Recordkeeping.
Recordkeeping. The CIP must include procedures for making and maintaining a record of all information obtained under the procedures implementing paragraph (a) of this section.
(i) Required records. At a minimum, the record must include:
(A) All identifying information about a customer obtained under paragraph (a)(2)(i) of this section;
(B) A description of any document that was relied on under paragraph (a)(2)(ii)(A) of this section noting the type of document, any identification number contained in the document, the place of issuance and, if any, the date of issuance and expiration date;
(C) A description of the methods and the results of any measures undertaken to verify the identity of the customer under paragraph (a)(2)(ii)(B) or (C) of this section; and
(D) A description of the resolution of any substantive discrepancy discovered when verifying the identifying information obtained.
(ii) Retention of records. The bank must retain the information in paragraph (a)(3)(i)(A) of this section for five years after the date the account is closed or, in the case of credit card accounts, five years after the account is closed or becomes dormant. The bank must retain the information in paragraphs (a)(3)(i)(B), (C), and (D) of this section for five years after the record is made.
(4) Comparison with government lists. The CIP must include procedures for determining whether the customer appears on any list of known or suspected terrorists or terrorist organizations issued by any Federal government agency and designated as such by Treasury in consultation with the Federal functional regulators. The procedures must require the bank to make such a determination within a reasonable period of time after the account is opened, or earlier, if required by another Federal law or regulation or Federal directive issued in connection with the applicable list. The procedures must also require the bank to follow all Federal directives issued in connection with such lists.
(5)
(i) Customer notice. The CIP must include procedures for providing bank customers with adequate notice that the bank is requesting information to verify their identities.
(ii) Adequate notice. Notice is adequate if the bank generally describes the identification requirements of this section and provides the notice in a manner reasonably designed to ensure that a customer is able to view the notice, or is otherwise given notice, before opening an account. For example, depending upon the manner in which the account is opened, a bank may post a notice in the lobby or on its Web site, include the notice on its account applications, or use any other form of written or oral notice.
(iii) Sample notice. If appropriate, a bank may use the following sample language to provide notice to its customers:
(i) Required records. At a minimum, the record must include:
(A) All identifying information about a customer obtained under paragraph (a)(2)(i) of this section;
(B) A description of any document that was relied on under paragraph (a)(2)(ii)(A) of this section noting the type of document, any identification number contained in the document, the place of issuance and, if any, the date of issuance and expiration date;
(C) A description of the methods and the results of any measures undertaken to verify the identity of the customer under paragraph (a)(2)(ii)(B) or (C) of this section; and
(D) A description of the resolution of any substantive discrepancy discovered when verifying the identifying information obtained.
(ii) Retention of records. The bank must retain the information in paragraph (a)(3)(i)(A) of this section for five years after the date the account is closed or, in the case of credit card accounts, five years after the account is closed or becomes dormant. The bank must retain the information in paragraphs (a)(3)(i)(B), (C), and (D) of this section for five years after the record is made.
(4) Comparison with government lists. The CIP must include procedures for determining whether the customer appears on any list of known or suspected terrorists or terrorist organizations issued by any Federal government agency and designated as such by Treasury in consultation with the Federal functional regulators. The procedures must require the bank to make such a determination within a reasonable period of time after the account is opened, or earlier, if required by another Federal law or regulation or Federal directive issued in connection with the applicable list. The procedures must also require the bank to follow all Federal directives issued in connection with such lists.
(5)
(i) Customer notice. The CIP must include procedures for providing bank customers with adequate notice that the bank is requesting information to verify their identities.
(ii) Adequate notice. Notice is adequate if the bank generally describes the identification requirements of this section and provides the notice in a manner reasonably designed to ensure that a customer is able to view the notice, or is otherwise given notice, before opening an account. For example, depending upon the manner in which the account is opened, a bank may post a notice in the lobby or on its Web site, include the notice on its account applications, or use any other form of written or oral notice.
(iii) Sample notice. If appropriate, a bank may use the following sample language to provide notice to its customers: