KYC applies everywhere that wants to stop, or even to appear to care about, corruption.
I live in the UK. I have been with my main bank since I was a teenager, last century. A couple of years back they wrote to me, saying the KYC regulations mean they need to check who I actually am, they need proof I'm a citizen or my visa status and proof of my address. If I do nothing for six months they'll just cut a cheque for the money in the account and close it. I sent them a photocopy of my passport and driving license.
It seems fair to me, the biggest problem with KYC isn't that it's annoying, but that the crooks it's intended to catch are able to get away without. So if anything we need more, rather than less.
More annoying to me was the time my mobile phone provider, who I'd been with for about 18 years at the time, insisted on government ID as proof I was over 18 before they'd switch off their stupid censorship system for my mobile Internet. (I wanted to read Oglaf). By definition anyone who has been a customer for 18 years is over 18 years old. Duh.
The problem with KYC is the same as the problem with many laws: it’s an inconvenience for the good guys, and only stops the dumbest of the bad guys.
There are lots of ways around KYC laws for the criminally inclined. The most straight forward would be simple identity fraud with stolen documents. Ironically, the more accustomed people become to uploading photos of their passport online, the easier it becomes for criminals to phish for the exact information they need for identity fraud.
With more banks closing branches and allowing opening of accounts online, and an increasing number of online “KYC compliance solutions” with dubious security, this problem will only get worse IMO.
The problem with KYC is the same as the problem with many laws: it’s an inconvenience for the good guys, and only stops the dumbest of the bad guys.
It's not just an inconvenience for the good guys. For community banks, the penalties for messing up are a much bigger deal than for an HSBC or a Bank of America. The problem isn't the stupidest of the bad guys. The problem are the still-stupid bad guys who have a modicum of ability. For smaller banks, who have to pick from borrowers who can't get a loan from the big banks, there are also marginal good guys who can get themselves into trouble, financial and/or legal.
With more banks closing branches and allowing opening of accounts online, and an increasing number of online “KYC compliance solutions” with dubious security, this problem will only get worse IMO.
Agreed. It's very difficult to solve and will be very important. Therefore, this is a possible opportunity?
Yes. Please do not ask or share photocopies of your documents over insecure channels. And even then you trust the person on the other line not to screw up with your data... Especially in the U.S. where a person just needs to know your SSN apparently...
Along the lines of getting identity stolen, hotel front desks are one spot. (for instance, in China, aliens are required to provide their passports and hotels are required to make a photocopy of it by law when checking in).
Also in India & many other countries. In India they usually took multiple photo copies of my passport. I would be incredibly surprised if my passport wasn’t for sale online, it’s been photocopied at least 100 times.
KYC requirements give the government much more power over the individual, because they totally eliminate individual privacy against government monitoring.
I believe this idea that a privacy-free society can work in the long run is delusional and is only going to create social dysfunction on a very large scale.
And BoA sent out random letters asking for highly personal information, without the recipient having any way to know they were legitimate.
Instead BoA should have sent out letters asking the customer to call them, or log into their BoA account.
BoA just locks accounts because it is easier on BoA than the alternative. The consequences for the customer be damned. That's reason #1,000,000 not to work with BoA or Wells Fargo.
I really liked Wells Fargo, but had a terrible experience with their legal department. I had a judgement against me for <$500 and they froze $20k. Had I not raised hell with them they were going to keep the freeze for 120 days. That’s insane.
The big banks all seem to be very conservative when it comes to legal issues, at the customer’s expense.
It's not too difficult to take a small step and open an account elsewhere. We can stop rewarding these large banks for their bad behavior. I've had a good experience with Ally.
You'd hope that being one of the 19 largest banks would keep them a little more responsive than being one of the 4 largest banks. As well as their customers being lower friction online ones, rather than trapped by circumstance brick-and-mortar ones.
But like everything in our "best-effort" economy, the only thing you can really do is open multiple bank accounts [0] and hope they aren't yet colluding hard enough through the commercial surveillance bureaus that their failures will remain reasonably independent.
[0] Obviously at places that aren't likely to institute monthly fees, or arbitrary requirements to avoid them.
They currently don't seem to be behaving in ways that actively hurts customers. I don't think there anywhere close to as big as BoA. My issue is more with behavior. But yeah, I've been considering opening a local credit union account to try that out too.
What I don't understand is: didn't you need to show them some sort of identification to open your account back then? If so, then why would they ask you to provide those sames documents again?
Times change. I would have opened that account in, let's say 1991 soon after the bank was founded. At that time I was a teenager living with my parents. I probably gave them:
A working postal address
An account name
A purported signature
An initial deposit
From a banking point of view this is fine. They're not planning to lend me a lot of cash or anything out of the gate, there's no obvious reason to assume fraud, so why ask for more? And perhaps as importantly - why keep records, even if I gave them something else they've no reason to do more than glance at it and OK the account.
But twenty five years later this same account now had a completely different postal address in another city. Large volumes of money moved through the account, and associated accounts had been created for the same customer, entitling them to a credit card, savings accounts and so on.
For example about $200k was transferred through the account in one afternoon. What's that all about? By this point the KYC regulations say accounts need to trace back to actual government ID, a passport, a driving license, something. And definitely there shouldn't be accounts able to move six figures in an afternoon based on the fact that twenty five years ago some kid posted back a piece of paper...
but for identity purposes that account is not verified to a human just by what some kid posted on a piece of paper.
It is verified by 25 years of history.
Tens of thousands of transactions.
Bundles of other accumulated data from every linked account,
and every change of address.
It is a whole lot easier to fake most government ID,
than it is to fake 25 years of history.
