Today I had a frustrating conversation with Wells Fargo. I went in to do some banking (account management with a banker, not a teller transaction) and they insisted on writing down my driver's license information in their system.
I objected, and ultimately they didn't, but it seemed to be only because ultimately no changes were made to my accounts. When I go back to make the changes they are going to insist on noting it down.
I at first expressed surprise: I just did some banking the other day at another branch, and though they checked my ID, they didn't note it down. So why suddenly this new policy?
I got the manager I spoke to to go on record saying it was a USA Patriot Act requirement. This I could almost believe. Not that being so makes it a good policy - the USA Patriot Act is certainly quite chilling - but I could absolve the bank for this stupidity if it was really mandated by the law.
But I don't think I believe that answer is correct. For one, the Patriot Act has been law for quite some time, yet I believe this is the first time in more than 10 years' worth of business with Wells Fargo that I've encountered this policy to insist on recording my driver's license information. For another, it's obviously not being uniformly enforced. And furthermore, I can do all the banking that I want without that information being on file. It's just that if what I need to do happens to involve a banker, they are going to seize the opportunity to write it down. But unless they are planning to give up as customers any who do not come in to promptly report their driver's licenses, this cannot be the mandate that he represented it to be.
It's also a bad idea in general: never mind the civil liberties implications of having your identification be so directly tied to your financial transactions, but it seems like a bad idea to give out such particular identification information to so many sources. The bank can swear up and down that it never gives away the information, and that its systems are secure, but it can't guarantee it. And in general, it seems that the more places you give your identification information to, the less valuable that information is as a verification measure. Its value as a verification device is dependent on their only being one driver's license out there, but if everyone and their brother, for whatever "good reason" they come up with, insists on recording it for their own purposes, the likelihood of forgeries increases. Today it's Wells Fargo; tomorrow it's another financial institution (I have relationships with several); and the day after that, who knows who else is going to want it.
So when he also said that them having this information on file was for my protection, I definitely didn't believe him on that count.
The problem: what to do? The reason I went to this branch was because the first branch was unwilling or unable to resolve my banking issue. This one would, but at the cost of my driver's license information. I really don't want to pay that price, but there's only so much time and energy I have left to try to come up with a work-around. How many branches am I going to need to visit before I find a branch that satisfies my banking needs, but not at this high price?
Comments (6)
Check out the regs adopted under Sec. 326 of the USA Patriot Act (31 USC 5318).
Also, banks have traditionally taken down id information when opening an account.
Posted by No One | July 29, 2005 7:51 PM
Posted on July 29, 2005 19:51
The regs are at 31 CFR 103.121. See comments at http://www.fdic.gov/regulations/laws/federal/03joint326.pdf.
Posted by No One | July 29, 2005 8:04 PM
Posted on July 29, 2005 20:04
See the paragraph beginning at the bottom of the right hand collum of page 25102 of the FDIC Doc. It reads:
In light of the comments received,
Treasury and the Agencies have
reconsidered and modified the
recordkeeping requirements of the
proposed rule. The final rule provides
that a bank’s CIP must include
procedures for making and maintaining
a record of all information obtained
under the procedures implementing the
requirement that a bank develop and
implement a CIP. However, the final
rule affords banks significantly more
flexibility than did the recordkeeping
provisions contained in the proposal.
Under the final rule, a bank’s records
are to include ‘‘a description,’’ rather
than a copy, of any document upon
which the bank relied in order to verify
the identity of the customer, noting the
type of document, any identification
number contained in the document, the
place of issuance, and, if any, the date
of issuance and expiration date. The
final rule also clarifies that the record
must include ‘‘a description’’ of the
methods and results of any measures
undertaken to verify the identity of the
customer, and of the resolution of any
‘‘substantive’’ discrepancy discovered
when verifying the identifying
information obtained, rather than any
documents generated in connection
with these measures.
Posted by No One | July 29, 2005 8:11 PM
Posted on July 29, 2005 20:11
Thanks, although that still doesn't explain the Patriot Act connection. The rule, if I read it correctly, seems to involve the establishment of an account. I wasn't doing that - I established my accounts years ago.
Plus I still don't get why now? Why on this visit? Why not the visit last week? Why not the visit last month? Last year? And why, if this is so important, do they not require that customers rush right in to update their records -- since obviously I can continue banking even while they lack my driver's license info. I just can't apparently get customer service. But the Patriot Act, as far as I can tell, says nothing about having to provide my ID for that.
No, while the Patriot Act is an onerous piece of legislation, reading this I'm more convinced that the bankers were misapplying both the law and their own policy.
Posted by Cathy | July 29, 2005 8:39 PM
Posted on July 29, 2005 20:39
I have very little knowledge to contribute, but I'm going to comment anyways. It could well be that a *regulation* pursuant to the Patriot Act was recently adopted. That would make it correct for the bank to say "it's a patriot act requirement", while explaining the time lag (since it wasn't part of the original Patriot Act). It may also be that the regulation had a time lapse before becoming effective.
I also notice that you yourself require me to input an e-mail address before I commment. What's next, my social security number???
Posted by Mike | August 1, 2005 6:52 AM
Posted on August 1, 2005 06:52
My goal is to know everything about you, Mike.
(FWIW, I don't care if people use dummy emails. But if I know who you are, hopefully you'd use a name/email that I'd be able to recognize is you.)
As for the regulation thing, that explains "why now." But if I read it correctly it still suggests that it's for new customers only. And I am not that.
Posted by Cathy | August 1, 2005 8:49 AM
Posted on August 1, 2005 08:49