According to provisions of the USA Patriot Act, all financial institutions must verify the identity of individuals wishing to conduct financial transactions. The law was implemented by regulations in 2003 which require financial institutions to develop a Customer Identification Program (CIP) appropriate to the size and type of its business. The CIP must be incorporated into the bank's Bank Secrecy Act/Anti-money laundering compliance program, which is subject to approval by the financial institution's board of directors.
The CIP is intended to enable the bank to form a reasonable belief that it knows the true identity of each customer. The CIP must include new account opening procedures that specify the identifying information that will be obtained from each customer. It must also include reasonable and practical risk-based procedures for verifying the identity of each customer. Financial institutions should conduct a risk assessment of their customer base and product offerings, and in determining the risks, consider: