Skip to content

To File or Not to File, That is the Question

Answered by: 

Question: 
Should we keep the privacy policy disclosure in the file or give it to the customer? Are we allowed to have picture IDs of the customers in the loan files?
Answer: 

You must provide the privacy disclosure to the customer. You do not need to keep a copy, but you must be able to demonstrate the process. It is permissible to have copies of drivers licenses in loan files. You can find this in footnote #50 (page 49) of the FFIEC BSA Exam Manual:

A bank may keep photocopies of identifying documents that it uses to verify a customer’s identity; however, the CIP regulation does not require it. A bank’s verification procedures should be risk-based and, in certain situations, keeping copies of identifying documents may be warranted. In addition, a bank may have procedures to keep copies of the documents for other purposes, for example, to facilitate investigating potential fraud. However, if a bank does choose to retain photocopies of identifying documents, it should ensure that these photocopies are physically secured to adequately protect against possible identity theft. (These documents should be retained in accordance with the general recordkeeping requirements in 31 CFR 103.38.) Nonetheless, a bank should be mindful that it must not improperly use any documents containing a picture of an individual, such as a driver’s license, in connection with any aspect of a credit transaction. See “Frequently Asked Questions Related to Customer Identification Program Rules” issued by FinCEN, Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency, and Office of Thrift Supervision, April 28, 2005.

First published on BankersOnline.com 6/11/07

First published on 06/11/2007

Search Topics