I opened my first bank account 20 years ago. On my lunch break. At my school. In one of the classrooms, where the local branch of Midland Bank (which is now HSBC) was running an in school "office" with Business Studies students working as "tellers". They accepted the front cover of one of my school notebooks as ID.
Depends on how old the account is. 20 years ago the documentation requirements were quite lax. So if the account is really old, they may have to update the documentation.
I opened my first account with Bank of Scotland ~35 years ago - I don't think I provided any documentation (not sure I had any). However, this was in the days of personal bank managers who actually knew people - my parents had been banking with the same bank for a long time before that.
Yeh, for context, back in 1990 I was planning to travel to Peru and wanted to work out how to get funds in an emergency.
My bank manager (at a big Central London branch in Oxford St.) invited me in for a chat and a cup of tea, and we worked out how best to do things. I think I still have the letter from him that gives the the number I should telex too if needed, together with code name I should address the telex to. He was a avid bird watcher and was interested in talking about what I would be seeing in the rainforest.
I rather miss those days. I was a 22 year old with moderate means. There was no reason for him to give me special treatment.
In 1993 I got an account in an indian nationalized bank Bank Of Baroda by depositing just the minimum amount Rs 100, & an introducer's signature on my particulars form (introducer needed to be somebody with a good running account at bank AND the one who knows me well.)
In 2006, I had to open a bank account on behalf of my father in Ireland. To my amazement, even though I told them that I do it for a father back away somewhere in between Hongkong, Pakistan and Russia, they never asked for any form of ID...
The problem with this is that the more places that need a photocopy of your government id the more leaks are going to have photo ids in them. In the long run it won't work.
It's an easy problem to solve. Force people to signup through app and make them take pictures of their documents. You can safeguard against all but state-sponsored attacks by simply obscuring your device oauth key and rotating it frequently through app updates, detecting emulation/simulator, pinging E911 location of the phone via the carrier.
Look at how hard the Starbucks app is to crack open and get access to the remote APIs or how long Skype protected their protocol. Can easily put the same amount of effort to ensure that phone isn't tampered with and that you're getting a legitimate picture of the docs.
> Can easily put the same amount of effort to ensure that phone isn't tampered with
You put a proprietary app on your phone. You presumably did this for other "secure" companies too. You no longer have a way to know who did or didn't tamper with it.
Skype managed to do it for a communication app. Games do it all the time to prevents bots. How many AIMbots are there for on secured platform like PS4 or Xbox? There's none because its next to possible to do.
The fact that your running on phone makes it harder for hackers since there is way more sensor data you have fake and you have to take the carrier stuff because carriers allow you poll devices for things like E911 location. You easily detect if you're running on a simulator and most modern financial apps have this protection. How are you going to hook up a debugger on IOS device? There isn't a jailbreak for the current OS. Setup cert pinning on the app and you won't be able to even install your own trusted cert to look at the TLS traffic.
Starbucks app security is a good starter and easy to implement their strategies in an existing app. If you add in IOS version checking, you can help mitigate the risk of getting attacked by a jailbroken device on an older version of IOS.
Skype is probably best in terms of securing the app from prying eyes and modification. Here's a good read on how they protected the app and the reverse engineering effort needed to crack it.
http://www.oklabs.net/skype-reverse-engineering-genesis/
I threw in my linkedin profile into my hackernews profile. Feel free to add me. I just listed stuff protecting the app, there's additional strategies to secure the API including low-level pack inspection to detect proxies by looking at attributes like TCP timestamp or window size scale. Proxy-based attacks are the most common when it comes to financial fraud as the hackers aren't US-based but need a residential US IP to avoid detection and IP ACLs.
>The fact that your running on phone makes it harder for hackers since there is way more sensor data you have fake and you have to take the carrier stuff because carriers allow you poll devices for things like E911 location.
You know, mobile ads companies resort to borderline exploits to fight botting, but even they loose out.
Lockdown is a useless measure, from my experience. Both IOS and Android ad nets croak under 60-70% bot traffic.
If preventing leaks was as simple as you say they wouldn't be occurring on a regular basis. Also, there are plenty of other ways that the data could be leaked that doesn't require compromising a proprietary app or the API.
This seems to me to open a big can of worms, and goes to the heart of the identity problem space. There are any number of ways to spoof identity with paper- and card- identity-based systems, and if I'm an organization that has to know the physical person standing in front of me is some person in my database records, I don't know how I could realistically constrain spoofing to a 1:1,000,000 level or better.
Short of only authorizing on entire pairs or groups of people vouching for each other at the same time, like missile launch officers or bigger groups, it seems a really tough problem to comprehensively solve if you are only given a plastic card and one person standing in front of you (literally or figuratively) to base your decision upon.
KYC applies everywhere that wants to stop, or even to appear to care about, corruption.
Perhaps, but it's also a great cover story for banks to pry into more of your personal or business details than they really have any need or right to know.
For example, one of my businesses in the UK was flagged for a KYC procedure by its bank after several years with them. We'd provided the usual basic information about the business and its officers when opening the facilities with them. Nothing unusual had happened recently to suggest a significant change. And yet suddenly, we're getting annoying pop-ups every time we go onto online banking, demanding that we complete an extensive and poorly presented questionnaire that seemed to want far more information than any bank had apparently required to "know" us previously.
As it turned out, it was less trouble to go to a competing bank, open an entire set of replacement facilities there by providing similar basic information to what we'd given our previous bank before, and then close everything with the original bank.
In case anyone is wondering, HSBC was the offending bank, and for this and several other reasons, I would actively recommend against them for anyone in the UK who needs to set up business banking facilities.
We're in a period where the public polity is pretty amenable to regulating industries. A lot of this is down to "I don't trust the fuckers" which is.. fair, I would say.
