CUSTOMER IDENTIFICATION PROGRAM (CIP)

Know Your Customer (KYC) Procedures

DOCUMENT INFORMATION

SECTION 1: PROGRAM OVERVIEW

1.1 Purpose

This Customer Identification Program (CIP) establishes procedures for verifying the identity of persons seeking to open accounts, in compliance with Section 326 of the USA PATRIOT Act and implementing regulations.

1.2 Objectives

☐ Verify the identity of each customer
☐ Form a reasonable belief that the true identity of the customer is known
☐ Maintain records of information used to verify identity
☐ Determine whether the customer appears on government lists of known or suspected terrorists

1.3 Definition of Customer

A "customer" means:

☐ A person who opens a new account
☐ An individual who opens a new account for:
- An individual lacking legal capacity
- An entity that is not a legal person
☐ A person who opens a new account on behalf of an entity

A "customer" does NOT include:

☐ Persons with existing accounts (opened prior to CIP effective date)
☐ Persons authorized to transact on an existing account
☐ Persons who do not open an account (e.g., single transactions)
☐ Financial institutions subject to their own CIP requirements

1.4 Definition of Account

An "account" means a formal relationship established to provide ongoing services, including:

☐ Brokerage accounts
☐ Bank deposit accounts
☐ Investment advisory relationships
☐ Trust accounts
☐ Mutual fund accounts

SECTION 2: INFORMATION COLLECTION REQUIREMENTS

2.1 Required Information - Individual Customers

The following information MUST be collected from all individual customers:

2.2 Required Information - Entity Customers

The following information MUST be collected from all entity customers:

2.3 Identification Number Requirements

For U.S. Persons:

☐ Social Security Number (SSN) - REQUIRED for individuals

For Non-U.S. Persons:

☐ Taxpayer Identification Number (TIN/ITIN), OR
☐ Passport number and country of issuance, OR
☐ Alien identification card number, OR
☐ Number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard

2.4 Alternative TIN Collection (Per OCC Bulletin 2025-15)

Effective June 27, 2025, financial institutions may use an alternative collection method to obtain TIN information from a third party rather than from the customer, provided:

☐ Written procedures enable obtaining TIN before account opening
☐ Procedures are based on the institution's risk assessment
☐ Procedures are risk-based for verifying customer identity
☐ Third-party source is reliable and appropriate

SECTION 3: CUSTOMER INFORMATION FORM

3.1 Individual Customer Information

Identification Number:

☐ U.S. Person: SSN [____]-[____]-[____]
☐ Non-U.S. Person:
- Type: [________________________________]
- Number: [________________________________]
- Country of Issuance: [________________________________]
- Expiration Date: [__/__/____]

3.2 Entity Customer Information

SECTION 4: BENEFICIAL OWNERSHIP REQUIREMENTS

4.1 Legal Entity Customer (LEC) Requirements

For legal entity customers, the Company must identify and verify the identity of:

☐ Beneficial Owners - Each individual who owns 25% or more of the entity
☐ Control Person - At least one individual with significant responsibility to control, manage, or direct the entity

4.2 Certification Form

BENEFICIAL OWNERSHIP CERTIFICATION

I, [________________________________], certify that the following information is true and complete:

Control Person (Required - at least one):

Beneficial Owners (25%+ Ownership):

☐ No individual owns 25% or more of the entity

Certification:

I certify that the information provided above is complete and correct.

