Skip to content
LexBuild

Agency Information Collection Activities; Proposed Renewal; Comment Request; Renewal Without Change of the Customer Identification Program Regulatory Requirements for Certain Financial Institutions 

---
identifier: "/us/fr/2024-13590"
source: "fr"
legal_status: "authoritative_unofficial"
title: "Agency Information Collection Activities; Proposed Renewal; Comment Request; Renewal Without Change of the Customer Identification Program Regulatory Requirements for Certain Financial Institutions"
title_number: 0
title_name: "Federal Register"
section_number: "2024-13590"
section_name: "Agency Information Collection Activities; Proposed Renewal; Comment Request; Renewal Without Change of the Customer Identification Program Regulatory Requirements for Certain Financial Institutions"
positive_law: false
currency: "2024-06-20"
last_updated: "2024-06-20"
format_version: "1.1.0"
generator: "[email protected]"
agency: "Treasury Department"
document_number: "2024-13590"
document_type: "notice"
publication_date: "2024-06-20"
agencies:
  - "Treasury Department"
  - "Financial Crimes Enforcement Network"
fr_citation: "89 FR 51940"
fr_volume: 89
comments_close_date: "2024-08-19"
fr_action: "Notice and request for comments."
---

#  Agency Information Collection Activities; Proposed Renewal; Comment Request; Renewal Without Change of the Customer Identification Program Regulatory Requirements for Certain Financial Institutions

**AGENCY:**

Financial Crimes Enforcement Network (FinCEN), Treasury.

**ACTION:**

Notice and request for comments.

**SUMMARY:**

As part of its continuing effort to reduce paperwork and respondent burden, FinCEN invites comments on the proposed renewal, without change, of existing information collection requirements found in Bank Secrecy Act regulations that require banks, savings associations, credit unions, certain non-federally regulated banks and trust companies (collectively hereinafter “banks”), brokers-dealers, mutual funds, futures commission merchants, and introducing brokers in commodities, to develop and implement customer identification programs designed to allow the financial institutions to form a reasonable belief that they know the true identity of each of their customers. This request for comments is made pursuant to the Paperwork Reduction Act of 1995 (PRA).

**DATES:**

Written comments are welcome and must be received on or before August 19, 2024.

**ADDRESSES:**

Comments may be submitted by any of the following methods:

*Federal E-rulemaking Portal: http://www.regulations.gov.* Follow the instructions for submitting comments. Refer to Docket Number FINCEN-2023-0015 and Office of Management and Budget (OMB) control numbers 1506-0022, 1506-0026, 1506-0033, and 1506-0034.

*Mail:* Policy Division, Financial Crimes Enforcement Network, P.O. Box 39, Vienna, VA 22183. Refer to Docket  Number FINCEN-2023-0015 and OMB control numbers 1506-0022, 1506-0026, 1506-0033, and 1506-0034.

Please submit comments by one method only. Comments will be reviewed consistent with the PRA and applicable OMB regulations and guidance. All comments submitted in response to this notice will become a matter of public record. Therefore, you should submit only information that you wish to make publicly available.

**FOR FURTHER INFORMATION CONTACT:**

FinCEN's Regulatory Support Section at 1-800-767-2825 or electronically at *[email protected].*

**SUPPLEMENTARY INFORMATION:**

**I. Statutory and Regulatory Provisions**

The legislative framework generally referred to as the Bank Secrecy Act (BSA) consists of the Currency and Foreign Transactions Reporting Act of 1970, as amended by the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (USA PATRIOT Act) [^1] and other legislation, including the Anti-Money Laundering act of 2020 (AML Act). [^2] The BSA is codified at 12 U.S.C. 1829b and 1951-1960 and 31 U.S.C. 5311-5314 and 5316-5336, and notes thereto, with implementing regulations at 31 CFR chapter X.

[^1] USA PATRIOT Act, Public Law 107-56.

[^2] The AML Act was enacted as Division F, sections 6001-6511, of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, Public Law 116-283, 134 Stat. 3388 (NDAA).

The BSA authorizes the Secretary of the Treasury (Secretary) to, *inter alia,* require financial institutions to keep records and file reports that are determined to have a high degree of usefulness in criminal, tax, or regulatory matters, risk assessments or proceedings, or in the conduct of intelligence or counter-intelligence activities to protect against terrorism, and to implement anti-money laundering/countering the financing of terrorism (AML/CFT) programs and compliance procedures. [^3] The authority of the Secretary to administer the BSA has been delegated to the Director of FinCEN. [^4]

[^3] Section 358 of the USA PATRIOT Act expanded the purpose of the BSA by including a reference to reports and records “that have a high degree of usefulness in intelligence or counterintelligence activities to protect against international terrorism.” *See* 12 U.S.C. 1829b(a). Section 6101 of the AML Act further expanded the purpose of the BSA to cover such matters as preventing money laundering, tracking illicit funds, assessing risk, and establishing appropriate frameworks for information sharing. *See* 31 U.S.C. 5311.