But..., I don't think people really understand what this means. One thing it means is larger corporations. The first thing that happens when a market regulates is usually "consolidation." Capital markets reward larger companies, when regulation starts. The larger, older companies tend to be preferred by regulators.
The large companies are then "safe" as the regulation slows disruptive forces.
A second thing that happens is bureaucracy. The bank replies to this guys with a generic "not our fault, regulators made us do it." This can be random, as "compliance" people gain power internally and start making decisions on a purely bureaucratic basis, without thinking about outcomes. Sometimes it's strategic. Smart lawyers interpret some parts in a dumb-literal way, because it allows them to do something they want to do while blaming the regulator. The same lawyers can creatively interpret some other clauses, allowing them to bypass/ignore some major part of the regulation, sometimes the whole point of the regulation. It's almost impossible to know which is happening.
David Graeber (provocateur and anarchist anthropologist) had a good bit on this. Basically the bank explains their own inexplicable bureaucracy by saying it's the regulator's bureaucracy, avoiding responsibility.
I'm not suggesting that banks should be a unregulated, just that quality matters. Quality is inadequate, currently. So much so that it's hard to predict what effects the introduction of a regulatory authority will have. Its a crapshoot.
> But..., I don't think people really understand what this means. One thing it means is larger corporations. The first thing that happens when a market regulates is usually "consolidation."
Consolidation is the natural trend of all businesses, regardless of regulation.
Adam Smith in the 1700s said "People of the same trade seldom meet together, even for merriment and diversion, but the conversation ends in a conspiracy against the public, or in some contrivance to raise prices."
Business owners have a lot in common with owners of similar businesses, so it's pretty natural for them to know each other, get along, and have aligned goals. From there, it's a pretty short step to cooperation. Why make your business a zero-sum game by competing when you can make it non-zero-sum by cooperating?
So cartels and monolithic businesses form all the time and have all the way batch to the Dutch East India Company (though that also had government support too).
Remember, anti-trust regulation is a kind of regulation too.
> I'm not suggesting that banks should be a unregulated, just that quality matters. Quality is inadequate, currently.
I agree, completely. One of the things I've always found dumb is arguments around big government versus small government. What really matters is smart versus stupid. People seem to assume that it's simply impossible to change how well a government works. So small government people "solve" poor government by minimizing it while "big government people" generally think government works pretty well, at least relative to profit-driven enterprises.
The dutch & east india companies had "royal charters" which is essentially a monopoly license, the equivalent of a modern patent. This was the modern way of regulating industries that were thought to need regulation.
At the time (and for most of human history), foreign trade was thought of as one these.
I'm not sure the relevance, not driving at anything in particular. Cartels and monopolies have all sorts of origin stories. The biggest monopolies historically (and currently^) were formed via royal charter.
^Saudi Aramco is arguably the world's biggest company and holds a royal monopsony charter.
I keep hearing that I I can't understand how anyone can make that argument in good faith.
If I decide today to switch banks, I'll have everything handled in a week at the most. I'll probably have to visit a few bank offices in person, show ID etc, but it's at most a few hours of work.
To personally enact a different set of bank regulations through the ballot box, I have to do... things that are so superhuman and unrealistic that I don't know that anyone has ever done it.
But if you forgo the regulators, then you're choosing to be overcome by bankers - and soon, you can't switch banker (or you can but it becomes a moot action).
"However, he has been a Bank of America customer for 20 years and was born a U.S. citizen, so he figured it could be a scam and that the bank would follow up if it was legitimate."
There is a lot of scamming going on. Just last week my mother got a recorded message with a computer generated voice saying they were from the IRS and they're filing a lawsuit and that she should call them back. I looked the number up online and just 30 minutes ago it seemed someone else got a similar phone call so I reported it to the government.
Companies and institutions who need information from people that could be used for identity theft really need to reach people in a way that they won't confuse it for a scam.
> Companies and institutions who need information from people that could be used for identity theft really need to reach people in a way that they won't confuse it for a scam.
Yes! Occasionally I'll get a call from a company of which I'm a customer and they proceed to ask for PII before going on (usually medical companies). I reply by asking THEM to give me the info they have and I'll check if it's correct. Since some won't, I then ask them to prove who they say they are… as I can't tell them apart from a scam. Even though I know it's a broken process, I refuse to go along because this is something they need to fix.
Many companies unknowingly participate in creating an environment of bad processes making a fertile ground for scammers.
On a positive note, my banking institution sends me email notifications about stuff on my account, WITHOUT any links to their site. Yes, it takes a few extra clicks to get to their site but it stops the user conditionning to click on any link they see in an email that just happens to have a logo of the company with which they do business.
Your way of asking them to give you information & you confirming is equally harmful.
A scam running right now in India is when a customer gets a credit card from SBI Bank, somebody in the system sells this info (that they have got a SBI Credit card) & Name + Phone number.
Few days later, customer gets a first call that We are calling from Rewards section of SBI, you are entitled for 20% discount card, we will not ask you credit card info, just confirm if you have SBI card? Customer said Yes? Scammers update their database. Few more days, again somebody calls, says You HAVE card from SBI, for rewards, just confirm if it is Visa or MasterCard? Some other time they don't even ask, they insist you HAVE Visa, if you says Yes, they benefit, if you say No, they say sorry, mistake in our system, we will correct it. They still got what they wanted.
The moral is they build up the card info one bit at a time.
The only way to tackle is to deny you have any card on every call you get as officially Bank never calls you for rewards.
Interesting story : The FBI wanted to contact me a few years ago. They called and left voice mail that I determined was 100% likely to be a scam. So I ignored the call (and a second one that confirmed my suspicions since the caller claimed to be from a different FBI office than the first).
