Customer Identification Program (CIP)
Quick Answer
The Customer Identification Program (CIP) is the broker-dealer's USA PATRIOT Act mandate to form a reasonable belief about the true identity of every customer before opening an account. The firm must collect four data elements (name, date of birth, address, identification number), verify them through documentary or non-documentary methods, give customers notice of the verification, retain identifying information for 5 years after account closure, and screen against government-issued terrorist lists.
The CIP is the identity-verification prong of the Bank Secrecy Act (BSA). Where the FINRA customer-account-information requirement collects the customer's data, the CIP confirms that the customer is who they claim to be. Both apply to every new account, but they have different purposes and different retention windows.
Statutory Foundation
The CIP is required by:
- USA PATRIOT Act of 2001: amended the Bank Secrecy Act to require every financial institution (FI), including broker-dealers, to maintain a program for verifying customer identity
- Treasury / Financial Crimes Enforcement Network (FinCEN) regulations: implement the PATRIOT Act customer-identification mandate for broker-dealers
- FINRA AML-program requirement: incorporates the CIP as part of the firm's overall AML program
The purpose is not to confirm creditworthiness or suitability; the purpose is to enable the firm to form a reasonable belief that it knows the true identity of each customer. That belief is the BSA's defense against accounts opened in fictitious or stolen identities for money-laundering purposes.
Four Required Data Elements
Every CIP must collect four pieces of identifying information before the account is opened:
| Element | Detail |
|---|---|
| Name | Legal name of the individual or entity |
| Date of birth | For an individual customer (entities have a formation date instead, captured separately) |
| Address | A physical residential or business street address for individuals; principal place of business or local office for entities. Post Office (P.O.) boxes alone are not sufficient for U.S. persons |
| Identification number | Taxpayer Identification Number (TIN) or Social Security Number (SSN) for U.S. persons; for non-U.S. persons, one or more of: TIN, passport number plus country of issuance, alien identification card number, or other government-issued identification |
Think of it this way: The CIP collects the four pieces of information that the U.S. government uses to track a person: who they are, when they were born, where they live, and what number identifies them in the tax system. Anything less and the firm cannot honestly say it knows the customer.
Exam Tip: Gotchas
- The CIP address requirement for individuals is a physical street address, not a P.O. box. Military APO/FPO addresses and tribal/rural-route addresses are accepted alternatives, but a P.O. box alone is not.
- For non-U.S. persons, a passport plus country of issuance is acceptable in lieu of a TIN. The exam will sometimes describe a foreign customer with no SSN and ask whether the account can be opened. The answer is yes if the firm captures the passport-plus-country alternative.
Verification Methods (Documentary, Non-Documentary, or Both)
The CIP must include risk-based procedures to verify the customer's identity within a reasonable time of account opening. The firm may use:
- Documentary methods: government-issued identification with a photograph (driver's license, passport, state ID), corporate formation documents for entities
- Non-documentary methods: third-party data services, credit bureau verification, comparison against fraud databases, contact with references
- Both methods: most firms use a combination, especially for higher-risk customer types
The CIP must also address what to do when the firm cannot verify identity: deny the account, close an already-opened account, and (where warranted) file a Suspicious Activity Report (SAR).
Exam Tip: Gotchas
- Verification is risk-based, not one-size-fits-all. A high-risk customer (foreign politically exposed person (PEP), large initial cash deposit) may need more verification steps than a low-risk customer (long-time bank-affiliated retail account).
- Failure to verify triggers an account closure plus a possible SAR, not just a denial. A firm that opens an account, fails to verify, and quietly walks away from the customer without considering a SAR may have a separate AML-program-requirement violation.
TIN Application Exception
A firm may open an account for a U.S. person who has applied for but not yet received a TIN, provided the CIP includes:
- Procedures to confirm the application was filed before the account is opened, AND
- Procedures to obtain the TIN within a reasonable period after account opening
This is the limited carve-out for newly arrived workers and recent legal immigrants who are mid-way through their SSN application. The exception does not apply to non-U.S. persons; they qualify under the alternative-identification rules (passport, alien ID).
Exam Tip: Gotchas
- The TIN exception applies only to U.S. persons mid-application, not to non-U.S. persons. A foreign customer without a TIN must use the alternative-identification path (passport plus country of issuance, etc.), not the application exception.
Customer Notice and Government List Screening
Before or during account opening, the firm must:
- Give the customer adequate notice that information is being collected to verify identity (typically a one-paragraph disclosure on the new-account form or in the firm's privacy notice)
- Compare new customers against government-provided lists of suspected terrorists when issued by Treasury (currently this primarily means the Office of Foreign Assets Control (OFAC) Specially Designated Nationals (SDN) list, addressed in a later section)
The customer-notice requirement is disclosure, not consent. The firm does not need permission to verify; it must simply tell the customer that verification will happen.
CIP Recordkeeping (5-Year Window)
The firm must retain CIP records on a different timeline than the FINRA customer-account-information records:
| Record Type | Retention Period |
|---|---|
| Identifying information collected at account opening | 5 years after the account is closed |
| Description of any document used to verify identity (e.g., copy of driver's license) | 5 years after the record is made |
| Description of any non-documentary method used | 5 years after the record is made |
| Description of resolution of any discrepancy | 5 years after the record is made |
Exam Tip: Gotchas
- CIP records = 5 years; FINRA customer-account-information records = 6 years. The two retention windows differ by one year and the exam exploits this. CIP captures identity verification (5-year tail); the FINRA customer-account file captures the broader customer record (6-year tail).
- The 5-year clock for identifying information runs from account closure; the 5-year clock for verification documents runs from when the document was made. A firm that closes an account in 2024 must keep the customer's identifying data through 2029 and must keep a 2018 driver's-license copy through 2023 (whichever ends later for that record).
CIP vs Broader AML Program
The CIP is the identity-verification component of the firm's AML program. It is one piece of a larger structure:
- CIP: collects four data elements at onboarding and verifies identity
- AML program: monitors transactions throughout the customer relationship for suspicious patterns
- Customer Due Diligence (CDD): ongoing risk-based understanding of the customer's expected activity, including beneficial-ownership identification for legal-entity customers (added by FinCEN's 2018 CDD Rule)
Exam Tip: Gotchas
- CIP is the identity prong; AML is the broader monitoring prong. CIP collects four data elements at onboarding. AML monitors transactions throughout the relationship. They are separate compliance pillars, but both are required by the BSA.
- The CIP does not cover beneficial-ownership identification for legal-entity customers; that is the CDD Rule. The exam may ask which rule requires beneficial-ownership identification for an LLC opening an account. The answer is the CDD Rule (now the fifth pillar of the AML-program requirement), not the CIP.