Letter to Federal Reserve, FDIC, and OCC highlights the need for a transparent, risk-based approach balancing consumer protection with responsible innovation

Washington, D.C. (March 12, 2025) – The American Fintech Council (AFC), the premier industry association representing responsible fintech companies and innovative banks, today submitted a comment letter to the Federal Reserve, the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC), urging reforms to outdated compliance requirements under the Customer Identification Program (CIP) Rule. The recommendations come in response to the agencies’ request for comment on regulatory publication and review under the Economic Growth and Regulatory Paperwork Reduction Act of 1996 (EGRPRA).

In the letter, AFC calls for regulatory modernization to ensure fintech companies and their bank partners can provide secure, efficient, and consumer-friendly financial services. Specifically, AFC advocates for allowing financial institutions to collect partial Tax Identification Numbers (TINs) or Social Security Numbers (SSNs) from consumers while obtaining full TINs from trusted third-party sources for verification. This approach aligns with industry best practices and ensures compliance with anti-money laundering (AML) requirements without imposing unnecessary burdens on consumers.

“Modernizing the CIP Rule is critical to building a financial system that is both secure and accessible,” said Phil Goldfeder, CEO of AFC. “The current framework is outdated and doesn't reflect the realities of digital banking. By allowing responsible financial institutions to leverage innovative verification methods, we can enhance security, improve consumer trust, and ensure that fintech companies can continue providing the transparent and convenient financial products consumers want.”

AFC points out a mismatch between current compliance requirements and their legislative intent, as well as industry best practices. The letter also highlights that financial institutions operating in an online environment face unique challenges in collecting and securing consumer data. Existing CIP Rule requirements mandate the collection of full SSNs during account setup, a practice that can deter applicants and impose unnecessary operational burdens on fintech companies.

“A regulatory framework that prioritizes transparency, efficiency, and security will create a more competitive and inclusive financial services ecosystem,” said Ian P. Moloney, SVP and Head of Policy and Regulatory Affairs at AFC. “By reforming outdated compliance requirements and allowing for secure, third-party verification of consumer information, regulators can improve financial access while strengthening AML protections.”

AFC’s recommendations align with calls from regulators for a modernized compliance approach. Earlier this year, Acting FDIC Chairman Travis Hill supported updating the CIP Rule’s TIN collection requirements to eliminate barriers for banks and their fintech partners. AFC’s proposal underscores the importance of regulatory consistency across financial services, ensuring that all similarly situated financial products are treated fairly in compliance examinations.

A standards-based organization, AFC is the premier trade association representing the largest financial technology (Fintech) companies and innovative banks offering embedded finance solutions. AFC’s mission is to promote a transparent, inclusive, and customer-centric financial system by supporting responsible innovation in financial services and encouraging sound public policy. AFC members foster competition in consumer finance and pioneer products to better serve underserved consumer segments and geographies.

‍