Recently, one of our clients inquired about regulations concerning retaining a photocopy of a member’s drivers license or picture ID. If you have a similar question, you may find the following article interesting. This article is reprinted with permission from the Spring 2006 edition of The WWR Letter:
Keeping a Copy of a Driver’s License: Tension Between The USA PATRIOT Act and Regulation B
By: John B.C. Porter, Esquire
Credit unions face an apparent regulatory tug-of-war when trying to reconcile two pieces of legislation: The USA PATRIOT Act (“PATRIOT Act”) and the Equal Credit Opportunity Act, implemented by Regulation B of the Code of Federal Regulations (“Regulation B”). How does a credit union ensure it complies with the PATRIOT Act without running afoul of Regulation B?
The Customer Identification Program (“CIP”) component of the PATRIOT Act requires credit unions to verify the identity of its members. One of the documentary methods by which to verify a member’s identity involves review of a member’s driver’s license or other photo identification. Some credit unions photocopy the member’s photo identification and place the copy in the member’s file as evidence of compliance with the credit union’s CIP. Some credit unions also use the copy of the member’s identification to verify the identity of the member when the member cashes a check, makes a withdrawal or otherwise transacts business with the credit union. The PATRIOT Act, however, does not require credit unions to photocopy identification to comply with the CIP. In fact, when the federal agencies promulgated the final rules of the PATRIOT Act much debate centered on whether to require credit unions and other financial institutions to make a copy of the consumer’s identification. The final rule, however, only requires credit unions to review the member’s identification and copy down verifying information found on the identification, e.g., license number, social security number, birth date and address.
Regulation B prohibits unlawful discrimination against an individual in a credit transaction based on that individual’s race, national origin, sex and age, among others. While the Regulation does not specifically prohibit the photocopying of a member’s photo identification, it does prohibit the collection of certain demographic information about members, unless related to certain dwelling-related loans or self-tests. Photo identification often contains information about the member that credit unions should not collect pursuant to Regulation B.
The best practice, therefore, is not to retain a copy of the member’s photo identification. At the very least, however, credit unions must ensure that any copies of members’ photo identification remain distinctly separate from any loan related documents. In fact, credit unions’ loan officers should not have access to the file(s) containing members’ photo identifications. It is imperative that credit unions avoid even the appearance of discrimination on a prohibited basis. The best way to accomplish this objective is to avoid “collecting” this information in the first place. Also keep in mind that if the credit union has overdraft protection lines of credit tied to its deposit accounts, maintaining a copy of a member’s photo identification in connection with this service arguably violates Regulation B as well.
In the end, there really is no true conflict between the PATRIOT Act and Regulation B, as the PATRIOT Act requires nothing of credit unions that violates Regulation B. The safest tactic, steering clear of potential violations of Regulation B while completely satisfying the requirements of the PATRIOT Act’s CIP provisions, is to copy down verifying information without retaining a photocopy of the identification used to verify identity. If this procedure is impractical for credit unions, at the very least, segregate copies of photo identification from loan files.
John B.C. Porter is an associate in the Credit Union department of the Brooklyn Heights operations center. He can be reached at (216) 739-5003 or jporter@weltman.com.
That Credit Union Blog 
My Dear Mr Porter:
Your comments should be required reading for all “loan review/audit/regulators” that for what ever purpose look at loan files. I firmly believe that less than 5% of these individuals have taken the time to look at the “Patriot Act” documentation and less than 1% have a clue as to it’s meaning. How can anyone believe that the Patriot Act requires a copy of a driver’s license from a 25 year member of the credit union with impeccable credit – should be a condition to obtain new auto loan? Yes, I am a finance manager with a new car franchise – I also worked 20+ years on the loan desk prior to making the move. I cannot believe the ignorance nor the arrogance that comes with the phrase “The Patriot Act requires that we do this” .
John —
Kudos for this article. I go over this issue whenever I am doing BSA training but it nice to have it in writing from such a well-respected firm well known to Ohio credit unions.
Valerie Edgington