[Federal Register Volume 68, Number 126 (Tuesday, July 1, 2003)]
[Proposed Rules]
[Pages 39039-39041]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 03-16562]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY

31 CFR Part 103

RIN 1506-AA31


Customer Identification Programs for Financial Institutions

AGENCY: Departmental Offices, Treasury.

ACTION: Notice of inquiry.

-----------------------------------------------------------------------

SUMMARY: The Department of the Treasury seeks additional comments from 
all interested persons on two discrete issues relating to final 
regulations issued recently pursuant to section 326 of the Uniting and 
Strengthening America by Providing Appropriate Tools Required to 
Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001: Whether 
and under what circumstances financial institutions should be required 
to retain photocopies of identification documents relied on to verify 
customer identity; and, whether there are situations when the 
regulations should preclude reliance on certain forms of foreign 
government-issued identification to verify customer identity.

DATES: Written comments may be submitted on or before July 31, 2003.

ADDRESSES: Commenters are strongly encouraged to submit comments by 
accessing the following Department of the Treasury Internet site: 
http://regcomments.treasury.gov.
    Comments may also be sent by electronic mail as follows: Electronic 
mail comments relating to the recordkeeping requirement (as described 
in section II(A) below), should be sent to [email protected] with the caption in the body of the text, 
``Section 326 Notice of Inquiry: Recordkeeping.'' Electronic mail 
comments relating to documentary verification of identity (as described 
in section II(B) below) should be sent to [email protected] with the caption in the body of the text, 
``Section 326 Notice of Inquiry: Identification.'' Commenters are 
requested to distinguish between the two issues and submit comments to 
the appropriate e-mail address.
    Comments also may be submitted by paper mail (preferably an 
original plus three copies). For comments relating to the recordkeeping 
requirement (as described in section II(A) below), paper mail comments 
should be sent to: 326 Recordkeeping Comments, U.S. Department of the 
Treasury, Office of the General Counsel, 1500 Pennsylvania Avenue, NW., 
Washington, DC 20220-0002.
    For comments relating to documentary verification of identity (as 
described in section II(B) below), paper mail comments should be sent 
to: 326 Identification Comments, U.S. Department of the Treasury, 
Office of the General Counsel, 1500 Pennsylvania Avenue, NW., 
Washington, DC 20220-0002.
    Please send comments by one method only. Commenters should not 
include materials or information in comments that they do not wish to 
be made available to the public. Comments may be inspected at the 
Department of the Treasury between 10 a.m. and 4 p.m. beginning 
approximately July 11, 2003. Persons wishing to inspect the comments 
submitted must request an appointment by telephoning (202) 622-0990 
(not a toll-free number).

FOR FURTHER INFORMATION CONTACT: Office of the General Counsel at (202) 
622-1927.

SUPPLEMENTARY INFORMATION:

I. Background

    On October 26, 2001, the President signed into law the Uniting and 
Strengthening America by Providing Appropriate Tools Required to 
Intercept and Obstruct Terrorism (USA PATRIOT

[[Page 39040]]

ACT) Act of 2001 (Pub. L. 107-56) (the Act). Title III of the Act made 
a number of amendments to the anti-money laundering provisions of the 
Bank Secrecy Act (BSA), which are codified in subchapter II of chapter 
53 of title 31, United States Code.\1\ These amendments are intended to 
promote the prevention, detection, and prosecution of money laundering 
and the financing of terrorism.
---------------------------------------------------------------------------

    \1\ Regulations implementing the BSA appear at 31 CFR part 103. 
The authority of the Secretary of the Treasury to administer the BSA 
and its implementing regulations has been delegated to the Director 
of the Financial Crimes Enforcement Network (FinCEN).
---------------------------------------------------------------------------

    Section 326 of the Act added a new subsection (l) to 31 U.S.C. 5318 
of the BSA that requires the Secretary of the Treasury (Secretary) to 
prescribe regulations ``setting forth the minimum standards for 
financial institutions and their customers regarding the identity of 
the customer that shall apply in connection with the opening of an 
account at a financial institution.'' For any financial institution 
engaged in financial activities described in section 4(k) of the Bank 
Holding Company Act of 1956 (section 4(k) institutions), the Secretary 
is required to prescribe the regulations issued under section 326 
jointly with the Board of Governors of the Federal Reserve System, the 
Federal Deposit Insurance Corporation, the Office of the Comptroller of 
the Currency, the Office of Thrift Supervision, the National Credit 
Union Administration, the Securities and Exchange Commission, and the 
Commodity Futures Trading Commission (collectively, the federal 
functional regulators).
    Section 326 of the Act provides that the regulations must require, 
at a minimum, financial institutions to implement reasonable procedures 
for (1) verifying the identity of any person seeking to open an 
account, to the extent reasonable and practicable; (2) maintaining 
records of the information used to verify the person's identity, 
including name, address, and other identifying information; and (3) 
determining whether the person appears on any lists of known or 
suspected terrorists or terrorist organizations provided to the 
financial institution by any government agency. In prescribing these 
regulations, section 326 of the Act directs the Secretary to take into 
consideration the various types of accounts maintained by various types 
of financial institutions, the various methods of opening accounts, and 
the various types of identifying information available.
    On May 9, 2003, the Department of the Treasury (Treasury), through 
the Financial Crimes Enforcement Network (FinCEN), together with the 
federal functional regulators, published final rules implementing 
section 326.\2\ These regulations require Federally regulated banks, 
securities broker-dealers, mutual funds, and futures commission 
merchants and introducing brokers to establish reasonable procedures 
for the identification and verification of new accountholders. Although 
separate rules were issued for the various types of financial 
institutions, the substantive requirements of the rules are intended to 
be the same.
---------------------------------------------------------------------------

