An official website of the United States government
OCC Bulletin 2016-10
March 21, 2016
Share This Page:
Chief Executive Officers of National Banks, Federal Savings Associations, and Federal Branches and Agencies; Department and Division Heads; All Examining Personnel; and Other Interested Parties
The Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), and the Financial Crimes Enforcement Network (FinCEN) (collectively, the agencies), are publishing this guidance to clarify the applicability of the customer identification program (CIP) regulations1 implementing Section 326 of the USA PATRIOT Act to prepaid cards. The guidance specifically discusses the treatment under the CIP regulations of prepaid cards issued by banks, savings associations, credit unions, and branches of foreign banks (collectively, banks), including cards that are sold and distributed by third parties that design, manage, and operate prepaid card programs (third-party program managers).
The principles contained in this guidance apply to all national banks, federal savings associations, and federal branches and agencies.
Prepaid cards have become mainstream financial products, used by individuals, corporations, and other private sector entities, as well as by state, federal, and local governments. General purpose prepaid cards can be used at multiple, unaffiliated merchants and permit cardholders to perform a variety of functions, including some that have traditionally been conducted using other mechanisms, such as checks or debit cards tied to bank deposit accounts or credit cards. Such functions include withdrawing cash at automated teller machines, paying bills, and transferring funds to and receiving funds from other cardholders.
The agencies have clarified that money laundering and other financial crime risks associated with the issuance of prepaid cards and the processing of prepaid card transactions require the implementation of strong and effective mitigating controls. Controls already put in place, such as limits on card value and the frequency and number of transfers permitted, and due diligence on third parties and cardholders have assisted in mitigating these risks. This guidance addresses questions that have arisen regarding the application of the CIP rule to prepaid cards issued by banks, including cards issued by banks under arrangements with third-party program managers.
Please contact Spencer W. Doak, Director for BSA/AML Compliance Policy, at
Grovetta N. Gardineer
Senior Deputy Comptroller for Compliance and Community Affairs
1 68 Fed. Reg. 25090 (May 9, 2003), codified at 31 CFR 1020.220 (U.S. Department of the Treasury);
12 CFR 21.21 (OCC); 12 CFR 208.62(b)(2) and 12 CFR 211.24(j)(2) (FRB); 12 CFR 326 (FDIC); and
12 CFR 748.2 (NCUA).