Customer Due Diligence (CDD) is the process of assessing a client’s background to discover and ensure the legitimacy of their identity, as well as the level of risk they pose by evaluating aspects of their identity.
Customer Due Diligence Core Elements
The Process of CDD requires several regulatory obligations including:
- Identification of Customers: Institutions must use names, photographic IDs, Addresses, or birth certificates from trustworthy sources in order to verify the identity of their clients and customers.
- Beneficial Ownership: CDD measures should find out who the ultimate beneficial owner (UBO) of an institution is by understanding the control structure of the institution.
- Business Relationship: After UBO identification, companies also have to get information regarding the type and purpose of the business relationship they are entering.
When Is CDD Required?
When a company with AML Processes enters a business relationship with a current or potential customer the application of CDD is required to verify their identity and assess their risk profile.
It is required for financial institutions to carry out KYC and CDD measures in the following situations:
- Prior to establishing a business relationship, it is required that companies use CDD in order to verify their customers' identities and that they match their risk profile.
- When going through certain transactions potentially involving large amounts of money, especially ones over a specific threshold, or people in high-risk countries.
- If a customer is suspected of having committed Money Laundering or other financial crimes.
- If the customer does not provide sufficient documentation it is necessary that companies apply further CDD inspection.
Risk-Based Approach: A company's KYC and CDD measures should be based on the risk they have, meaning that they need to assess the AML/CFT risk each client poses to shift their CDD inspection respectively. Most clients go through the standard CDD measures (customer identification, verification, and business relationship), however, it may be appropriate to use simpler CDD processes (only requiring identification) if in a low-risk scenario.
How to Perform CDD?
Despite being a crucial aspect of managing your company’s potential risk, CDD may not always be sufficient. In these cases, Enhanced Due Diligence (EDD) must be performed in order to get a deeper understanding of your customer’s identity. Nonetheless, CDD is still important, so here are ways to perform CDD:
- Screen for illegitimate information before entering a business relationship with a customer to ensure the legitimacy of their identity.
- Before storing it in a digitally secure place, categorize your client’s risk type to access it more easily in case of future regulatory checks.
- Decide whether or not Enhanced Due Diligence (EDD) is necessary for the situation.
What is Enhanced Due Diligence (EDD)?
Customers that potentially have a higher money laundering risk, including politically exposed persons (PEPs), require enhanced CDD measure, potentially involving:
- Getting additional forms of identification
- Identifying the source of their finances or wealth
- Further scrutinizing the purpose of transaction as well as the overall business relationship
- Establishing ongoing monitoring procedures
What is Ongoing Monitoring?
Ongoing monitoring is the important process of continuously scrutinizing business relationships to ensure that their activity or behavior doesn’t suggest a change in risk profile or the business relationship.
The process of ongoing monitoring involves:
- Reviewing transactions to verify that a customer’s risk profile matches their behavior. This should be done throughout the course of a business relationship.
- Staying responsive to any suspicious factors of the business relationship, or the client in general, that change the risk profile.
- Recording all documents and data necessary or potentially necessary for the CDD process.
Like other CDD measures, ongoing monitoring can change depending on the risk profile a customer has, however, it should still be applied to all business relationships, even if at a more basic level.
Technology and Expertise
It is vital that financial institutions prepare to be creative and flexible with their approach to CDD. Even with modern-day technology and tools, human caution still is crucial to finding and addressing threats, so it is important that your institution has both technology and expertise. Modern solutions allow FIs to share risk assessments so teams can prevent fraudsters from entering their ecosystem.
Schedule a meeting to learn more about how Unit21 can help you identify customers at higher risk for money laundering.