What is a Customer Identification Program (CIP)?

Stolen IDs and fake aliases alone are no longer sufficient enough for criminals to commit fraud because the Know Your Customer procedures that financial institutions are following are becoming better and stronger. As part of these strong KYC processes is the Customer Identification Program or CIP for short, which keeps financial criminals away from financial institutions.

What is Customer Identification Program (CIP)?

The Customer Identification Program (CIP for short) is part of the overall KYC program and it consists of a set of rules that require organizations to verify their customers’ (or prospects) identities. So when a potential customer contacts an organization or financial institution to open a new account for example, the first thing the institution is required to do before onboarding the customer and as part of their due diligence is to confirm the identity of this potential customer.

This step, which consists of the CIP procedures, must take place before any onboarding or use of any financial services!

What is CIP in Banking?

The bank like any other financial organization is also required to perform their due diligence and this starts with the customer identification program, which has the basic rules for onboarding new customers.

The exact steps can differ between different financial institutions and between banks, factors like the size of the bank and its location play a role in how simple or complex the customer identification program is, but we can say that the main goal of all CIP in banking is to build a reasonable belief about the true identity of every customer and that every CIP has to collect at least the following information as minimum CIP program requirements: the customer's name, address, DoB, and a government-issues ID, so that the bank can run the details through databases to verify the information.

What Types of Accounts Fall Under CIP Program Requirements?

The Customer Identification Program applies to most types of accounts, including:

• Checking accounts

• Savings accounts

• Brokerage accounts

• Credit accounts

• Accounts established for business purposes

When is CIP Required?

The Customer Identification Program is typically required when:

• A customer opens a new account (including deposit, loan, or investment accounts)

• Certain pre-existing accounts might also be subject to CIP under specific circumstances (e.g., if there are suspicions of fraud).

Who is Subject to the CIP Rule?

The CIP rule covers anyone involved in the financial system, from credit unions to investment firms. Even online-only banks, digital wallets, and cryptocurrency platforms need to follow CIP procedures. Basically, if your business deals with money or financial transactions, the Customer Identification Program is part of your due diligence processes.

The General Customer Identification Program Requirements

The customer identification program requirements are enforced by law to ensure that businesses collect and verify basic information about their customers. At a minimum, the customer identification process includes:

• Full name (At least first and last)

• Date of birth

• Current address

• Identification number (like a Social Security Number or Taxpayer ID).

After collecting this information, the business needs to verify it, and this can be done by checking a government-issued ID and/or cross-referencing public databases. There are many advanced digital methods to verify the identity of customers, you can learn more about the The 10 Best Identity Verification Software Solutions in this review.

How Firms Verify Documentation

Banks and other financial institutions are responsible for making sure that the CIP documents their customers provide are real. This CIP verification can be done in two ways: documentary and non-documentary methods.

• Documentary Verification is straightforward so the business checks a passport or driver’s license to make sure they’re real and belong to the same person who provided it.

• Non-Documentary Verification uses technology to dig deeper. This could mean using public records, credit reports, or third-party verification services. This method is often used when physical documents aren’t available or when the risk is higher.

What is the Difference Between CIP and KYC?

It’s easy to mix up CIP and Know Your Customer (KYC), but they serve different purposes. The Customer Identification Program is just one part of the bigger ongoing KYC process. CIP is the initial step where you verify someone’s identity and KYC goes beyond that, it covers broader customer risk assessments and ongoing monitoring to catch anything suspicious later on. This does not mean that one is more important than the other, both processes are essential and they complement each other, but CIP is the foundation of a good KYC strategy.

If you would like to learn more about the difference between CIP and KYC, we recommend you read this article “CIP Vs. KYC in Banking: Key Differences and How They Work”, where we explain in detail the differences between the two processes!

The Role of CIP in Fraud Prevention and AML

One step criminals depend on when committing fraud or any other financial crime is passing the identity CIP verification process, and this is why the customer identification process is such a big deal because it stops criminals from using fake identities to launder money or commit fraud.

A solid Customer Identification Program makes it much harder for fraudsters to slip through the cracks, so in terms of fraud prevention, the Customer Identification Program verifies the identity of every potential customer before they even access financial services. In AML, CIP helps businesses assess risks, flag suspicious activities, and maintain compliance with local and global AML regulations.