A few weeks later two Agent Mulder type dudes showed up in my front yard...
Edit : yes we had a long discussion about how the FBI could make cold phone calls that didn't sound like a scammer.
I always tell them that I will call them to verify them. Like calling Bank of America customer service first then ask to redirect the call that person.
The original statement (emphasis mine, because it took me a couple of reads to figure out what was changed)
> "Like all financial institutions, we’re required by law to maintain complete and accurate records for all of our customers and may periodically request information, such as country of citizenship and proof of US residency. This is not unique to Bank of America. This type of outreach is nothing new and the information must be up to date. Therefore we periodically reach out to customers, which is what we did in this case.
> Over time, we reach out to all customers to verify their information, not only specific customers. If we don’t hear from a customer in response to our outreach, as a last resort, we may restrict the account until we can confirm it is in compliance with regulatory requirements."
And the revised statement:
> "Like all financial institutions, we’re required by law to maintain complete and accurate records for all of our customers and may periodically request information as required by law and regulation. This is not unique to Bank of America. This type of outreach is nothing new and the information must be up to date. Therefore we periodically reach out to customers, which is what we did in this case.
> Over time, we reach out to all customers to verify their information, not only specific customers. If we don’t hear from a customer in response to our outreach, as a last resort, we may restrict the account until we can confirm it is in compliance with regulatory requirements."
> A spokesperson for Bank of America said the bank has to collect that information because they aren’t legally allowed to provide services to people from countries the U.S. has economic sanctions against.
> But the spokesperson said a person who has U.S. citizenship can still use their account even if they are also citizens of a sanctioned country.
In what is known as the most heartless plan imaginable for paying for "the wall."
> On day 2 Mexico will immediately protest. They receive approximately $24 billion a year in remittances from Mexican nationals working in the United States. The majority of that amount comes from illegal aliens. It serves as de facto welfare for poor families in Mexico. There is no significant social safety net provided by the state in Mexico.
I guess it depends on your definition of "significant" but there is a social welfare system in Mexico. There are several programmes, and it's helped millions of people - https://en.m.wikipedia.org/wiki/Social_Welfare_in_Mexico
From the perspective of impacted Mexican populations I imagine it would seem heartless, but it's not an unprecedented sort of action. Economic sanctions are a common tool of governments and have a similar impact on various populations around the world.
Worked with an Iranian woman outside of the US for a US bank's overseas division. Was mandatory for salary paychecks to be deposited to a bank account held by the employer.
She gave all the account opening paperwork to HR, told them that she would comply once they figured out how to get around the US sanctions against her.
Never got resolved and every so often, some HR bot would harass her all over again for the same issue.
Started closing some of my higher value BoA accounts after they started charging people fees for having a low balance. This is predatory and targeting people who can't afford it.
There are much better accounts elsewhere so even if you don't care about how BoA behaves you can get much better deals/service with fewer fees.
This news will push me to close my final credit cards with BoA. No need to rush, it took me 6 months to slowly open alternative accounts before closing the BoA ones. They will slowly loose my business that they could have easily kept for the next 50 years. It wasn't very hard to do, it just takes a little patience.
I have been with Wamu/Chase for a lot of years but want to switch now that they are implementing more fees. What are you switching to? The local credit unions seem pretty good but I know there are other options as well including fintech.
Ally is what I'm using. 1.75% saving account. 0.1% interest on checking account. No minimum balance. They pay all withdrawal fees. They don't have physical locations but I never used them anyway. Phone service is pretty good.
I have started getting in the mindset that I'll just open accounts wherever makes sense for different services. With internet banking there's no need to get everything from one provider, opening new accounts is easy and there is no need to stick with banks that behave like this.
Even if it's too much hassle to close the bad account right away it's pretty easy to take the first step and drain it to the minimum required balance.
> With internet banking there's no need to get everything from one provider, opening new accounts is easy and there is no need to stick with banks that behave like this.
Exactly.
Also, beware that Discover has a nasty arbitration clause that you have to send snail mail to opt out of within 30 days.
Schwab's also an option to look into, the APY on their savings account isn't as high as Ally's but everything basically comes as a package with their significantly better brokerage account. If you've any interest in investing then it's worth checking out.
Closing credit cards can affect your credit score because your credit line will decrease from the loss of cards, so your utilization ratio (balance / credit line) will increase. The usual advice is to try to consolidate your credit line before closing, but that might be harder when switching providers. Still, you can easily reduce the utilization by just paying the balance. So closing accounts does not have too much of a negative affect on your credit score. (My understanding is it does not affect age of accounts, because closed accounts continue to "age." Not sure about that though.)
Don't blame Bank of America. For that matter, any bank. One day, we all realize that Stasi is better than the current regime of electronic surveillance.
Bank Secrecy Act, Patriot Act, etc are behind this. Now know the power of administrative state: when laws are passed, much of the content of these laws are filled up by regulatory bodies. In this case, FINCEN is responsible for filling up this content.
FINCEN assumes that every untraceable monetary instrument (cash, cashier checks, money orders, bank checks, etc) is DIRTY by default. If a bank doesn't know enough details (dob, citizenship, driver license number, ssn, passport number, etc) about controlling parties of any account (LLC, sol prop, C-corp, S-Corp, individual accounts), such accounts are seen as DIRTY. In other words, these are seen as potential sources of money laundering.
FINCEN makes banks responsible for spying and reporting any suspicious activity. Banks spend $100B a year on this compliance. There is a $2B software industry behind this (AML compliance software). These software companies hire ex-regulators from FINCEN etc.
