In the US, certain financial institutions (i.e., banks, savings associations, credit unions, brokers and dealers in securities, mutual funds, futures commission merchants and futures introducing brokers) are required to implement customer identification programs (CIP) that enable the financial institution to form a reasonable belief that it knows the true identity of the customer.1  The CIP requirement is triggered whenever a person (individual or legal entity) opens a new account with the financial institution, unless the financial institution has an existing account with the customer and has a reasonable belief that it knows the person’s true identity. 

The CIP requirement obligates financial institutions to:

  • gather identifying information about the customer, including name, address, date of birth, social security or other identification number, and other identifying information;
  • verify the identity of any person opening an account to the extent reasonable and practicable;
  • maintain records of the information used to verify the person’s identity; and
  • screen the individual against lists of known or suspected terrorists or terrorist organizations, including the Specially Designated Nationals and Blocked Persons List administered by the Office of Foreign Assets Control at the US Treasury Department.

If the customer is an entity, the financial institution should obtain documents showing the legal existence of the entity, such as the articles of incorporation, a government-issued business license, or a partnership agreement. 

Verification of a customer can occur in many ways, and may include:

  • contacting the customer;
  • comparing the information provided by the customer with information obtained from a consumer reporting agency, public database, or other source;
  • checking references with other financial institutions; and/or
  • obtaining a financial statement (from individuals).



1
 E.g., 31 CFR § 1020.220. 

More topics in this series