A Watershed Moment for Digital Banking: FDIC's New Stance on Pre-Filled Data Paves the Way for a Safer, Faster Future

The financial services industry is celebrating a landmark announcement from the Federal Deposit Insurance Corporation (FDIC) that will fundamentally improve the digital account opening process for banks and consumers alike. In a new Financial Institution Letter, the FDIC has clarified its supervisory approach, signaling that banks can use pre-populated customer information to fulfill Customer Identification Program (CIP) requirements.

This is a change we at Prove have passionately advocated for, and it marks a pivotal victory for security, privacy, and accessibility in digital banking. The new guidance directly enables solutions like Prove Pre-fill®, allowing banks to securely populate application fields for customers opening new accounts, including Demand Deposit Accounts (DDAs).

The Challenge We Set Out to Solve

For years, the industry has operated under a Customer Identification Program (CIP) rule with what we identified as "legacy language" better suited for in-person transactions. This created significant friction in a digital-first world. In a formal Request for Information (RFI) published on March 29, 2024, the Financial Crimes Enforcement Network (FinCEN) itself acknowledged that since the rule's adoption in 2003, there has been "significant innovation in the way that customers interact with financial institutions".

The legacy interpretation forced customers into long online application forms, leading to data entry errors and high operational costs for banks. More importantly, it created security loopholes and inequitable access. In our official commentary on the RFI, we highlighted two critical issues:

• The "Inherited CIP" Loophole: A major inconsistency in the rules, noted in the original 2003 rulemaking, allowed banks to use third-party data to open a credit card account but many banks interpreted it couldn’t be used for a deposit account. As we pointed out in our letter, if a customer opened a credit card first and then a deposit account, the bank was not required to perform CIP a second time. In effect, the deposit account would "inherit" the CIP from the credit card, meaning third-party data was already being used to open DDAs through an inefficient, two-step process.
• A False Sense of Security: In a world of frequent data breaches, simply asking an applicant to type in personal information is not a reliable security measure. Bad actors often use "pristine" but stolen identities to open accounts. When this happens, traditional CIP checks pass, but the critical Anti-Money Laundering (AML) and sanctions screenings that protect our financial system fail, defeating the core purpose of the regulation.

How Prove Championed the Change

Recognizing these critical flaws, Prove took a leading role in advocating for modernization. Last year, Prove submitted a formal public comment letter in response to FinCEN's RFI (Docket number 2024-06763).

In the submission, we directly addressed the questions posed by FinCEN and argued that the focus of identity verification must shift from where the data comes from to whether the person conducting the transaction is who they claim to be. Our core message was that strong authentication is more important than the data's source.

We urged FinCEN to provide "swift clarification" on an interpretive statement in the RFI and formally allow banks to use PII from trusted third-party sources for any bank product, not just credit cards. We explained how this would not only close security gaps but also promote financial inclusion by making digital services more accessible to all, including those who face language barriers or lack access to physical branches.

A New Era for Banks and Consumers

The FDIC's new guidance directly addresses the principles we championed. The clarification that banks can use pre-filled data, provided the customer reviews and confirms it, is a monumental step forward.

This is more than a regulatory update; it is the dawn of a new era for digital onboarding. With this green light, banks can now fully leverage the power of Prove Pre-fill® to:

• Drastically reduce application friction by eliminating long, manual forms.
• Strengthen fraud prevention by using a "phone-first" multifactor approach to authenticate the user before populating their verified data.
• Enhance the customer experience with a faster, smoother, and more secure onboarding journey.
• Boost financial inclusion by making digital account opening easier and more accessible to everyone.

We are immensely proud to have played a role in driving this positive change and applaud the FDIC and FinCEN for their forward-thinking approach. This is a win for the entire industry and a massive step forward in building a more secure and trusted digital economy.

‍