordance with the rule.
    This reliance provision of the final rule does not affect the 
ability of an FCM or IB to contractually delegate the implementation 
and operation of its CIP procedures to a service provider. Nor does the 
final rule alter an FCM's or IB's ability to use an agent to perform 
services on its behalf. Treasury and the CFTC note, however, that in 
contrast to the reliance provision in the rule, in these situations the 
FCM or IB remains solely responsible for assuring compliance with the 
rule, and therefore must actively monitor the operation of its CIP, 
assesses its effectiveness, and ensure that examiners are able to 
obtain information and records relating to the CIP.\87\
---------------------------------------------------------------------------

    \87\ Two commenters suggested that the final rule should allow 
FCMs and IBs to rely upon foreign financial institutions in general, 
and foreign affiliates in particular to perform CIP procedures. Such 
a liberalization of the rule, however, could undermine the purpose 
of the Act in combating international money laundering and the 
financing of terrorism. Accordingly, the final rule permits reliance 
only on a financial institution that is subject to a rule requiring 
an AML program under the Act and that is regulated by a Federal 
functional regulator, which will exclude foreign entities.
    This does not prevent an FCM or IB from utilizing a foreign 
affiliate or other foreign financial institution to perform 
procedures of its CIP. Rather, it means only that the FCM's or IB's 
relationship with the foreign firm will be treated the same as if 
the firm contractually delegated the implementation and operation of 
its CIP procedures to a service provider.
---------------------------------------------------------------------------

    All of the Federal functional regulators are adopting comparable 
provisions in their CIP rules to permit such reliance. Furthermore, the 
Federal functional regulators expect to share information and cooperate 
with each other to determine whether the institutions subject to their 
jurisdiction are in compliance with the reliance provision of the rule.

Section 103.123(c) Exemptions

    The proposed rule provided that the CFTC, with the concurrence of 
the Secretary, may exempt any FCM or IB that registers with the CFTC or 
any type of account from the requirements of the rule. It excluded from 
this exemptive authority FCMs or IBs that register pursuant to section 
4f(a)(2) of the CEA solely because they deal in transactions involving 
SFPs. The exemptive authority with respect to these firms will be in 
the final rule issued jointly by Treasury and the SEC for securities 
broker-dealers. There were no comments on this provision of the 
proposed rule, and Treasury and the CFTC have adopted it substantially 
as proposed.

Section 103.123(d) Other Requirements Unaffected

    The final rule adds a provision stating that nothing in Sec.  
103.123 shall relieve an FCM or IB of its obligation to comply with any 
other provision of Part 103, including provisions concerning 
information that must be obtained, verified, or maintained in 
connection with any account or transaction. A parallel provision 
similarly has been included in the final CIP rules issued by Treasury 
and the other Federal functional regulators.

B. Requirement for CIP Approval Removed

    The NPRM required that the CIP be approved by the FCM's or IB's 
board of directors, managing partners, board of managers or other 
governing body performing similar functions, or by a person or persons 
specifically authorized by such bodies to approve the CIP.\88\ The 
final rule requires the CIP to be a part of the overall AML program 
required of FCMs and IBs under 31 U.S.C. 5318(h). NFA Compliance Rule 
2-9(c) requires these AML programs to be approved in writing by a 
member of the FCM's or IB's senior management.\89\
---------------------------------------------------------------------------

    \88\ See NPRM, 67 FR at 48338.
    \89\ Compliance with NFA Compliance Rule 2-9(c) is deemed to 
satisfy the requirements of 31 U.S.C. 5318(h)(1). See 31 CFR 
103.120(c).
---------------------------------------------------------------------------

    Treasury and the CFTC have omitted the approval requirement from 
the final rule because it is unnecessary given the approval 
requirements for AML programs set forth in NFA Compliance Rule 2-9(c). 
Treasury and the CFTC note, however, that an FCM or IB with an approved 
AML program must nonetheless obtain approval of a new CIP because it 
would constitute a material change to the AML program.