[^4] Treasury Order 180-01 (Jan. 14, 2020).

31 U.S.C. 5318(l) requires the Secretary to issue regulations prescribing minimum standards for customer identification programs (CIPs) for financial institutions. [^5] Regulations implementing section 5318(l) are as follows: (i) banks (31 CFR 1020.220); (ii) brokers-dealers (31 CFR 1023.220); [^6] (iii) mutual funds (31 CFR 1024.220); [^7] and (iv) futures commission merchants and introducing brokers in commodities (31 CFR 1026.220). [^8]

[^5] Section 5318(l)(2) prescribes that the regulations, at a minimum, require financial institutions to implement reasonable procedures for: (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. Section 5318(l)(3) further directs that the regulations take into consideration the types of accounts maintained by financial institutions, the methods of opening accounts, and the types of identifying information available.

[^6] “Broker-dealer” means a person registered or required to be registered as a broker or dealer with the Commission under the Securities Exchange Act of 1934 (15 U.S.C. 77a *et seq.* ), except persons who register pursuant to 15 U.S.C. 78o(b)(11). 31 CFR 1023.100(b).

[^7] “Mutual fund” means an “investment company” (as the term is defined in section 3 of the Investment Company Act (15 U.S.C. 80a-3)) that is an “open-end company” (as that term is defined in section 5 of the Investment Company Act (15 U.S.C. 80a-5)) that is registered or is required to register with the Commission under section 8 of the Investment Company Act (15 U.S.C. 80a-8). 31 CFR 1010.100(gg).

[^8] “Futures commissions merchants” means any person registered or required to be registered as a futures commission merchant with the Commodity Futures Trading Commission (“CFTC”) under the Commodity Exchange Act (7 U.S.C. 1 *et seq.* ), except persons who register pursuant to Section 4f(a)(2) of the Commodity Exchange Act (7 U.S.C. 6f(a)(2)). 31 CFR 1026.100(f). “Introducing broker” means any person registered or required to be registered as an introducing broker with the CFTC under the Commodity Exchange Act (7 U.S.C. 1 *et seq.* ), except persons who register pursuant to Section 4f(a)(2) of the Commodity Exchange Act (7 U.S.C. 6f(a)(2)). 31 CFR 1026.100(g).

All covered financial institutions [^9] are required to implement a CIP appropriate for its size and type of business. The CIP must include at a minimum the following five requirements:

[^9] The term “covered financial institution” applies to all financial institutions with a CIP regulatory requirement, namely banks, brokers-dealers, mutual funds, futures commission merchants, and introducing brokers in commodities.

(1) Written CIP appropriate for the financial institution's size and type of business (if a financial institution is required to have an AML compliance program, [^10] the CIP must be part of the written AML compliance program); [^11]

[^10] 31 CFR 1020.210; 1023.210; 1024.210; and 1026.210.

[^11] 31 CFR 1020.220(a)(1); 1023.220(a)(1); 1024.220(a)(1); and 1026.220(a)(1).

(2) Identity verification procedures (risk-based procedures for verifying the identity of each customer to the extent reasonable and practicable that enable the financial institution to form a reasonable belief that it knows the true identity of the customer); [^12]

[^12] 31 CFR 1020.220(a)(2); 1023.220(a)(2); 1024.220(a)(2); and 1026.220(a)(2).

(3) Recordkeeping (procedures for making and maintaining a record of all information obtained under the CIP requirements); [^13]

[^13] 31 CFR 1020.220(a)(3); 1023.220(a)(3); 1024.220(a)(3); and 1026.220(a)(3).

(4) Consultation of government lists (procedures to determine whether the customer appears on any list of known or suspected terrorists or terrorist organizations issued by any Federal government agency and designated as such by Treasury in consultation with the Federal functional regulators); [^14] and

[^14] 31 CFR 1020.220(a)(4); 1023.220(a)(4); 1024.220(a)(4); and 1026.220(a)(4).

(5) Customer notice (procedures for providing bank customers with adequate notice that the bank is requesting information to verify their identities). [^15]

[^15] 31 CFR 1020.220(a)(5); 1023.220(a)(5); 1024.220(a)(5); and 1026.220(a)(5).

