« Back to Glossary Index

A Customer Identification Program (CIP) is a set of procedures mandated by regulatory authorities that financial institutions must follow to verify the identity of their customers. The CIP is a fundamental component of an institution’s anti-money laundering (AML) and counter-terrorist financing (CTF) compliance efforts.

Key Points:

  1. Purpose: The primary purpose of CIP is to ensure that financial institutions know who their customers are, which helps prevent money laundering, terrorist financing, fraud, and other financial crimes.
  2. Regulatory Framework:
    • USA PATRIOT Act: In the United States, the CIP requirements are outlined in Section 326 of the USA PATRIOT Act. Similar regulations exist in other countries under their respective AML laws.
    • Financial Action Task Force (FATF): Provides international standards and guidelines for customer identification as part of broader AML and CTF measures.
  3. Core Requirements:
    • Customer Identification: Financial institutions must collect and verify certain information about their customers at the time of account opening. This information typically includes:
      • Full name
      • Date of birth
      • Address (residential or business)
      • Identification number (such as a Social Security Number in the U.S., a passport number, or a taxpayer identification number)
    • Verification Methods: Institutions must use reasonable measures to verify the information provided by customers. This can include:
      • Checking government-issued identification documents (e.g., passports, driver’s licenses)
      • Using third-party databases or public records
      • Conducting face-to-face interviews or video verification
  4. Risk-Based Approach: Financial institutions may tailor their CIP procedures based on the risk profile of the customer. Higher-risk customers might require enhanced verification measures, while lower-risk customers might undergo a simplified process.
  5. Record-Keeping: Institutions are required to maintain records of the identification information and verification methods used for each customer. These records must be kept for a specified period, typically five years after the account is closed.
  6. Ongoing Monitoring: CIP is not a one-time process. Financial institutions must continuously monitor customer accounts and transactions to detect suspicious activities and ensure that the information remains accurate and up-to-date.
  7. Exceptions and Exemptions: Certain types of accounts or customers may be exempt from some CIP requirements. For example, accounts opened by publicly traded companies or government entities might have simplified identification requirements.
  8. Penalties for Non-Compliance: Failure to comply with CIP requirements can result in significant penalties for financial institutions, including fines, legal sanctions, and reputational damage.
  9. Examples of CIP Practices:
    • A bank collects a customer’s name, address, date of birth, and Social Security Number when opening a new account and verifies the information using a government-issued ID and a third-party database.
    • An online financial service uses a combination of document verification and biometric identification to verify the identities of its customers during the account opening process.
« Back to Glossary Index