III. Regulatory Analysis

A. Regulatory Flexibility Act

    The Regulatory Flexibility Act (RFA), 5 U.S.C. 601, et seq. (1994 & 
Supp. II 1996), requires Federal agencies, in proposing rules, to 
consider the impact of those rules on small businesses. The rules 
adopted herein would affect FCMs and IBs. The CFTC has previously 
established certain definitions of ``small entities'' to be used by the 
CFTC in evaluating the impact of its rules on small entities in 
accordance with the RFA.\90\ The CFTC has previously determined that 
FCMs are not small entities for the purposes of the RFA. With respect 
to IBs, the CFTC has stated that it is appropriate to evaluate within 
the context of a particular rule proposal whether some or all of the 
affected entities should be considered small entities and, if so, to 
analyze the economic impact on them of any rule.\91\
---------------------------------------------------------------------------

    \90\ 47 FR 18618-21 (Apr. 30, 1982).
    \91\ Id. at 18618-21.
---------------------------------------------------------------------------

    In this regard, the rules being adopted herein would not require 
any IB significantly to change its current method of doing business. As 
noted in the NPRM, Treasury and the CFTC believe that IBs already 
obtain from their customers most, if not all, of the information 
required under the proposed rule.\92\ In addition, FCMs and IBs already 
must have AML programs that include procedures for customer 
identification and verification. The flexibility incorporated into the 
final rule also will permit each IB to tailor its CIP to fit its own 
size and needs. As a result, Treasury and the CFTC believe that 
expenditures associated with establishing and implementing a CIP should 
be commensurate with the size of the firm. If an IB is small, with a 
limited number of customers, the burden to comply with the rule should

[[Page 25159]]

be de minimis. This position is consistent with the views of one trade 
association commenter that characterized the expected additional costs 
for IBs to comply with this new rule as ``insubstantial.''
---------------------------------------------------------------------------

    \92\ See NPRM, 67 FR at 48335 n.17.
---------------------------------------------------------------------------

    Accordingly, pursuant to 5 U.S.C. 605(b), Treasury and the CFTC 
certify that the action taken herein will not have a significant 
economic impact on a substantial number of small entities. In this 
regard, Treasury and the CFTC note that they did not receive any 
comments expressing concern regarding the implications of the rule for 
small entities.

B. Paperwork Reduction Act

    The collections of information in this rule have been reviewed and 
approved by the Office of Management and Budget pursuant to the 
Paperwork Reduction Act of 1995 (44 U.S.C. 3507(d)), under control 
number 1506-0022. An agency may not conduct or sponsor, and a person is 
not required to respond to, a collection of information unless it 
displays a currently valid control number.
    Neither Treasury nor the CFTC received any comments on any 
potential paperwork burden associated with the NPRM. Treasury and the 
CFTC did receive comments concerning the information that would be 
collected under the proposed rule. The final rule, which addresses 
these concerns among others, reduces the paperwork burden of the rule 
as proposed.\93\
---------------------------------------------------------------------------

    \93\ See NPRM, 67 FR at 48335.
---------------------------------------------------------------------------

    Comments on the burden, and suggestions for how to further reduce 
it, may be sent (preferably by fax (202-395-6974)) to Desk Officer for 
the Department of the Treasury, Office of Information and Regulatory 
Affairs, Office of Management and Budget, Paperwork Reduction Project 
(1506-0022), Washington, DC 20503 (or by the Internet to 
[email protected]), with a copy to FinCEN by mail or the Internet at 
the addresses previously specified.

C. Cost-Benefit Analysis

    Section 15(a) of the CEA requires the CFTC to consider the costs 
and benefits of its action before issuing a new rule. The CFTC 
understands that, by its terms, section 15(a) does not require the CFTC 
to quantify the costs and benefits of a new rule or to determine 
whether the benefits of the rule outweigh its costs. Nor does it 
require that each rule be analyzed in isolation when that rule is a 
component of a larger package of rules or rule revisions. Rather, 
section 15(a) simply requires the CFTC to ``consider the costs and 
benefits'' of its action.
    Section 15(a) further specifies that the costs and benefits of the 
rule shall be evaluated in light of five broad areas of market and 
public concern: (1) Protection of market participants and the public; 
(2) efficiency, competitiveness, and financial integrity of futures 
markets; (3) price discovery; (4) sound risk management practices; and 
(5) other public interest considerations. The CFTC may, in its 
discretion, give greater weight to any one of the five enumerated areas 
of concern and may, in its discretion, determine that, notwithstanding 
its costs, a particular rule is necessary or appropriate to protect the 
public interest or to effectuate any of the provisions or to accomplish 
any of the purposes of the CEA.
    The NPRM contained an analysis of the CFTC's consideration of these 
costs and benefits and solicited public comment thereon.\94\ The CFTC 
invited commenters to submit any data that they might have to assist in 
quantifying the costs and benefits of the proposed rules. The CFTC did 
not receive any such data or related comments.
---------------------------------------------------------------------------

    \94\ See NPRM, 67 FR at 48336-48337.
---------------------------------------------------------------------------

    After considering the costs and benefits of the proposed rules, the 
CFTC has decided to adopt these rules, with revisions as discussed 
above.