The CIP may also include procedures specifying when a financial institution may rely on another financial institution to perform any of the financial institution's CIP procedures, provided certain conditions are met. [^16]

[^16] 31 CFR 1020.220(a)(6); 1023.220(a)(6); 1024.220(a)(6); and 1026.220(a)(6).

**II. Paperwork Reduction Act of 1995 
                    17**

[^17] Public Law 104-13, 44 U.S.C. 3506(c)(2)(A).

*Title:* Customer identification programs (CIPs) for certain financial institutions (31 CFR 1020.220, 1023.220, 1024.220, and 1026.220).

*OMB Control Numbers:* 1506-0022, 1506-0026, 1506-0033, and 1506-0034. [^18]

[^18] The CIP regulatory requirements are currently covered under the following OMB control numbers: 1506-0022 (31 CFR 1026.220—Customer identification programs for futures commission merchants and introducing brokers); 1506-0026 (31 CFR 1020.220—Customer identification programs for banks); 1506-0033 (31 CFR 1024.220—Customer identification programs for mutual funds); and 1506-0034 (31 CFR 1023.220—Customer identification programs for brokers-dealers).

*Form Number:* Not applicable.

*Abstract:* FinCEN is issuing this notice to renew the OMB control numbers for the CIP regulatory requirements for covered financial institutions.

*Affected Public:* Businesses or other for-profit institutions, and non-profit institutions.

*Type of Review:* Renewal without change of currently approved information collections.

*Frequency:* As required.

*Estimated Number of Respondents:* 16,232 financial institutions. [^19]

[^19] Table 1 below sets forth a distribution of the types of financial institutions covered by this notice.

*Estimated Recordkeeping Burden:*

In Part 1 of this notice, FinCEN describes the distribution of the estimated number of covered financial institutions, by type, and the estimated number of new accounts opened per year, by type of covered financial institution. In addition, Part 1 describes the primary characteristics of covered financial institutions' CIP requirements. In Part 2, FinCEN proposes for review and comment a renewal of the calculation of the annual PRA burden that includes a scope and methodology similar to that used in the 2020 notice to renew the OMB control numbers associated with these information collections. [^20]

[^20]*See* FinCEN, *Agency Information Collections Activities; Proposed Renewal; Comment Request: Renewal Without Change of the Customer Identification Program Regulatory Requirements for Certain Financial Institutions,* 85 FR 49425 (Aug. 13, 2020).

**Part 1. Distribution of the Financial Institutions and New Accounts Covered by This Notice**

The distribution of financial institutions and new accounts opened annually that are covered by this notice, by type of financial institution, is as follows:

| Type of financial institution | Number of | Number of new accounts |
| --- | --- | --- |
| Banks with a Federal functional regulator (FFR) | 9,800 | 9,305,000 |
| Banks lacking an FFR | 600 | 315,000 |
| Brokers-dealers | 3,478 | 28,000,000 |
| Mutual funds | 1,400 | 16,150,000 |
| Futures commission merchants and introducing brokers in commodities | 954 | 557,000 |
| Total | 16,232 | 54,327,000 |

In connection with a variety of initiatives FinCEN is undertaking to implement the AML Act, FinCEN intends to conduct, in the future, additional assessments of the PRA burden associated with BSA requirements.

**Part 2. Annual PRA Burden and Cost**

For all covered financial institutions, FinCEN continues estimating the incremental annual PRA recordkeeping burden associated with maintaining and updating the CIP (“maintenance”) at ten hours per financial institution. This estimate covers: (a) an average of approximately nine hours per financial  institution per year associated with the burden of updating the records necessary to demonstrate compliance with CIP requirements to take into consideration any regulatory changes and any modifications required as a result of a financial institution making changes to the type of accounts maintained, the methods used to open accounts, and the types of documentary or non-documentary methods for verifying identifying information the financial institution intends to use; and (b) an average of approximately one hour per financial institution associated with the burden of presenting the updated CIP to the appropriate level of management within the financial institution and obtaining approval.

In addition, FinCEN continues estimating the incremental annual PRA recordkeeping burden associated with providing customers with notification of the CIP (“notification”) at one hour per financial institution.

FinCEN also continues estimating the incremental annual PRA recordkeeping burden associated with obtaining and verifying a customer's identity ( *i.e.,* verification and recordkeeping requirements, and consulting government lists) (“implementation”) at two minutes per new account opened.

