FDIC clarifies use of pre-populated customer data for CIP: Opportunities and cautions for banks

The Federal Deposit Insurance Corporation (FDIC) has issued a significant update to its supervisory approach, clarifying the use of pre-populated (pre-filled) customer information for Customer Identification Program (CIP) requirements. This guidance directly impacts how banks leverage digital tools to simplify account opening, while underlining an important responsibility: ensuring the person behind the data is legitimate to protect against fraud.

Balancing user experience and security

Pre-filled forms are a hallmark of a streamlined digital journey. With this FDIC update, financial institutions can reduce friction for individuals, making it easier and faster for a customer to open a new account without repeatedly entering the same information. The guidance acknowledges the realities of modern banking, where leveraging data from existing relationships and trusted third-party sources can enhance convenience.

However, less friction cannot mean less vigilance. The FDIC is clear that using pre-filled data is only compliant when banks have robust measures in place to ensure that the right person is providing and verifying their information. Preventing identity fraud, account takeover, and other forms of financial crime remains paramount.

The new approach: What’s allowed, what’s required

What financial institutions can do

• Pre-populate account forms with information drawn from previous interactions, affiliate organizations, vendors, or other trusted sources.
• Reduce manual data entry for returning customers, fostering a better user experience, and potentially increasing conversion rates.

What financial institutions must ensure

• Customer review and consent: The customer must be able to review, correct, update, and explicitly confirm all pre-filled fields. Passive acceptance is not enough.
• Reasonable belief in identity: Beyond the data itself, banks must have procedures to reasonably believe the person operating the device and confirming the information is who they claim to be.
• Ongoing risk assessment: The process must be dynamic, taking into account evolving risks related to fraud. This means using modern identity verification methods—such as biometric checks or risk algorithms—especially during remote, digital onboarding.
• Recordkeeping: Compliant documentation of the review, confirmation, and any corrections made by the customer is critical for audit trails.

The role of modern identity verification

Robust identity verification has never been more important. While pre-filling speeds up onboarding, it increases the need for strong processes that confirm the true identity of each applicant. Implementing multi-factor authentication, device intelligence, and behavioral analytics can help organizations strike a balance between minimizing friction and maximizing security.

Implications for the Industry

• For banks: The FDIC’s clarification offers greater flexibility and signals a willingness to support technological innovation. Still, institutions must design their onboarding journeys with both convenience and compliance in mind. Relying solely on pre-filled data without strong identity assurance mechanisms would run afoul of both the rule and its intent.
• For customers: The process is easier and less repetitive, but personal security is not diminished. Customers retain the ability to verify and control their data, reducing data-entry fatigue and potential input errors.

Key takeaways

• The FDIC now recognizes that collecting identifying information “from the customer” can include pre-filled data, as long as the customer reviews and confirms its accuracy.
• Reducing onboarding friction is possible—without undermining security—when strong identity verification practices are in place.
• Balancing seamless experiences with robust fraud prevention is essential for regulatory compliance and customer trust.

Final thoughts

This FDIC update highlights the need for banks to create onboarding experiences that are both seamless and secure. Leveraging pre-populated data—when paired with strong identity verification—can help strike the right balance. As digital account openings accelerate, financial institutions must continue to meet rising customer expectations while staying compliant with evolving regulations.

For compliance teams, the challenge is clear: make life easier for legitimate customers while keeping fraudsters out. This is where trust becomes essential. Veriff supports financial institutions with customizable identity verification solutions designed for different levels of assurance—whether that’s liveness-based selfie verification, full document and identity checks, or database lookups against reliable sources. By building trust into every step of the process, banks can confidently deliver great customer experiences while staying compliant and secure.