D. Executive Order 12866

    Treasury has determined that this rule is not a ``significant 
regulatory action'' for purposes of Executive Order 12866. As noted 
above, the final rule parallels the requirements of section 326 of the 
Act. Accordingly, a regulatory impact analysis is not required.

List of Subjects

17 CFR Part 42

    Anti-money laundering, Brokers, Reporting and recordkeeping 
requirements, Terrorist financing.

31 CFR Part 103

    Administrative practice and procedure, Authority delegations 
(Government agencies), Banks, Banking, Brokers, Currency, Foreign 
banking, Foreign currencies, Gambling, Investigations, Law enforcement, 
Penalties, Reporting and recordkeeping requirements, Securities.

Commodity Futures Trading Commission

17 CFR Chapter I

Authority and Issuance

0
For the reasons articulated in the preamble, the CFTC amends chapter I 
of title 17 of the Code of Federal Regulations by adding a new part 42 
to read as follows:

PART 42--ANTI-MONEY LAUNDERING, TERRORIST FINANCING

Subpart A--General Provisions

Sec.
42.1 [Reserved]
42.2 Compliance with Bank Secrecy Act

    Authority: 7 U.S.C. 1a, 2, 5, 6, 6b, 6d, 6f, 6g, 7, 7a, 7a-1, 
7a-2, 7b, 7b-1, 7b-2, 9, 12, 12a, 12c, 13a, 13a-1, 13c, 16 and 21; 
12 U.S.C. 1786(q), 1818, 1829b and 1951-1959; 31 U.S.C. 5311-5314 
and 5316-5332; title III, secs. 312-314, 319, 321, 326, 352, Pub. L. 
107-56, 115 Stat. 307.

Subpart A--General Provisions


Sec.  42.1  [Reserved]


Sec.  42.2  Compliance with Bank Secrecy Act.

    Every futures commission merchant and introducing broker shall 
comply with the applicable provisions of the Bank Secrecy Act and the 
regulations promulgated by the Department of the Treasury under that 
Act at 31 CFR Part 103, and with the requirements of 31 U.S.C. 5318(l) 
and the implementing regulation jointly promulgated by the Commission 
and the Department of the Treasury at 31 CFR 103.123, which require 
that a customer identification program be adopted as part of the firm's 
Bank Secrecy Act compliance program.

    Dated: April 28, 2003.
Jean A. Webb,
Secretary of the Commodity Futures Trading Commission.

Department of the Treasury

31 CFR Chapter I

Authority and Issuance

0
For the reasons set forth in the preamble, part 103 of title 31 of the 
Code of Federal Regulations is amended as follows:

PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND 
FOREIGN TRANSACTIONS

0
1. The authority citation for part 103 is revised to read as follows:

    Authority: 12 U.S.C. 1786(q), 1818, 1829b and 1951-1959; 31 
U.S.C. 5311-5314 and 5316-5332; title III, secs. 312, 313, 314, 319, 
321, 326, 352, Pub L. 107-56, 115 Stat. 307.

[[Page 25160]]


0
2. Subpart I of part 103 is amended by adding Sec.  103.123 to read as 
follows:


Sec.  103.123  Customer identification programs for futures commission 
merchants and introducing brokers.