Under these assumptions, FinCEN's estimate of the annual incremental PRA burden is 1,989,452 hours, as detailed in tables 2 and 3. [^21]

[^21] The total estimate of the annual PRA burden is the summation of the total hourly burden of CIP maintenance (162,320), notification (16,232) and implementation (1,810,900) as set out in table 2 and 3, for a total of 1,989,452 hours.

| Type of financial institution | Number of | Time per financial institution (hours) (hour) | Maintenance | Notification | Burden hours per step | Maintenance | Notification | Total |
| --- | --- | --- | --- | --- | --- | --- | --- | --- |
| Banks with an FFR | 9,800 | 10 | 1 | 98,000 | 9,800 | 107,800 |  |  |
| Banks lacking an FFR | 600 | 10 | 1 | 6,000 | 600 | 6,600 |  |  |
| Brokers-dealers | 3,478 | 10 | 1 | 34,780 | 3,478 | 38,258 |  |  |
| Mutual funds | 1,400 | 10 | 1 | 14,000 | 1,400 | 15,400 |  |  |
| Futures commission merchants and introducing brokers in commodities | 954 | 10 | 1 | 9,540 | 954 | 10,494 |  |  |
| Totals | 16,232 |  |  | 162,320 | 16,232 | 178,552 |  |  |

[^22] As set out in table 1 above.

| Type of financial institution | Number of | New | Time per | Total burden in minutes | Total burden |
| --- | --- | --- | --- | --- | --- |
| Banks with an FFR | 9,800 | 9,305,000 | 2 | 18,610,000 | 310,167 |
| Banks lacking an FFR | 600 | 315,000 | 2 | 630,000 | 10,500 |
| Brokers-dealers | 3,478 | 28,000,000 | 2 | 56,000,000 | 933,333 |
| Mutual funds | 1,400 | 16,150,000 | 2 | 32,300,000 | 538,333 |
| Futures commission merchants and introducing brokers in commodities | 954 | 557,000 | 2 | 1,114,000 | 18,567 |
| Totals | 16,232 | 54,327,000 |  | 108,654,000 | 1,180,900 |

[^23] As set out in table 1 above.

FinCEN is utilizing the same fully loaded composite hourly wage rate of $106.30 utilized in other OMB control number renewals and notices of proposed rulemakings (NPRMs) currently opened to public review and comment. [^24]

[^24]*See, e.g.,* FinCEN and SEC, *NPRM Customer Identification Programs for Registered Investment Advisers and Exempt Reporting Advisers,* 89 FR 44571 (May 21, 2024).

The total estimated cost of the annual PRA burden is $211,478,747.60, as reflected in table 4 below:

| Steps | Hourly | Hourly | Total cost |
| --- | --- | --- | --- |
| Maintaining and updating the CIP | 162,320 | $106.30 | $17,254,616.00 |
| Notifying customers of CIP requirements | 16,232 | 106.30 | 1,725,461.60 |
| Implementing the CIP (identifying and verifying customer information, maintaining records, and consulting government lists) | 1,810,900 | 106.30 | 192,498,670.00 |
| Total cost |  |  | 211,478,747.60 |

*Estimated Recordkeeping Burden:* The average estimated annual PRA burden, measured in time per respondent is as follows:

a. Ten hours annually per financial institution to maintain and update the CIP.

b. One hour annually per financial institution to provide customers with notification of the CIP.

c. Two minutes per account opened by a financial institution to obtain and verify a customer's identity ( *i.e.,* verification and recordkeeping requirements, and consulting government lists).

*Estimated Number of Respondents:* 16,232, as set out in table 1.

*Estimated Total Annual Responses:*

a. 16,232 updated and board approved CIPs annually, as set out in table 2.

b. 16,232 notifications to customers of CIP requirements, as set out in table 2.

c. 54,327,000 new account relationships opened for which covered financial institutions obtained and verified customer identification, as set out in table 3.

*Estimated Total Annual Recordkeeping Burden:* The estimated total annual PRA burden is 178,552 hours, as set out in table 2, plus 1,810,900 hours, as set out in table 3, for a total of 1,989,452 hours.

*Estimated Total Annual Recordkeeping Cost:* The estimated total annual PRA cost is $211,478,747.60, as set out in table 4.

An Agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless the collection of information displays a valid OMB control number. Records required to be retained under the BSA must be retained for five years.

*Request for Comments:* Comments submitted in response to this notice will be summarized and/or included in the request for OMB approval. All comments will become a matter of public record. Comments are invited on: (i) whether the collection of information is necessary for the proper performance of the functions of the agency, including whether the information shall have practical utility; (ii) the accuracy of the agency's estimate of the burden of the collection of information; (iii) ways to enhance the quality, utility, and clarity of the information to be collected; (iv) ways to minimize the burden of the collection of information on respondents, including through the use of automated collection techniques or other forms of information technology; and (v) estimates of capital or start-up costs and costs of operation, maintenance, and purchase of services to provide information.

Andrea M. Gacki,

Director, Financial Crimes Enforcement Network.