What is customer due diligence?
Customer due diligence (CDD) is a process that banks and financial institutions use to verify the identities of their customers and understand the nature of their business.
It is a part of the know your customer (KYC) process which, as the name suggests, requires companies to know who their customers are. This ranges from basic identification through to their financial behavior and their money laundering and terrorism financing risk level.
Why do banks do customer due diligence?
Banks and financial institutions must do CDD to accurately understand the money laundering risk of the people and entities they work with. This is a mandatory requirement for all Financial Action Task Force (FATF) member states as part of their anti-money laundering/combatting the financing of terrorism (AML/CFT) domestic legislation.
How do banks perform customer due diligence?
Doing effective CDD involves bringing together information on a customer’s identity – their name and address – as well as the area in which they work, how they will be using their account and their connections.
This information should then run through a verification process by analyzing a variety of different forms of identification to ensure customers are being truthful. Qualifying documents generally include a passport, driving licence, national identity card, recent utility bill, recent bank statement, and birth certificate. For businesses, this would extend to corporation documents.
Alongside this, financial institutions must understand the nature of the business relationship they are due to enter into with the customer. If a third-party or company is acting on behalf of somebody else, the financial institution should also seek to understand ultimate beneficial ownership (UBO). This is the person or entity that benefits from the activity taking place.
When is CDD required?
Customer due diligence is required in five key areas.
- New customer onboarding – Gathering information on new customers is vital in making sure that a financial institution knows the identity of the people or business they are working with.
- Incorrect documentation – If there are problems with documents that have been used for identification, further CDD checks will be carried out.
- Transaction risk flags – If a transaction (or multiple transactions) have met a risk threshold, a CDD check will be carried out. This might be due to abnormally high debits or credits, due to receiving or sending money high-risk foreign country, or because of a high-risk person being involved in a transaction.
- Money laundering/terrorism suspicion – If there is a suspicion of money laundering on the account, often due to the reasons listed above, customer due diligence checks should be initiated.
- Periodic auditing – although CDD checks are done with new customers, it is prudent for financial institutions to engage in ongoing due diligence to ensure that the risk level hasn’t changed since the previous check.
In some cases, enhanced due diligence (EDD) may be required. This is where banks and financial institutions must do more research on a high-risk customer. This may be because they are a politically exposed person (PEP) or because they are the target of economic sanctions. Neither possibility means their custom will be rejected but institutions must make sure they do not breach their own risk profile.
EDD checks may include asking for more documentation than would ordinarily be required, establishing the source of funds, applying further scrutiny to transactions, and putting further ongoing due diligence checks in place.
Do all banks and financial institutions do CDD?
All banks and financial institutions within the FATF do customer due diligence checks. They may not carry out the checks themselves, and instead contract a third-party to do so on their behalf. However, regulatory responsibility lies with the financial institution rather than the third-party. As such, they should make sure that the third-party provider meets all FATF criteria.
What is the difference between CDD and KYC?
CDD and KYC are similar. The simplest way to differentiate the two is that know your customer checks are background checks that should be done as part of a bank or financial institution’s risk based strategy during the initial registration process. Customer due diligence is an ongoing process that continues after the onboarding.