    (a) Definitions. For the purposes of this section:
    (1)(i) Account means a formal relationship with a futures 
commission merchant, including, but not limited to, those established 
to effect transactions in contracts of sale of a commodity for future 
delivery, options on any contract of sale of a commodity for future 
delivery, or options on a commodity.
    (ii) Account does not include:
    (A) An account that the futures commission merchant acquires 
through any acquisition, merger, purchase of assets, or assumption of 
liabilities; or
    (B) An account opened for the purpose of participating in an 
employee benefit plan established under the Employee Retirement Income 
Security Act of 1974.
    (2) Commission means the United States Commodity Futures Trading 
Commission.
    (3) Commodity means any good, article, service, right, or interest 
described in Section 1a(4) of the Commodity Exchange Act (7 U.S.C. 
1a(4)).
    (4) Contract of sale means any sale, agreement of sale or agreement 
to sell as described in Section 1a(7) of the Commodity Exchange Act (7 
U.S.C. 1a(7)).
    (5)(i) Customer means:
    (A) A person that opens a new account with a futures commission 
merchant; and
    (B) An individual who opens a new account with a futures commission 
merchant for:
    (1) An individual who lacks legal capacity; or
    (2) An entity that is not a legal person.
    (ii) Customer does not include:
    (A) A financial institution regulated by a Federal functional 
regulator or a bank regulated by a state bank regulator;
    (B) A person described in Sec.  103.22(d)(2)(ii) through (iv); or
    (C) A person that has an existing account, provided the futures 
commission merchant or introducing broker has a reasonable belief that 
it knows the true identity of the person.
    (iii) When an account is introduced to a futures commission 
merchant by an introducing broker, the person or individual opening the 
account shall be deemed to be a customer of both the futures commission 
merchant and the introducing broker for the purposes of this section.
    (6) Federal functional regulator is defined at Sec.  103.120(a)(2).
    (7) Financial institution is defined at 31 U.S.C. 5312(a)(2) and 
(c)(1).
    (8) Futures commission merchant means any person registered or 
required to be registered as a futures commission merchant with the 
Commission under the Commodity Exchange Act (7 U.S.C. 1 et seq.), 
except persons who register pursuant to Section 4f(a)(2) of the 
Commodity Exchange Act (7 U.S.C. 6f(a)(2)).
    (9) Introducing broker means any person registered or required to 
be registered as an introducing broker with the Commission under the 
Commodity Exchange Act (7 U.S.C. 1 et seq.), except persons who 
register pursuant to Section 4f(a)(2) of the Commodity Exchange Act (7 
U.S.C. 6f(a)(2)).
    (10) Option means an agreement, contract or transaction described 
in Section 1a(26) of the Commodity Exchange Act (7 U.S.C. 1a(26)).
    (11) Taxpayer identification number is defined by section 6109 of 
the Internal Revenue Code of 1986 (26 U.S.C. 6109) and the Internal 
Revenue Service regulations implementing that section (e.g., social 
security number or employer identification number).
    (12) U.S. person means:
    (i) A United States citizen; or
    (ii) A person other than an individual (such as a corporation, 
partnership or trust) that is established or organized under the laws 
of a State or the United States.
    (13) Non-U.S. person means a person that is not a U.S. person.
    (b) Customer identification program: minimum requirements--(1) In 
general. Each futures commission merchant and introducing broker must 
implement a written Customer Identification Program (CIP) appropriate 
for its size and business that, at a minimum, includes each of the 
requirements of paragraphs (b)(1) through (b)(5) of this section. The 
CIP must be a part of each futures commission merchant's and 
introducing broker's anti-money laundering compliance program required 
under 31 U.S.C. 5318(h).
    (2) Identity verification procedures. The CIP must include risk-
based procedures for verifying the identity of each customer to the 
extent reasonable and practicable. The procedures must enable each 
futures commission merchant and introducing broker to form a reasonable 
belief that it knows the true identity of each customer. The procedures 
must be based on the futures commission merchant's or introducing 
broker's assessment of the relevant risks, including those presented by 
the various types of accounts maintained, the various methods of 
opening accounts, the various types of identifying information 
available, and the futures commission merchant's or introducing 
broker's size, location and customer base. At a minimum, these 
procedures must contain the elements described in paragraph (b)(2) of 
this section.
    (i)(A) Customer information required. The CIP must include 
procedures for opening an account that specify identifying information 
that will be obtained from each customer. Except as permitted by 
paragraph (b)(2)(i)(B) of this section, each futures commission 
merchant and introducing broker must obtain, at a minimum, the 
following information prior to opening an account:
    (1) Name;
    (2) Date of birth, for an individual;
    (3) Address, which shall be:
    (i) For an individual, a residential or business street address;
    (ii) For an individual who does not have a residential or business 
street address, an Army Post Office (APO) or Fleet Post Office (FPO) 
box number, or the residential or business street address of a next of 
kin or another contact individual; or
    (iii) For a person other than an individual (such as a corporation, 
partnership or trust), a principal place of business, local office or 
other physical location; and
    (4) Identification number, which shall be:
    (i) For a U.S. person, a taxpayer identification number; or
    (ii) For a non-U.S. person, one or more of the following: a 
taxpayer identification number, a passport number and country of 
issuance, an alien identification card number, or the number and 
country of issuance of any other government-issued document evidencing 
nationality or residence and bearing a photograph or similar safeguard.