"Don't blame Bank of America. For that matter, any bank. "
I absolutely can and will, because those banks are run by people. People who are capable of telling right from wrong.
"Bank Secrecy Act, Patriot Act, etc are behind this. Now know the power of administrative state: when laws are passed, much of the content of these laws are filled up by regulatory bodies. In this case, FINCEN is responsible for filling up this content."
No. Neither of those requires this course of action.
CDD (customer due diligence) became a rule on May 11, 2018 [1]. FINCEN forced banks to do it. Even though it is not in Bank's best interest to go through this exercise at all, they are forced by regulatory laws. There is a whole group at every bank dedicated to this: compliance teams, led by a chief compliance officer. Every bank is examined by internal auditors, external auditors, regulators to see whether a bank is in compliance.
Yes, banks run by people; laws are written by people; regulators are people. The issue is not people per se: which set of people has MORE discretion? In this case, compliance teams at banks don't have much discretion. FINCEN has discretion to fill up the content of laws in the name of new rules. Recently, Congress has started attacking this AML-regulation beast; there are a couple of bills in congress, which can ease AML compliance burden. By the time, any reforms are passed, KYC (know your customer, EDD (enhanced due diligence), and CDD (customer due diligence) become the status quo.
Of course, we could have expected Banks to push back, by sending lobbyists to rewrite laws. Banks are also helped by software tools to generate letters, file SAR(suspicious activity reports), CTR (currency transaction reports), etc. If there were no automated way of doing these, yes, they would have gone to Congress to push back. As long as there is some automation, expect more of this surveillance.
That isn’t inconsistent with BoA’s practice. The foreign passport is proof of citizenship. Presumably a French passport would be fine, a North Korean passport would be a problem.
I'm French, I went to open a BoA account, it took almost 2 hours. Best part is that the humiliating procedure was done by someone with a Spanish accent.
This is the correct answer - but that still implies a question on citizenship, though maybe it's implicit that if you have a SSN and a Drivers License then most banks assume you are a US citizen.
I don't think his account was frozen on account of him potentially not being a citizen. It was frozen as he didn't provide them an answer to the citizenship question.
> "Like all financial institutions, we’re required by law to maintain complete and accurate records for all of our customers and may periodically request information, such as country of citizenship and proof of US residency. This is not unique to Bank of America. This type of outreach is nothing new and the information must be up to date. Therefore we periodically reach out to customers, which is what we did in this case.
It sounds like the process is mandated, but they screwed up the customer service piece.
It remains an unanswered question (AFAICT) why it is ONLY BofA that is asking about dual citizenship. It can't be a regulatory requirement, or all banks would be doing it.
Because BoA is a terrible institution, and no one should have any accounts there... If it were not for governments "too big to fail" crap BoA would have collapsed a decade ago instead it was rewarded by government for its bad behavior as such it will continue to behave badly
Exactly. My wife has a US green card and Iranian citenship. B of A has already done this to her twice in the past two years and eventually relents. Fully expect it to happen again now. No other bank seems to be doing it.
As a US expat I'm on the fence as to whether to close accounts when they mess up (or comply more than needed) with these processes imposed on them by a state that is a domestic abuser and considers me its property..
On the one hand, I would want to not do business with an institution that makes things even more unsavory, on the other hand, most foreign institutions don't actually want "US person" customers and benefit from less paperwork and risk if they convince US citizens to go to another one..
Ultimately, I think too much focus on the finance institutions is wrong. These laws are absurd invasions of everyone's rights under a bizarre premise that the US can make us all do it's foreign policy and enforce its bizarre law enforcement plans as unwilling deputies.
I don't really see a positive future while any one of the superpowers continues to exist. Personally, I don't think a reform eliminating their special status in the UN would be much, but it would be the first message in a new path.
I only ask because I used to do business with BoA after a series of banks that I did business with were acquired by them. They were a truly awful company, and seemed to systematically apply policy in such a way to maximize customer harm.
I now use a credit union, and the customer experience is dramatically better. Other than fee-free ATM access, there is literally no downside. I addressed the ATM issue by adding a checking account to my brokerage relationship strictly for cash purposes.
I avoided them when I was in the US since the bank that can extract the most value is clearly going to be a winner in buyouts and the worst option for consumers..
But I would assume this is another policy of maximizing customer harm that is in their best interest given the policies they are supposed to adhere to and expected costs and profits. The more accounts they frivolously close (or get closed by outrageous behavior) in the right demographics, the less likely and less severe any fine or get well plan is that is imposed for non-compliance for say an Iranian national that leaves and let's their US green card lapse.
My credit union refunds x number of out of network ATM accesses a month, and networks with other credit unions to share both withdraw and deposit with no fees in the first place within that cooperative network. But between credit cards and bank-app deposits, I think my average monthly ATM visits is zero anyway.
First the Chase thing, now this. I've taken to distribute my money across a number of bank accounts so I'm not completely FUBAR if one of them goes rogue. I should really just join a credit union, I guess...
It doesn't seem to be that every bank is doing it at the same time. Outside of Bank of America, nobody seems to be doing this. There are also options to do it sanely, without immediately freezing someone's assets.
The point is that a bank can randomly freeze your money, and they don't need a regulatory reason to do it.
Outside of political signalling, there's only two realistic reasons:
1) The auditors told them this is the cheapest and least expensive way to become compliant with the laws. All the other options are even worse PR or more expensive. Its interesting the decision of how to remain legal was made by a 3rd party accounting consultant but ALL the pr backlash is directed at the bank. Its almost a tradition in American customer service for angry customers to take it out on people who are utterly uninvolved with the decision, from the most trivial supermarket issue to something like this.
2) For financial reasons, investigative journalism only happens to local businesses who fail to invest the correct amount of money in legacy media advertising; odd how the local business scandal of the week is always some independent retailer or contractor who doesn't pay for advertisement, never a profitable chain franchise or a car dealer who buys tons of advertising. So I pull the BoA 2018 1st quarter SEC 10-Q filing, and its RIGHT THERE on page 50, marketing expense 2017 $456M and 2018 $381M. Whoopsie. What we have here is a simple $75M extortion racket; "sure would be a shame to see this story make the front page of the legacy media no one reads anymore or believes in; we could make that PR 'nightmare' go away if you'd just pay up the $75M you 'owe' us based on last years budget". Its pretty blatant extortion in this situation. Something similar happened to Toyota WRT "unintended acceleration" IIRC a couple years back. Yeah yeah I know, no one "does" legacy media anymore, so why bother buying advertising, well, its not like they're gonna take that sitting down, they're gonna fight back. And some suit at BoA figured the PR cleanup would be cheaper than the $75M of protection money they were being charged, so ... here we are.
lists some of the various sources of sanctions. The regulatory parts are e.g. from the 2012 Executive Order (EO13599):
All property and interests in property of the Government
of Iran, including the Central Bank of Iran, that are in the United States,
that hereafter come within the United States, or that are or hereafter come
within the possession or control of any United States person, including
any foreign branch, are blocked and may not be transferred, paid, exported,
withdrawn, or otherwise dealt in.
Where in the OFAC regulations or any IEEPA type executive order is a requirement that a U.S. bank obtain proof of U.S. citizenship from an accountholder?
That's not covered. The OFAC just requires banks to have compliance programs and says that the degree and type of compliance will vary between banks, and to "ask your regulator" about it. As the other comment said, there are less urgent ways to check for US citizenship.
This sorta thing happens a lot more often than most people realize, the only difference is that this one was picked up by the news. Most likely an overflow error somewhere.
Interesting. I used to live in the US some years ago and I still have my BoA account. It doesn't cost me anything and it is useful once in a while and who knows, I may need it some time in the future. Nonetheless I called them once to explain that I wasn't living in the US anymore and that I wanted to close my account but they advised me to keep it.
If you have the means, it's helpful to have redundant bank accounts, especially for travelers, as this ratchet seems to only tighten. There's a couple sailing the world that had some snafus that required a flight back to the U.S. which they describe in detail: https://www.gonewiththewynns.com/travel-money-international-...
Same thing happened to me with Simple (the banking startup). After they got acquired by BBVA they moved their customer's checking accounts from The Bancorp to BBVA. As part of that process they re-verified their customers and closed accounts of non-citizen customers (they also closed accounts of permanent residents physically residing in the United States).
That migration pretty much happened in the worst way possible: While customers had several months to migrate once the migration started you only had something like 30 days to verify your documents and open the new account. Also once the migration was started there was no way to cancel or pause it. I'd at least have expected them to notify non-citizen customers in advance so that they have plenty of time to open another account. Instead, I didn't get any information about this issue until after I started the migration, and once I started it they told me that it's not possible to prevent/delay the closure of my account anymore.
Fun fact: According to Reddit/Twitter non-citizens who used a driver's license for KYC weren't affected (because Simple newer checked for their citizenship status). But if you used a Greencard for KYC they noticed that you aren't a citizen and closed your account. (So there's probably a large number of customers left whose accounts will be randomly closed at some future point.)
As a consequence (for non-citizens) I suggest using a bank or credit union which has a known track record of handling non-citizen accounts (especially with the current BofA news). The United Nations Credit Union (https://www.unfcu.org/) looks like a good choice, as they target UN workers and it appears that a large number of customers aren't US citizens (and don't even live in the United States). And don't forget to keep one or two backup checking accounts in case your main account gets closed down.
Yeah, for as online-friendly as they claim to be, they have some really wacky rules on kyc and long term travel. I asked them to close my account as I don't want to support those policies.
As an American residing abroad, and married to a non-American, I tend to get a lot of trouble from FATCHA and the like. These laws effectively force me to put all savings in my wife's name because that's the only way I can deal with banks in Europe.
Now we have these kinds of issues in the US. But proving citizenship isn't trivial. When we were in the US, my wife, to my knowledge didn't have to prove citizenship, only provide ID (such as a driver license) and a social security card (which also doesn't prove citizenship). Of course they can't just ask everyone for birth certificates or passports on short notice. So they just ask for verbal answers? Really?
But there is more. Why is there this focus on dual citizens? And why are banks being asked to effectively surveil people for dual citizenship?
This happened after 9/11. The U.S. eventually lobbied all banks throughout the world to require citizenship information especially from U.S. Citizens. And then report that information back to the U.S. This way they can track foreign accounts of U.S. taxpayers.
They should just move to a much smaller bank. To Bank of America, he's just a number, they don't care about him. A much smaller bank would value his business and would take time to discuss with him before shutting down.
I moved away from BoA because they kept canceling my Visa and sending me a new one anytime I shopped somewhere that had fraudulent activity reported by another cardholder. I would go through a 3-5 cards a year. This eventually became a huge pain the in the ass because all of my autopay accounts had to constantly be updated and every website I shopped on had to constantly update my cards (which isn't as easy as it should be on some sites).
I switched to Chase a few years ago, still on the same card.
That isn't so easy. All the smaller banks get bought by the big ones as soon as the reach a certain size. The shareholders of the small bank are more than happy to take their returns and move on regardless of the negative for their now ex-customer.
