We do not believe that the Customer Identification Program (CIP) rules require your organization to collect social security numbers for every individual who is an authorized signer on a business account. The CIP rules require, at a minimum, that you collect a taxpayer identification number from every customer, including business customers. 31 CFR 1020.220(a)(2)(i). The term “customer” is defined as any “person that opens a new account.” 31 CFR 1020.100(c)(1)(i). However, we do not believe that the term “customer” would include an individual who is authorized to sign on behalf of a customer, and therefore we do not believe that the requirement to collect a customer’s taxpayer identification number would extend to an authorized signer.
With that said, the FFIEC’s BSA/AML Examination Manual identifies some situations in which it may be advisable to collect taxpayer identification numbers from authorized signers. The manual’s Customer Due Diligence section states that if a bank determines that a customer presents a higher risk, then “the bank should consider obtaining” information on “individuals with ownership or control over the account, such as beneficial owners, signatories, or guarantors.” Along similar lines, the Customer Identification Program section suggests that if “the bank cannot verify the customer’s true identity using documentary or nondocumentary methods,” then the bank’s CIP procedures (based on the bank’s own risk assessment) might provide for obtaining identifying information about “individuals with authority or control over such accounts, including signatories, in order to verify the customer’s identity.” Also, note that the Business Entities (Domestic and Foreign) section suggests that a bank’s CIP procedures could provide that “[r]equired account opening information may include . . . the appointment of a person to act as a signatory for the entity on the account.”