Danielle is a fintech industry writer who covers topics related to payments, identity verification, lending, and more. She's been writing about tech for over a decade and is passionate about the impact of tech on everyday life.
Table of ContentsFintech companies are swimming in regulatory requirements—and acronyms. From the Bank Secrecy Act (BSA) to anti-money laundering (AML) regulations, staying compliant with all the financial requirements can be a challenge.
Today, many fintech companies and financial institutions leverage advanced digital tools to complete these processes faster without increasing risk, including for CIP (Customer Identification Program) requirements.
This article outlines what you need to know about CIP, including what it is, the different CIP requirements, and how technology streamlines the process and improves the onboarding process.
A Customer Identification Program (CIP) is a mandatory procedure for entities that are identified as financial institutions under the Bank Secrecy Act (BSA). The program must outline the steps taken to verify the identity of customers who open an account with the financial institution. CIP is a component of the BSA (Bank Secrecy Act) as amended by the USA Patriot Act Section 326, which was implemented on June 9, 2003.
An organization's CIP must include risk-based procedures for verifying a customer's identity to a reasonable extent. The procedures must be based on the financial institution’s assessment of relevant risks, including:
For fintech companies, CIP processes are important to reduce risk and safeguard users' information in a digital world.
CIP and KYC are often used interchangeably, however, there are noticeable differences between the two concepts. Before discussing how CIP has shifted in recent years, it's helpful to understand the differences between the two.
CIP refers to a documented process financial institutions must have to outline how they identify their customers before they open an account. It is a required piece of an AML program that ensures companies take reasonable steps to determine who customers are.
KYC is a broader concept that includes guidelines and regulations financial and investment institutions must follow to identify customers, assess risk, and monitor transactions for suspicious activities. KYC does not refer to specific regulations; rather it is a catch-all phrase for regulations surrounding identity verification procedures related to AML and BSA compliance.
→ Want to improve conversions while meeting CIP requirements? Plaid Identity Verification offers the lowest friction identity verification experience available.
Prevent fraud, win users, and protect your bottom line
Banks and some other financial companies must have a written CIP program incorporated into their BSA/AML requirements. The program must include practical, reasonable, and risk-based procedures for verifying a customer's identity.
The rules should apply to any customer who opens an account for themselves or for another person or organization. The rules do not apply to an individual who does not formally open an account — for example, someone who applies for a car loan but is denied.
There are five main components of CIP banking requirements:
In the past, building a CIP meant organizations had to outline how to collect and verify documents in person. Today, however, the digital identity verification process makes the process easier. That makes creating a CIP easier, too.
Traditionally, opening a bank or investment account took hours—if not days. Customers would go into their local bank branch, meet with a bank manager, and hand over identity documents like their driver's license, social security card, and mail proving their address. If you didn't have official mail (say, because you just moved) or your license has expired, you couldn't open a bank account. After collecting the documents, the bank manager would make photocopies and verify they were real. All those efforts required a huge time investment.
These requirements limited some consumers' access to financial accounts and tools. Some customers might have to take an afternoon off work—just to open a bank account or access a line of credit. Similarly, banks could spend a massive amount of time gathering, verifying, and storing documentation.
Thanks to advances in technology, times are changing. Now, customers can upload a picture of their driver's license, take a selfie, and—presto—identity verified. Digital identity verification allows fintech companies to verify identification documents, phone numbers, names, dates of birth, ID numbers, addresses, and more digitally—often right from a customer's phone or tablet.
Digital identity verification is making big waves in the financial industry. Plaid Identity Verification uses multiple verification methods to verify identification documents, including authoritative data sources and selfie checks to prevent third-party fraud. This limits risks for synthetic identity fraud and presentation attacks.
The software increases security and makes verification easier. That makes it easier for companies to create a CIP and increases conversions by improving the onboarding process for customers.
CIP requirements help reduce risks to both companies and consumers. Requiring banks and financial organizations to document how they gather, store, and analyze identification data limits bad actors' ability to access funds, but there are other benefits as well
Digital identity verification tools make it easier for fintech companies to comply with regulations—and improve the onboarding process for customers. That results in better conversions for companies and increased access for consumers.
→ Learn more about how Plaid Identity Verification helps you onboard new customers and meet regulatory requirements.