AFC responds to FinCEN request for information (RFI) on customer identification program (CIP) asking for current credit card exemptions from CIP Rule to be extended to Buy-Now-Pay-Later companies
Agency RFI comes in direct response to 2023 AFC letter and multiple meetings with FinCEN specifically requesting updated guidance to create equity and alignment of data collection for CIP Rule
WASHINGTON, D.C. (May 29, 2024) –The American Fintech Council (AFC), the leading industry association representing responsible fintech companies and innovative BaaS banks has submitted a response to the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) Request for Information (RFI) related to existing requirements for banks under the Customer Identification Program(CIP) Rule. AFC has asked for formal rulemaking to ensure a uniformed agency approach to CIP and consumer protection. In addition, they have requested current CIP credit card exemptions be immediately extended to all similarly situated online or point of sale credit products, including BNPL loans.
“Appropriate regulatory modernization will level the playing field for responsible innovators who are creating critical access to safe and affordable credit options,” said Phil Goldfeder, Chief Executive Officer of the American Fintech Council. “AFC has long advocated for regulatory guidance from FinCEN to better align data collection components of the CIP Rule to the evolution of the modern digital banking environment, specifically related to Buy-Now-Pay-Later loans. CIP Rule reform will create a safer and more secure consumer experience and important parity for similarly situated financial products.”
In their most recent letter, AFC continued its advocacy for a unified regulatory environment for product and service offerings. AFC requested regulatory clarity with the CIP Rule specifically to determine the sufficiency of collecting the last four digits of a Tax ID Number (TIN) or social security (SSN) directly from the consumer, while collecting full SSN from a third party, and verifying the provided numbers through the bank’s risk-based identity verification procedures.
“Regulators should pursue a unified regulatory environment for product and service offerings that are provided to consumers for a similar purpose or in a similar manner. As the RFI recognizes, amendments to the CIP Rule Requirements should strike the right balance between ensuring consumer safety and improving the user experience” wrote Ian P. Moloney, Head of Policy and Regulatory Affair sat AFC in his letter responding to RFI. “Due to the online nature of the financial institutions’ engagements with consumers, the current CIP Rule collection requirements are incongruent with more recently established data collection best practices, which were established to improve the safety and security of consumers’ data.”
In an April 2023 letter to then FinCEN Acting Director Himamauli Das, AFC identified the growing disparity and sought immediate clarity and intervention. Additionally, AFC with their members met directly with FinCEN on multiple occasions since April of 2023to advocate for necessary changes.
Citing AFC’s previous advocacy, FinCEN noted in their RFI that “[the Agency] is aware of public interest by banks, trade associations, and Congress about the SSN collection requirement. In particular, there has been expressed interest in permitting banks to collect a partial SSN while also permitting the use of reputable third-party sources to obtain the full SSN prior to account opening.”
“By pursuing formal rulemaking, FinCEN will ensure proper alignment of supervisory expectations between federal regulators who carry out the Agency’s policy aims and parity between similarly situated products and services within the market,” concluded Moloney in his letter.
Read AFC response letter here.
Read AFC April 2023 letter here.