Signature: ______________________________________ Date: [__/__/____]

Name: [________________________________]

Title: [________________________________]

4.3 Exemptions from Beneficial Ownership

The following entities are exempt from beneficial ownership requirements:

☐ Financial institutions regulated by federal/state banking regulators
☐ SEC-registered broker-dealers, investment companies, investment advisers
☐ SEC-registered exchanges and clearing agencies
☐ Insurance companies
☐ Commodity futures commission merchants and introducing brokers
☐ Entities registered with CFTC
☐ Public reporting companies (SEC 13 or 15(d) filers)
☐ Federal, state, local, or tribal government agencies
☐ Entities with at least 51% government ownership
☐ Certain pooled investment vehicles

SECTION 5: IDENTITY VERIFICATION PROCEDURES

5.1 Verification Methods

The Company verifies customer identity using:

☐ Documentary methods - Review of identity documents
☐ Non-documentary methods - Use of databases, references, etc.
☐ Combination of methods - As appropriate based on risk

5.2 Documentary Verification - Individuals

Acceptable Documents:

Document Review Checklist:

☐ Document is original (not a copy)
☐ Document is unexpired
☐ Document contains photograph
☐ Photograph resembles the customer
☐ Document appears genuine (no alterations)
☐ Name matches information provided
☐ Copy retained in customer file

5.3 Documentary Verification - Entities

Acceptable Documents:

5.4 Non-Documentary Verification

Non-documentary methods are used when:

☐ Customer is unable to present required documents
☐ Documents are unfamiliar or suspicious
☐ Account is opened remotely (online, mail, telephone)
☐ Risk assessment warrants additional verification

Non-Documentary Methods:

☐ Consumer Reporting Agency Data - Credit bureau identity verification
☐ Public Databases - State motor vehicle, property records
☐ Financial References - Verification from other financial institutions
☐ Delivery of Correspondence - Confirming address via mail delivery

Non-Documentary Verification Log:

5.5 Verification Timeframe

☐ Verification must be completed within a reasonable time after account opening
☐ Risk-based determination of what constitutes "reasonable time"
☐ Higher-risk customers verified before account becomes operational
☐ Account limitations may apply until verification is complete

SECTION 6: INABILITY TO VERIFY IDENTITY

6.1 Procedures When Verification Fails

If the Company cannot verify customer identity:

Step 1: Determine cause of verification failure
☐ Insufficient documentation
☐ Documentation appears fraudulent
☐ Non-documentary verification negative results
☐ Customer uncooperative

Step 2: Request additional information/documentation
☐ Additional ID documents requested: [________________________________]
☐ Additional information requested: [________________________________]

Step 3: Escalate to supervisor/compliance
☐ Escalated to: [________________________________]
☐ Date: [__/__/____]

Step 4: Make account decision
☐ Account approved with conditions
☐ Account denied
☐ Account closed (if already opened)

6.2 Account Denial/Closure Documentation

6.3 SAR Consideration

☐ Evaluate whether SAR filing is appropriate
☐ If identity cannot be verified AND suspicious activity is present, file SAR
☐ Document SAR filing decision

SECTION 7: GOVERNMENT LISTS COMPARISON

7.1 OFAC Screening Requirement

☐ All customers screened against OFAC Specially Designated Nationals (SDN) List
☐ Screening performed before account opening
☐ Screening performed when OFAC lists are updated
☐ Automated screening system used: ☐ Yes ☐ No

7.2 Lists Screened

☐ OFAC Specially Designated Nationals (SDN) List
☐ OFAC Consolidated Sanctions List
☐ Other lists as required by regulation
☐ FinCEN 314(a) requests (ongoing basis)

7.3 Screening Documentation

7.4 Match Handling Procedures

If a potential match is identified:

1. ☐ Hold account opening pending investigation
2. ☐ Compare all available information to list entry
3. ☐ Contact OFAC if unable to determine (1-800-540-6322)
4. ☐ If true match: Do not open account, report to OFAC
5. ☐ If false positive: Document resolution and proceed

SECTION 8: CUSTOMER NOTICE

8.1 Required Notice

The Company provides the following notice to customers:

IMPORTANT INFORMATION ABOUT PROCEDURES FOR OPENING A NEW ACCOUNT

To help the government fight the funding of terrorism and money laundering activities, Federal law requires all financial institutions to obtain, verify, and record information that identifies each person who opens an account.

What this means for you: When you open an account, we will ask for your name, address, date of birth, and other information that will allow us to identify you. We may also ask to see your driver's license or other identifying documents.