Happened to me. BoA is buying customer information from data brokers who get it from social media. Anyone with any foreign contacts at all gets flagged by their algorithm. Accounts are instantly frozen with no suspicious behavior whatsoever--unless pulling money from an ATM is supicious. Eventually this foolishness will cause the U.S. to lose its position as a banking center. In the meantime, enjoy your closed account.
As someone who does have dual citizenship (UK and USA) and has been a BOA customer for over 20 years, my big question is what happens if you say "yes"? I didn't see this mentioned or discussed yet in the comments so far.
If you say "yes", nothing happens. Basically, the purpose behind this is to track "tax evaders", even though BSA, Patriot act, and FINCEN regulations sell this rule under the name of "anti-money laundering".
Think of this as NSA meta data gathering. NSA doesn't search metadata every day for some body. Instead, they use the meta data once suspicious person is located by other means.
IRS, FINCEN, FBI, etc want to have access this info on their fingertips.
but what is strange is that they let you avoid it (you can close the "popup" window and keep on doing whatever you were going to do in the first place)
I dont have a problem with this. Seems like a reasonable measure. People illegally here in our country should not be allowed to have a US bank account. It's as simple as that.
After illegally gaining entry to the country. That said he might qualify for refugee status, depending on whether the state is willing to recognize Krypton.
I don’t think that follows. You don’t become a citizen merely by being adopted by citizens. You can eventually become naturalized if you fit the criteria, but having entered illegally tends to be a huge obstacle to that.
Um, I don't remember it this way, at least not from the 1978 movie. How would they legally adopt him when his origin was completely unknown (well, the Kents couldn't exactly tell the county officials about finding him in an object from space that landed in their back yard...)? They didn't get into the legalities in the movie, but presumably they just claimed they had him naturally. Of course, this is lying, but as far as the government is concerned, he should be legal.
He was conceived on Krypton. He was born in Kansas when the Kents discovered the crashed ship containing him in his "birthing matrix" (Kryptonian artificial womb) and he emerged from it.
At least, that was official origin in the comics starting with John Byrne's The Man of Steel in 1986 and for several decades afterward.
That version of the story also explains why he looks enough like the Kents to pass for their biological son: the birthing matrix is designed to shape the child to look like whoever removes him from it because only his parents are supposed to do that.
>At least, that was official origin in the comics starting with John Byrne's The Man of Steel in 1986 and for several decades afterward.
For someone born in or around 1938 (actually earlier as the first 1938 stories depict him already as a past-teen age man) reading the story as re-written in 1986 is not particularly reliable.
In the original Kar-El was born on Krypton allright and sent to the Earth as a newborn.
And - whether he was actually born on Krypton or on the Earth - the Certificate of Birth is definitely false IF it states that Jonathan and Martha Kent are their parents, an on th eother hand actually adopting him wouldn't have been as easy as it may seem from the comics strips.
In any case I would say that Superman's citizenship and actual legality of documents as Clark Kent are highly debatable, and I wouldn't be using that as an example for proving US citizenship.
I don't know if this is researchable but I think the animated Superman TV show shows a human infant going through space before arriving in Kansas. It sounds very close if not identical to what you have here.
"In 1938, DC Comics published Superman's debut in Action Comics #1, Siegel and Shuster were required to cut the story down to thirteen pages, and so the origin story was reduced to a single page. The story described a scientist on an unnamed doomed planet placing his infant son into a hastily designed spaceship and launching it toward Earth. When the spaceship lands, a passing motorist finds it and turns the child over to a local orphanage"
"The first issue of Superman, published in 1939, also featured the origin story. Max Gaines had written to Siegel and Shuster and asked them to expand the origin sequence to two pages, and to include four pages that detailed how Clark Kent became a journalist as well as a full page feature that expanded on the scientific explanation for Superman's powers. In this issue, the passing motorists are revealed to be the Kents, who leave him at the local orphan asylum but later return to adopt him. "
“In the endless reaches of the universe, there once existed a planet known as Krypton; a planet that burned like a green star in the distant heavens. There, civilization was far advanced, and it brought forth a race of supermen, whose mental and physical powers were developed to the absolute peak of human perfection. But there came a day when giant quakes threatened to destroy Krypton forever. One of the planet’s leading scientists, sensing the approach of doom, placed his infant son in a small rocket ship and sent it hurtling in the direction of the Earth, just as Krypton exploded. The rocket sped through star-studded space, landing safely on Earth with its precious burden: Krypton’s sole survivor. A passing motorist found the uninjured child and took it to an orphanage. As the years went by and the child grew to maturity, he found himself possessed of amazing physical powers. Faster than a speeding bullet, more powerful than a locomotive, able to leap tall buildings in a single bound, the infant of Krypton is now the Man of Steel: SUPERMAN! To best be in a position to use his amazing powers in a never-ending battle for truth and justice, Superman has assumed the disguise of Clark Kent, mild-mannered reporter for a great metropolitan newspaper.”
Lol....man the world we live in. I remember growing up thinking superman was the most American thing you can think of and now a days its about immigration. In that sense all Americans other than natives are illegal immigrants :)
Birth right citizenship was invented by the White American colonists who decided that fuck the cost of setting up the colonies, they were going to be "free" now and do whatever they wanted. If you arrive somewhere and decide that the new rules say you were always in charge and you get to choose all the rules, don't for a moment think those rules are any more legitimate just because you say so.
Nobody asked America's existing inhabitants whether they wanted European colonies. The Europeans took whatever they pleased. Nobody asked them for permission to form the United States of America either.
And that birthright citizenship of course didn't apply to those native inhabitants except - after the old white men running things started to very slowly become aware of how amazingly racist they were - retrospectively. It also didn't apply to all the black slaves they'd imported, or the cheap Chinese labour they imported for decades. Those weren't white people, and so, thanks to racism, they weren't counted as "people" at all and weren't entitled to your imagined birthright citizenship.
