Enforced by The Federal Deposit Insurance Corporation (FDIC), Federal Reserve System, the Office of the Comptroller of the Currency, the Office of Thrift Supervision, the National Credit Union Administration, the Financial Crimes Enforcement Network, and other offices of the US Department of Treasury.

http://www.fdic.gov/news/news/financial/2005/fil3405.html

Under the USA PATRIOT Act, all financial institutions must verify the identity of individuals wishing to conduct financial transactions through a Customer Identification Program (CIP) appropriate to the size and type of its business. The CIP must be incorporated into the bank's Bank Secrecy Act/Anti-Money Laundering compliance program, which is subject to approval by the financial institution's board of directors.

A bank's CIP must include risk-based procedures for verifying the identity of each customer to the extent reasonable and practicable. It is critical that each bank develop procedures to account for all relevant risks including those presented by the types of accounts maintained by the bank, the various methods of opening accounts provided, the type of identifying information available, and the bank's size, location, and type of business or customer base. Thus, specific minimum requirements in the rule, such as the four basic types of information to be obtained from each customer, should be supplemented by risk-based verification procedures, where appropriate, to ensure that the bank has a reasonable belief that it knows each customer's identity.

Final CIP Rules (FDIC)

All financial institutions doing business in the US.

http://en.wikipedia.org/wiki/Customer_Identification_Program