No, we do not believe that you are required to obtain a business customer’s Articles of Incorporation if your Customer Identification Program (CIP) procedures allow you to independently verify customers’ identities by comparing information provided by your customer with information obtained from a public database.
At a minimum, your bank’s CIP must contain procedures for obtaining a business customer’s name, address, and identification number, as well as verifying customers’ identities. Your CIP program must describe when the bank will use documents, non-documentary methods, or a combination of both for customer verification. Banks relying on non-documentary methods may independently verify a customer's identity by comparing information provided by the customer with information obtained from a public database, such as the Illinois Secretary of State’s CyberDrive database. Also, as stated in FinCEN’s BSA/AML Examination Manual, a business customer’s articles of incorporation are just one document that a bank might require when opening a business account — other documents include “a corporate resolution by the directors authorizing the opening of the account, or the appointment of a person to act as a signatory for the entity on the account.”
For resources related to our guidance, please see:
- 31 CFR 1020.220(a)(1) (“Customer Identification Program: minimum requirements – In general. A bank must implement a written Customer Identification Program (CIP) appropriate for its size and type of business that, at a minimum, includes each of the requirements of paragraphs (a)(1) through (5) of this section.”)
- 31 CFR 1020.220(a)(2) (“Customer Identification Program: minimum requirements . . . . (2) Identity verification procedures. The CIP must include risk-based procedures for verifying the identity of each customer to the extent reasonable and practicable. The procedures must enable the bank to form a reasonable belief that it knows the true identity of each customer. These procedures must be based on the bank's assessment of the relevant risks, including those presented by the various types of accounts maintained by the bank, the various methods of opening accounts provided by the bank, the various types of identifying information available, and the bank's size, location, and customer base. At a minimum, these procedures must contain the elements described in this paragraph (a)(2).”)
- 31 CFR 1020.220(a)(2) (“Customer Identification Program: minimum requirements . . . . (2)(i)(A) In general. . . . the bank must obtain, at a minimum, the following information from the customer prior to opening an account: (1) Name; . . . (3) Address, which shall be: . . . (iii) For a person other than an individual (such as a corporation, partnership, or trust), a principal place of business, local office, or other physical location; and (4) Identification number, which shall be: (i) For a U.S. person, a taxpayer identification number; . . .”)
- 31 CFR 1020.220(a)(2) (“Customer Identification Program: minimum requirements . . . . (ii) The CIP must contain procedures for verifying the identity of the customer, using information obtained in accordance with paragraph (a)(2)(i) of this section, within a reasonable time after the account is opened. The procedures must describe when the bank will use documents, non-documentary methods, or a combination of both methods as described in this paragraph (a)(2)(ii).”)
- 31 CFR 1020.220(a)(2) (“Customer Identification Program: minimum requirements . . . . (2)(ii)(A) Verification through documents. For a bank relying on documents, the CIP must contain procedures that set forth the documents that the bank will use. These documents may include: . . . (2) For a person other than an individual (such as a corporation, partnership, or trust), documents showing the existence of the entity, such as certified articles of incorporation, a government-issued business license, a partnership agreement, or trust instrument.”)
- 31 CFR 1020.220(a)(2) (“Customer Identification Program: minimum requirements . . . . (2)(ii)(B) Verification through non-documentary methods. For a bank relying on non-documentary methods, the CIP must contain procedures that describe the non-documentary methods the bank will use. (1) These methods may include contacting a customer; independently verifying the customer’s identity through the comparison of information provided by the customer with information obtained from a consumer reporting agency, public database, or other source; checking references with other financial institutions; and obtaining a financial statement.”)
- BSA/AML Examination Manual — Business Entities (Domestic and Foreign) — Overview (“When opening an account for a customer that is not an individual, banks are permitted by 31 CFR 1020.100 to obtain information about the individuals who have authority and control over such accounts in order to verify the customer’s identity (the customer being the business entity). Required account opening information may include articles of incorporation, a corporate resolution by the directors authorizing the opening of the account, or the appointment of a person to act as a signatory for the entity on the account.”)