Digital Tools in CIP

Here’s where things get exciting. Digital identity verification solutions are transforming the way businesses handle CIP. Gone are the days of relying only on physical documents. Nowadays, financial institutions are using facial recognition, biometrics, and artificial intelligence to verify identities in real time. This speeds up the process and also reduces the risk of human error.

eKYC (electronic Know Your Customer) is a term you have most probably heard of a lot. eKYC is the digital version of KYC, which helps institutions onboard customers faster and more securely.

Regulatory Compliance for CIP

To stay on the right side of the law, financial institutions are required to have strong CIP processes in place and “strong” means creating detailed policies, updating them regularly, and making sure all employees know the rules inside and out. Regulators will often conduct audits, so having your CIP well-documented is necessary as well!

If an institution fail to follow CIP rules, it will be exposed to the risks of sanctions and huge amounts of fines!

Challenges in Customer Identification Program

While the Customer Identification Program is a great tool, verifying identities in a digital world raises concerns about privacy and data security. Financial institutions must ensure that their verification processes don’t put sensitive customer information at risk.

Another emerging challenge is the rise of FinTech and crypto. As these new players enter the financial space, it’s crucial that their CIP processes are as strong as those of traditional banks. We created a comprehensive guide of KYC in Crypto, in this guide you can learn more about KYC in crypto exchanges and how it is regulated!

Read more: AML Compliance for Fintechs

Best Practices for Implementing an Effective CIP

For financial institutions, the best way to build a strong Customer Identification Program is by fostering a culture of collaboration. AML, fraud investigation, and compliance teams need to work together to spot red flags early.

1. Make Clear Rules and Steps: Start with clear rules for how you will identify your business potential customers. Write down every step you need to take and make the rules easy for everyone to understand and as a rule of thump what is the right fit for some institution does not mean it will also be right fit for yours, tailor the rules to your business specific needs.

2. Use Strong Ways to Check Identities: Don't just rely on one method, instead, use different ways to make sure the information is real; use CIP document checks but also use databases and biometrics!

3. Embrace Digital Tools: Technology can make the process easier and safer, many business use digital tools like eKYC, machine learning, and biometrics.

4. Train Your Team Regularly: Train your staff to spot suspicious activities and how report it!

5. Do Regular Checks on CIP Policy: Review your CIP policy often and check if employees are following all the rules and whether the tools your business uses are working well.

6. Keep Good Records: Keep records of all your customer checks and the steps you take to show auditors that you’re following the law and to make audits easier if regulators come to check.

How FOCAL Can Help Verify Your Customers’ Identities

FOCAL, a comprehensive platform designed for financial institutions, offers seamless identity verification and risk assessments in real time. FOCAL platform enables institutions to automate the CIP process, reducing human error and speeding up customer onboarding.

Conclusion

In summary, a strong Customer Identification Program is the backbone of any financial institution’s efforts to combat fraud and stay compliant with AML laws. As financial crimes get more sophisticated, having the right tools, technologies, and strategies in place is more important than ever.

FAQs

Q1. Does CIP apply to existing customers or only new ones?

The Customer Identification Program primarily applies to new customers who open accounts. However, financial institutions may require re-verification of existing customers if there are suspicious activities or other compliance reasons.

Q2. Can financial institutions rely on third-party services to comply with CIP?

Yes, financial institutions may rely on third-party providers or databases to verify a customer's identity. However, they remain responsible for CIP compliance and must ensure third-party providers meet the necessary standards.

Q3. What happens if a customer refuses to provide CIP information?

If a customer refuses to provide the required identification information or if the financial institution cannot verify their identity, the institution is required to deny account opening or close an existing account if applicable.

Q4. What happens if a customer’s identity cannot be verified?

If a financial institution cannot verify a customer’s identity, it may refuse to open the account, delay account opening, or even close the account if it has already been opened.

Q5. What are the CIP requirements for new customers?

CIP requirements for new customers are first and last name, current address, DoB, and at least one government-issued ID, these are the main elements of customer identification program.