    \2\ See 68 FR 25089-25162. In addition to the joint rules, 
FinCEN also issued separately a rule applicable to various state-
chartered banks lacking a federal functional regulator.
---------------------------------------------------------------------------

    The final rules require financial institutions to develop a 
customer identification program (``CIP'') that includes risk-based 
procedures for verifying the identity of each customer to the extent 
reasonable and practicable. Among other things, the CIP must enable the 
financial institution to form a reasonable belief that it knows the 
true identity of the customer. Financial institutions must develop 
their CIP to minimize the relevant risks, including those presented by 
the types of accounts maintained by the institution, the various 
methods of opening accounts, the types of identifying information 
available, as well as the financial institution's size, location, and 
type of business or customer base.
    The rules implementing section 326 became effective on June 9, 
2003, although financial institutions have until October 1, 2003 to 
come into compliance.

II. Request for Comments

    The CIP implemented pursuant to the section 326 final rules will 
form an integral part of a financial institution's efforts to detect 
and prevent money laundering and the financing of terrorism. Moreover, 
the information collected and maintained by financial institutions is 
designed to provide an effective audit trail should an investigation be 
conducted. Since publishing the final regulations, concerns have been 
raised about two provisions relating to recordkeeping and the 
acceptance of certain forms of identification. As a result of these 
concerns, and as part of Treasury's continuing efforts to ensure that 
BSA regulations strike the appropriate balance between the burdens 
imposed on the financial system and the prevention of money laundering 
and the financing of terrorism, Treasury seeks additional input on the 
two provisions.

A. Recordkeeping Requirement

    The final rules implementing section 326 permit financial 
institutions to verify customer identity through both documentary and 
non-documentary means. In proposed rules issued in July of 2002, 
Treasury and the federal functional regulators included a new 
requirement that, when a financial institution relies on a document--
such as an identification card--to verify identity, the financial 
institution must make and maintain a photocopy of that document.\3\ 
Virtually all of the substantial number of comments relating to this 
provision were critical of the requirement.\4\ In light of these 
comments and the terms of section 326 of the Act, Treasury and the 
federal functional regulators eliminated the photocopy requirement in 
the final rule, instead requiring financial institutions to make and 
maintain a record of the description of any document upon which the 
financial institution relies to verify customer identity. The 
description must include the type of document, any identification 
number contained in the document, the place of issuance, and, if any, 
the date of issuance and expiration date. While financial institutions 
are not required to maintain photocopies of identification documents 
relied upon in all cases, Treasury has noted publicly that, so long as 
it is consistent with any applicable laws, financial institutions may 
want to retain a photocopy of identification documents in instances 
where risk factors are present.
---------------------------------------------------------------------------

    \3\ See, e.g., 67 FR 48290, 48299 (proposed section 
103.121(b)(3)(B)).
    \4\ Commenters raised several arguments against the photocopy 
requirement, including: (1) The difficulty and burden of storing and 
retrieving copies of documents; (2) the fact that many kinds of 
identification documents, particularly some new driver's licenses, 
have security features that prevent them from being copied legibly; 
(3) the difficulty of safeguarding copies, which could facilitate 
identity theft; (4) the fact that this requirement would 
substantially deviate from current banking practice and would 
violate certain state laws; (5) the difficulty for banks offering 
credit card accounts through retailers, which require the customer 
to provide identifying documents at the point of sale, in complying 
with such a requirement, especially given the reduced risks of 
money-laundering and the financing of terrorism through retail store 
credit cards; and (6) the potential for claims of unlawful 
discrimination, especially since the banking regulators have 
discouraged the practice of retaining photocopies when extending 
credit.
---------------------------------------------------------------------------

    Treasury seeks additional comment on whether and under what 
circumstances financial institutions should be required to make and 
maintain photocopies of identification

[[Page 39041]]

documents used to verify the identity of customers. In particular:
    1. Should the regulations require financial institutions to make 
and maintain a photocopy of identification documents upon which the 
financial institution relies to verify identity in all cases?
    2. Should the regulations identify specific instances in which 
photocopies of documents relied upon must be made and maintained?
    3. Should the regulations provide guidance to financial 
institutions concerning risk factors indicating when photocopying 
identification documents relied upon may be appropriate?
    The views of law enforcement, the industry, and others are sought, 
even if such views have been expressed previously in connection with 
the proposed rulemakings. This inquiry focuses on the recordkeeping 
requirements when a financial institution relies on documents to verify 
identity.