It's all very ugly underneath. "I'm declaring myself owner of this whole cake. Now, I'm going to give you one small slice to share between you. Don't fuss! It's my cake after all, even if you did make it".
Oh please. I challenge you to find any inhabited land on this planet that wasn't forcibly taken from someone at some point in the past. At best, you might find some remote islands where the current inhabitants are descended from the original settlers, but even there if you could magically look back in time you might find that one clan stole the land from some other clan after wiping them out in a war.
>don't for a moment think those rules are any more legitimate just because you say so.
The only thing that makes the rules legitimate is the ability to back up those rules with force.
You think none of the land in modern-day Denmark was fought over at some point in its ~10,000 year history? Heck, less than 100 years ago it was conquered by the Nazis.
It was never conquered by the Nazis, it was occupied which isn't the same thing. In it's recorded history (1000+ years) there is (AFAIK) no instance of a foreign power taking over.
By the 14th Amendment in 1868? The Naturalization Acts of 1790 and 1802 don't mention birthright citizenship. Children born to foreigners only became citizens once their parents did.
> Nobody asked America's existing inhabitants whether they wanted European colonies. The Europeans took whatever they pleased.
Actually, many of the early settlements did establish good relations with nearby natives and had some degree of permission to settle there. (Sometimes before they set up their settlement, sometimes shortly afterwards). By the mid-17th century, the colonists became adroit at exploiting local conflicts, and carving extra land for themselves out of the lands of the losing side; it's not really until the early 19th century (maybe 1790s at the earliest) that there is a strong sense of superiority over natives that results in the get-out-or-else attitude.
Everyone knows that the United States of America, like almost every nation and people on earth, has a violent past filled with ethnic cleansing, wars, and genocide. Are you suggesting that inherited citizenship should be done away with?
Inherited citizenship is very different, the US has fairly weak inherited citizenship, it relies way more on granting citizenship by reason of presence in the country at birth.
Suppose both your parents were born in country X to country X citizens from a long line. They live in country X all their lives, until one day at say, 35, they move to country Y.
They then settle in country Y, you are conceived soon after and born there, you grow up there, you think of Y as your home.
Do you have citizenship of country X? Of country Y? Neither? Both?
The US says if X is the USA then you are NOT a citizen of the US. Your parents (who are citizens) could bring you into the country, and do the paperwork, and you would probably qualify, but not automatically. The longer you all wait, the more unlikely it becomes. Once you're 18, you are just another foreigner if you didn't already start the process.
The US also says if Y is the USA, then you ARE a citizen of the US, regardless of almost anything else.
Some countries operate almost the reverse rule. For example if X is Ireland then you're an Irish Citizen, but if Y is Ireland you probably aren't unless X was the United Kingdom or your parents had some other form of "enduring connection" to Ireland.
The only overall principle is that all UN members have agreed not to create "stateless people". That is, if there appears to be no citizenship you're entitled to, somebody has to pick up the slack and make you their problem. The US system is simple in this respect - if there's an unexplained baby born in the US, Americans just give it US citizenship. Simple. The rules against statelessness are partly because statelessness is a colossal bureaucratic problem and the UN would much rather its members stopped making it worse, but also because has an enormous human rights impact, statelessness usually means you can't get decent treatment anywhere because everybody says you aren't their problem.
The USA has both jus sanguinis (you're a citizen because your parents were) and jus soli (you're a citizen because you were born in the US). The jus soli provision is written into the Constitution to prevent Southern states from trying to deny citizenship to emancipated slaves via a grandfather-like clause; if you were born in South Carolina, you are a citizen from birth of both the US and South Carolina, and there's nothing South Carolina can do about that.
If you are born to US-citizen parents in, say, France, you are automatically a US citizen, and you can get a US passport even if you haven't been to the US for the first 30 years of your life. The rules become more complex the more tenuous the connection becomes, but the US does apply a jus sanguinis path to citizenship as well.
We'll have jus soli until corruption of the Executive and Legislative branches permits a full take over of the Judicial branch and it kills the 14th amendment through clever wordsmithing.
> The US says if X is the USA then you are NOT a citizen of the US.
That's absolutely not true if your parents are married (children born in-wedlock to parents who are both US citizens, at least one of whom has ever been present in the US, acquire citizenship at birth by operation of law; there is paperwork to get a certificate acknowledging this, but it is an acknowledgement of something that happened by virtue of birth.)
A similar rule applies but with a more stringent prior residency requirement for the US Citizen parent for in-wedlock children of a US citizen and an alien that occur outside of the US.
Out-of-wedlock overseas births to at least one US parent have permissive (under certain circumstances) acquisition of citizenship rather than automatic, with different rules for US citizen fathers vs. US citizen mothers.
Superman was the ultimate American immigrant, and America welcomed him with open arms. How quickly some have forgotten the values America was founded on.
I live in the UK. I have been with my main bank since I was a teenager, last century. A couple of years back they wrote to me, saying the KYC regulations mean they need to check who I actually am, they need proof I'm a citizen or my visa status and proof of my address. If I do nothing for six months they'll just cut a cheque for the money in the account and close it. I sent them a photocopy of my passport and driving license.
It seems fair to me, the biggest problem with KYC isn't that it's annoying, but that the crooks it's intended to catch are able to get away without. So if anything we need more, rather than less.
More annoying to me was the time my mobile phone provider, who I'd been with for about 18 years at the time, insisted on government ID as proof I was over 18 before they'd switch off their stupid censorship system for my mobile Internet. (I wanted to read Oglaf). By definition anyone who has been a customer for 18 years is over 18 years old. Duh.