On August 5, 2025, the Federal Deposit Insurance Corporation (FDIC) issued FIL-39-2025 to state that an FDIC-supervised institution can use pre-populated customer information to satisfy the requirements of the Customer Identification Program Rule, implementing part of the USA PATRIOT Act (CIP rule).
The CIP rule requires financial institutions to collect information (name, address, date of birth, and taxpayer identification number) from persons opening accounts and to verify the person’s identity. The FDIC opined that the requirement to collect identifying information from the customer under the CIP rule does not preclude the use of pre-filled identifying information and that the FDIC would consider such pre-filed information as having been obtained from the customer for purposes of the CIP rule.
FDIC examiners will consider the pre-filled information as information from the customer provided that (1) the customer has an opportunity and the ability to review, correct, update, and confirm the accuracy of the information, and (2) the financial institution’s processes for opening an account that involves pre-filled information allow the institution to form a reasonable belief as to the identity of its customer and are based on the institution’s risk assessment, including the risk of fraudulent account opening or takeover.
In June, the FDIC, OCC and NCUA with the consent of the FinCEN, issued an exemption allowing financial institutions to obtain taxpayer identification numbers from a third-party rather than from the customer.
[View source.]