8.2 Notice Delivery

☐ Notice provided at or before account opening
☐ Notice posted in public areas
☐ Notice included on account application
☐ Notice on company website
☐ Notice acknowledged by customer (signature): ☐ Yes ☐ No

SECTION 9: ONGOING MONITORING AND UPDATES

9.1 Customer Information Updates

☐ Customer information updated when changes reported
☐ Periodic review of customer information (risk-based)
☐ Re-verification triggered by:
☐ Address change
☐ Name change
☐ Significant change in activity
☐ Red flags identified

9.2 Enhanced Due Diligence Triggers

Enhanced due diligence performed when:

☐ High-risk customer identified
☐ Negative news or adverse media
☐ OFAC or 314(a) match
☐ Unusual account activity
☐ Regulatory or law enforcement inquiry

9.3 Customer Risk Rating

SECTION 10: RECORDKEEPING

10.1 Required Records

☐ All information collected under CIP
☐ Description of documents reviewed
☐ Description of non-documentary methods used
☐ Results of verification
☐ Resolution of any discrepancies

10.2 Record Retention

10.3 Document Copies

☐ Copies of identity documents retained: ☐ Yes ☐ No
☐ If yes, storage method: [________________________________]
☐ Access controls in place: ☐ Yes ☐ No

SECTION 11: RELIANCE ON ANOTHER FINANCIAL INSTITUTION

11.1 Reliance Permitted

The Company may rely on another financial institution to perform CIP verification if:

☐ The relied-upon institution is subject to CIP requirements
☐ The relied-upon institution enters into a contract with the Company
☐ The relied-upon institution certifies annual compliance with CIP requirements

11.2 Reliance Agreement Requirements

SECTION 12: TRAINING

12.1 CIP Training Requirements

All personnel involved in account opening must receive training on:

☐ CIP requirements and procedures
☐ Document verification techniques
☐ Red flag identification
☐ Customer notice requirements
☐ Recordkeeping requirements
☐ Escalation procedures

12.2 Training Documentation

SECTION 13: QUALITY ASSURANCE

13.1 CIP Quality Metrics

13.2 Testing Procedures

☐ Random sample of new accounts reviewed monthly
☐ CIP completeness verified
☐ Verification adequacy assessed
☐ Deficiencies reported to management
☐ Corrective action implemented

SECTION 14: PROGRAM APPROVAL

14.1 Approval and Certification

This Customer Identification Program is hereby approved:

______________________________________
AML Compliance Officer Signature

[________________________________]
Name (Print)

Date: [__/__/____]

______________________________________
Chief Compliance Officer Signature

[________________________________]
Name (Print)

Date: [__/__/____]

______________________________________
Board/Senior Management Approval

[________________________________]
Name (Print)

Date: [__/__/____]

APPENDICES

Appendix A: Acceptable Identification Documents Reference Guide

Appendix B: New Account Opening Checklist

Appendix C: Beneficial Ownership Certification Form

Appendix D: Sample Customer Notice

Appendix E: Non-Documentary Verification Sources

Appendix F: High-Risk Customer EDD Checklist

SOURCES AND REFERENCES

• FinCEN CIP Final Rule FAQs: https://www.fincen.gov/sites/default/files/guidance/finalciprule.pdf
• 31 CFR § 1020.220 (Banks): https://www.ecfr.gov/current/title-31/subtitle-B/chapter-X/part-1020/subpart-B/section-1020.220
• FFIEC BSA/AML CIP Section: https://bsaaml.ffiec.gov/manual/AssessingComplianceWithBSARegulatoryRequirements/01_ep
• OCC Bulletin 2025-15 (TIN Alternative Collection): https://www.occ.gov/news-issuances/bulletins/2025/bulletin-2025-15.html
• FinCEN Customer Due Diligence Rule: https://www.fincen.gov/resources/statutes-and-regulations/cdd-final-rule

This template is provided for informational purposes only and does not constitute legal advice. CIP requirements vary by institution type and are subject to change. Consult with qualified AML professionals and legal counsel.