B. Documentary Verification of the Identity of Foreign Individuals

    Under the risk-based approach of both the proposed and final rules, 
to the extent documents are used, financial institutions are given some 
discretion to determine which documentary forms of identification may 
be used to verify the identity of foreign individuals who seek to open 
an account. First, the final rules require financial institutions to 
obtain an identification number from all customers. For a non-U.S. 
person, an institution must obtain one or more of the following: a 
taxpayer identification number (social security number, individual 
taxpayer identification number, or employer identification number); 
passport number and country of issuance; alien identification card 
number; or number and country of issuance of any other government-
issued document evidencing nationality or residence and bearing a 
photograph or similar safeguard. Noting the absence of a uniform, 
standard identification number that non-U.S. persons could provide to 
financial institutions,\5\ Treasury and the federal functional 
regulators permitted financial institutions to choose among a variety 
of identification numbers that it may accept from a non-U.S. person, 
provided that the identifying information the institution accepts must 
permit the institution to form a reasonable belief that it knows the 
true identity of the customer.
---------------------------------------------------------------------------

    \5\ Treasury previously issued a report to Congress discussing 
the absence of a single identification number for non-U.S. persons. 
See Treasury Department, ``A Report to Congress in Accordance with 
Section 326(b) of the USA PATRIOT Act,'' October 21, 2002.
---------------------------------------------------------------------------

    Second, financial institutions must set forth the types of 
documentary identification that they will accept to verify identity. 
Financial institutions are encouraged to use multiple forms of 
identification to minimize risks. The final rules provide an 
illustrative list of identification documents that may be used. For an 
individual, these may include an unexpired government-issued 
identification evidencing nationality or residence and bearing a 
photograph or similar safeguard, such as a driver's license or 
passport.
    Treasury and the federal functional regulators emphasized that the 
final rules neither endorsed nor prohibited a financial institution's 
acceptance of particular types of identification documents issued by 
foreign governments. Instead, a financial institution must decide for 
itself, based upon consideration of the appropriate risk factors, 
whether the information presented by a customer is reliable.
    Ensuring the appropriate identification of all persons opening 
accounts at financial institutions, including non-U.S. citizens, is a 
significant goal of the final regulations. Therefore, Treasury seeks 
additional comment on whether there are situations in which the 
regulations should preclude reliance on certain forms of foreign 
government-issued identification to verify customer identity. The 
regulations presently rely on financial institutions to determine which 
forms of foreign-issued identification to accept and under what 
circumstances, in light of the risks associated with each form of 
identification.
    1. Should the regulations preclude financial institutions' reliance 
on certain forms of identification issued by certain foreign 
governments?
    2. Should the regulations require financial institutions to obtain 
a passport number from all customers who are non-U.S. citizens?
    a. What are the anticipated effects on non-U.S. citizens in the 
United States who are not required to have a passport?
    b. What are the anticipated effects on non-U.S. citizens who open 
accounts from abroad, and thus are not required to have a passport?
    3. Is there sufficient empirical information to enable Treasury to 
assess the utility of the various forms of foreign-issued 
identification for purposes of accurately identifying the holder?
    4. What would the impact be on the use of the conventional 
financial system if financial institutions were prohibited from 
accepting certain forms of government-issued identification?
    The views of law enforcement, the industry, and others are sought, 
even if such views have been expressed previously in connection with 
the proposed rulemakings.
    The purpose of this Notice of Inquiry is to solicit further comment 
on the two issues outlined above and to enhance the administrative 
record. Only after considering all comments received in response to 
this notice of inquiry will Treasury determine whether to discuss with 
the federal functional regulators if it would be appropriate to jointly 
propose amendments to the final rules published on May 9, 2003, through 
a notice of proposed rulemaking. Financial institutions covered by the 
final rules are reminded of their obligation to be in compliance with 
the final rules by October 1, 2003.

III. Procedural Requirements

    This document has been reviewed by the Office of Management and 
Budget as a significant regulatory action under Executive Order 12866.

    Dated: June 25, 2003.
David D. Aufhauser,
General Counsel.
[FR Doc. 03-16562 Filed 6-30-03; 8:45 am]
BILLING CODE 4810-25-P