By Thomas Curley, Sageworks
May 16 — The Customer Identification Program rule, or CIP, implements section 326 of the USA Patriot Act, which requires banks, savings associations, credit unions and certain non-federally regulated banks to have reasonable belief that they know the true identity of each customer. These laws were established with a goal of preventing money-laundering and terrorist activities. On May 11, the Financial Crimes Enforcement Network (FinCEN) reminded financial institutions that the final rule, “Customer Due Diligence Requirements for Financial Institutions” officially became effective. Financial institutions, more than ever, are being watched and held to these higher standards as technology has made illicit activities more common.
The CIP regulations are designed to achieve a few main objectives.
- Identify and verify the customer’s identity
- Understand a particular customer and create a risk rating specifically for that profile
- Help banks make more informed decisions based on risk factors
- Decrease money laundering as a whole
Despite the good intentions behind these regulations, banks have said, these and other requirements have put lots of extra pressure on financial institutions from a time and money standpoint. In order to comply, institutions need to be able to prove they did their due diligence and understood their customer before engaging in activity with them. This due diligence process, known in the industry as “know your customer,” requires institutions to acquire a lot of data to prove they have verified the identity of the customer. The process of manually entering data can be extremely difficult and time consuming. However, the fines for not complying with the laws are quite extensive and therefore not something to joke about. According to a report by Deloitte in 2014, regulatory fines associated with anti-money laundering activities totaled over $2.35 billion.
One way financial institutions are trying to ease the burden of these and other regulatory requirements is to automate as much of the process as possible. As it relates to customer identification programs, one time-saver is to use a loan origination program that is integrated through an API with OFAC, a tool that looks for potential matches on the “Specially Designated Nationals List” and on its “Consolidated Sanctions List.” OFAC is able to produce a list of possible name matches, with a score based on two algorithms that indicates the confidence of the matches. This is one aspect of getting the information needed to comply with CIP regulations. Some software solutions can integrate with systems like OFAC and process data points for every loan origination without ever needing to leave the original interface. Integrations like this are a huge step forward in complying with CIP regulations while also reducing the time spent entering data to conduct due diligence before engaging in the financial activity.
Without high quality and correct data inputs, the CIP regulations will be difficult to uphold. Not only might institutions be fined, but illegal activity may go unnoticed. These laws aren’t put into place to make banking difficult, but they have created extra work. Finding a reliable way to automate high quality data into your institution’s platform could be a small change that pays dividends, both from a time and money standpoint.
Thomas Curley is a bank marketing specialist at Sageworks, a financial information company that provides lending, credit risk, and portfolio risk solutions to over 1,200 financial institutions across the country. He specializes in educating bankers on the latest in digitization, and his thought leadership pieces on automation and open banking topics appear frequently in publications including BankNews, the Financial Brand and Fintech Weekly.