    Note to paragraph (b)(2)(i)(A)(4)(ii):
    When opening an account for a foreign business or enterprise 
that does not have an identification number, the futures commission 
merchant or introducing broker must request alternative government-
issued documentation certifying the existence of the business or 
enterprise.

    (B) Exception for persons applying for a taxpayer identification 
number. Instead of obtaining a taxpayer identification number from a 
customer prior to opening an account, the CIP may include procedures 
for opening an account for a customer that has applied for, but has not 
received, a taxpayer identification number. In this case, the CIP must 
include procedures to confirm that the application was filed before the 
customer opens the account and to

[[Page 25161]]

obtain the taxpayer identification number within a reasonable period of 
time after the account is opened.
    (ii) Customer verification. The CIP must contain procedures for 
verifying the identity of each customer, using information obtained in 
accordance with paragraph (b)(2)(i) of this section, within a 
reasonable time before or after the customer's account is opened. The 
procedures must describe when the futures commission merchant or 
introducing broker will use documents, non-documentary methods, or a 
combination of both methods, as described in this paragraph (b)(2)(ii).
    (A) Verification through documents. For a futures commission 
merchant or introducing broker relying on documents, the CIP must 
contain procedures that set forth the documents the futures commission 
merchant or introducing broker will use. These documents may include:
    (1) For an individual, an unexpired government-issued 
identification evidencing nationality or residence and bearing a 
photograph or similar safeguard, such as a driver's license or 
passport; and
    (2) For a person other than an individual (such as a corporation, 
partnership or trust), documents showing the existence of the entity, 
such as certified articles of incorporation, a government-issued 
business license, a partnership agreement, or a trust instrument.
    (B) Verification through non-documentary methods. For a futures 
commission merchant or introducing broker relying on non-documentary 
methods, the CIP must contain procedures that set forth the non-
documentary methods the futures commission merchant or introducing 
broker will use.
    (1) These methods may include contacting a customer; independently 
verifying the customer's identity through the comparison of information 
provided by the customer with information obtained from a consumer 
reporting agency, public database, or other source; checking references 
with other financial institutions; or obtaining a financial statement.
    (2) The futures commission merchant's or introducing broker's non-
documentary procedures must address situations where an individual is 
unable to present an unexpired government-issued identification 
document that bears a photograph or similar safeguard; the futures 
commission merchant or introducing broker is not familiar with the 
documents presented; the account is opened without obtaining documents; 
the customer opens the account without appearing in person at the 
futures commission merchant or introducing broker; and where the 
futures commission merchant or introducing broker is otherwise 
presented with circumstances that increase the risk that the futures 
commission merchant or introducing broker will be unable to verify the 
true identity of a customer through documents.
    (C) Additional verification for certain customers. The CIP must 
address situations where, based on the futures commission merchant's or 
introducing broker's risk assessment of a new account opened by a 
customer that is not an individual, the futures commission merchant or 
introducing broker will obtain information about individuals with 
authority or control over such account in order to verify the 
customer's identity. This verification method applies only when the 
futures commission merchant or introducing broker cannot verify the 
customer's true identity after using the verification methods described 
in paragraphs (b)(2)(ii)(A) and (B) of this section.
    (iii) Lack of verification. The CIP must include procedures for 
responding to circumstances in which the futures commission merchant or 
introducing broker cannot form a reasonable belief that it knows the 
true identity of a customer. These procedures should describe:
    (A) When an account should not be opened;
    (B) The terms under which a customer may conduct transactions while 
the futures commission merchant or introducing broker attempts to 
verify the customer's identity;
    (C) When an account should be closed after attempts to verify a 
customer's identity have failed; and
    (D) When the futures commission merchant or introducing broker 
should file a Suspicious Activity Report in accordance with applicable 
law and regulation.
    (3) Recordkeeping. The CIP must include procedures for making and 
maintaining a record of all information obtained under procedures 
implementing paragraph (b) of this section.
    (i) Required records. At a minimum, the record must include:
    (A) All identifying information about a customer obtained under 
paragraph (b)(2)(i) of this section;
    (B) A description of any document that was relied on under 
paragraph (b)(2)(ii)(A) of this section noting the type of document, 
any identification number contained in the document, the place of 
issuance, and if any, the date of issuance and expiration date;
    (C) A description of the methods and the results of any measures 
undertaken to verify the identity of a customer under paragraphs 
(b)(2)(ii)(B) and (C) of this section; and
    (D) A description of the resolution of each substantive discrepancy 
discovered when verifying the identifying information obtained.
    (ii) Retention of records. Each futures commission merchant and 
introducing broker must retain the records made under paragraph 
(b)(3)(i)(A) of this section for five years after the account is closed 
and the records made under paragraphs (b)(3)(i)(B), (C), and (D) of 
this section for five years after the record is made. In all other 
respects, the records must be maintained pursuant to the provisions of 
17 CFR 1.31.
    (4) Comparison with government lists. The CIP must include 
procedures for determining whether a customer appears on any list of 
known or suspected terrorists or terrorist organizations issued by any 
Federal government agency and designated as such by Treasury in 
consultation with the Federal functional regulators. The procedures 
must require the futures commission merchant or introducing broker to 
make such a determination within a reasonable period of time after the 
account is opened, or earlier if required by another Federal law or 
regulation or Federal directive issued in connection with the 
applicable list. The procedures also must require the futures 
commission merchant or introducing broker to follow all Federal 
directives issued in connection with such lists.
    (5)(i) Customer notice. The CIP must include procedures for 
providing customers with adequate notice that the futures commission 
merchant or introducing broker is requesting information to verify 
their identities.
    (ii) Adequate notice. Notice is adequate if the futures commission 
merchant or introducing broker generally describes the identification 
requirements of this section and provides such notice in a manner 
reasonably designed to ensure that a customer is able to view the 
notice, or is otherwise given notice, before opening an account. For 
example, depending upon the manner in which the account is opened, a 
futures commission merchant or introducing broker may post a notice in 
the lobby or on its Web site, include the notice on its account 
applications or use any other form of written or oral notice.
    (iii) Sample notice. If appropriate, a futures commission merchant 
or introducing broker may use the following sample language to provide 
notice to its customers:


[[Page 25162]]



Important Information About Procedures For Opening a New Account

    To help the government fight the funding of terrorism and money 
laundering activities, Federal law requires all financial 
institutions to obtain, verify, and record information that 
identifies each person who opens an account.
    What this means for you: When you open an account, we will ask 
for your name, address, date of birth and other information that 
will allow us to identify you. We may also ask to see your driver's 
license or other identifying documents.

    (6) Reliance on another financial institution. The CIP may include 
procedures specifying when the futures commission merchant or 
introducing broker will rely on the performance by another financial 
institution (including an affiliate) of any procedures of its CIP, with 
respect to any customer of the futures commission merchant or 
introducing broker that is opening an account, or has established an 
account or similar business relationship with the other financial 
institution to provide or engage in services, dealings, or other 
financial transactions, provided that:
    (i) Such reliance is reasonable under the circumstances;
    (ii) The other financial institution is subject to a rule 
implementing 31 U.S.C. 5318(h), and is regulated by a Federal 
functional regulator; and
    (iii) The other financial institution enters into a contract 
requiring it to certify annually to the futures commission merchant or 
introducing broker that it has implemented its anti-money laundering 
program, and that it will perform (or its agent will perform) specified 
requirements of the futures commission merchant's or introducing 
broker's CIP.
    (c) Exemptions. The Commission, with the concurrence of the 
Secretary, may by order or regulation exempt any futures commission 
merchant or introducing broker that registers with the Commission or 
any type of account from the requirements of this section. In issuing 
such exemptions, the Commission and the Secretary shall consider 
whether the exemption is consistent with the purposes of the Bank 
Secrecy Act, and in the public interest, and may consider other 
necessary and appropriate factors.
    (d) Other requirements unaffected. Nothing in this section relieves 
a futures commission merchant or introducing broker of its obligation 
to comply with any other provision of this part, including provisions 
concerning information that must be obtained, verified, or maintained 
in connection with any account or transaction.

    Dated: April 28, 2003.
James F. Sloan,
Director, Financial Crimes Enforcement Network.
    Dated: April 28, 2003.

In concurrence:
Jean A. Webb,
Secretary of the Commodity Futures Trading Commission.
[FR Doc. 03-11016 Filed 5-8-03; 8:45 am]
BILLING CODE 4810-02-P; 6351-01-P