What is Customer Due Diligence (CDD)?

5 mins

Banks and other financial institutions must have AML/CFT systems in place to verify their customers' identity and the nature of their business as part of their Customer Due Diligence (CDD).

What Is Customer Due Diligence (CDD)?

It is the process of evaluating your customers' backgrounds in order to identify their identification and risk level. This is accomplished by analysing a customer's name, official document photograph, and home address.

Understanding Customer Due Diligence

In simple terms, customer due diligence is authenticating a client's identification and the business in which they are involved to have enough trustworthiness. A variety of regulatory requirements are involved in the process:

  • Customers must be identified by getting personal information from a trustworthy, independent source, such as their name, photo ID, address, and birth certificate.
  • Beneficial Ownership: In cases where the customer is not the beneficial owner of a corporation, due diligence techniques should be used to identify beneficial ownership. Understanding the company's control structure is important when determining beneficial ownership.
  • Based on the identification of customers and beneficial owners, businesses must acquire insight into the nature and purpose of the commercial connection they are engaging into.

What’s the difference between KYC and CDD?

Customer Due Diligence (CDD) is the process by which a company verifies the identification of its customers and assesses the risks associated with the business connection. KYC is all about proving that you've completed your CDD. The AML process requires both KYC and CDD.

When do we need to use Customer due diligence?

Customer Due Diligence (CDD) is required when companies with AML processes enter a business relationship with a customer or a potential customer to assess their risk profile and verify their identity.

In these situations, financial institutions must take KYC and CDD steps:

  • If a consumer is suspected of money laundering or financing terrorism, organisations are required to conduct CDD checks.
  • Occasional transactions: Certain rare transactions necessitate Customer due diligence. These could include large sums of money or entities located in high-risk foreign countries.
  • New business relationship: Before establishing a commercial relationship, companies must conduct CDD to confirm that the customer matches their risk tolerance and is not using a false identity.
  • When clients give unreliable or inadequate identification documents, businesses should do additional CDD checks.

Risk-based CDD

KYC and CDD should take a risk-based approach. Companies should evaluate the AML/CFT risk posed by each client and alter their due diligence inspection as needed. The majority of clients will face normal CDD processes, which include customer identification and verification, as well as a review of the commercial relationship. Simplified due diligence, which simply requires customer identification and no verification, may be appropriate in lower-risk cases.

The following items must be included in a risk assessment:

  • Risk assessments must be undertaken and kept up to date, taking into account risk variables such as those linked to their customers, countries or geographic areas, products, services, transactions, or delivery routes, and must be demonstrated and documented.
  • Written money laundering policies and procedures that take into account the firm's risk assessment
  • Internal audit teams will test internal policies, controls, and procedures as needed.
  • Continuous monitoring and training on how to conduct risk-based CDD


Why is CDD important?

When you examine the stakes, it becomes clear why banks and other financial institutions are investing so heavily in anti-money laundering compliance. These countermeasures are intended to combat the growing threat of money laundering, which is sadly no longer limited to drug cartels; it is now employed by a wide spectrum of criminal enterprises.

There are many reasons why financial institutions should take CDD seriously:

  • Risk to a Financial Institution's Reputation: AML incidents jeopardise a financial institution's reputation. In fact, each of the top ten bank brands is worth $45 billion on average.
  • Large Compliance Penalties: AML enforcement actions have been on the rise. Regulators have collected around $32 billion in AML-related fines worldwide since 2009. The majority of allegations have been levelled at American businesses.
  • Criminals are employing more complex methods to avoid detection, such as globally coordinated technology, insider knowledge, the dark web, and e-commerce schemes.
  • Increasing Costs: The majority of AML compliance tasks require a lot of manual work, making them inefficient and difficult to scale. AML compliance costs $25.3 billion per year across U.S. financial services organisations, with some major financial institutions spending up to $500 million per year on KYC and customer due diligence (Thomson Reuters).
  • Poor Service Quality: To obtain and verify information, compliance workers must interact with customers at several points. One out of every three financial institutions has lost potential customers owing to inefficient or lengthy onboarding processes, which is perhaps unsurprising.

How to Perform CDD?

  • The basic CDD is used to collect information about the customer first. (Full name, contact information, birthplace and date, nationality, marital status, and so on.)
  • Scanning is used to authenticate in the event of a doubt.
  • The activities of customers are scrutinised.
    For higher-risk customers and Politically Exposed Persons (PEPs), more thorough due diligence is required.
  • As client profiles change, the continuing CDD Checks procedure continues.

Enhanced Due Diligence (EDD)?

Some consumers or business ties represent a greater risk of financial crime to businesses. The KYC process that allows higher-risk persons or corporations to be evaluated is known as Enhanced Due Diligence (EDD). During the increased due diligence process, companies take more steps than customers do. Due to the danger of corruption, PEPs are at a high risk.

As a result, CDD screening has become a must-have for businesses looking to safeguard themselves. Client Due Diligence's financial institutions' tactics should be innovative when elements such as high-risk profiles or criminal risks grow. To avoid wasting time and resources, qualified specialists should be included in the process.

What is Ongoing Monitoring?

The technique of regularly scrutinising commercial ties is known as ongoing monitoring. While individual transactions may not appear suspicious at first, they may form part of a pattern of behaviour over time that indicates a change in a risk profile or business relationship. Ongoing monitoring entails the following:

  • Keeping pertinent records, documents, data, and information for CDD purposes.
  • Keeping track of transactions over the duration of a business relationship to ensure that a client's risk profile corresponds to their activities.
  • Maintaining a high level of sensitivity to any changes in the risk profile or any other factors that can arouse concern.

Knowledge and Innovation

In the end, successful CDD and KYC processes rely on a combination of technology and expertise. When risk profiles and criminal threats change, financial institutions must be as agile and creative in their approach to CDD as they are in any other aspect of their AML/CFT strategy. While technology can help with CDD processes, human awareness is still required to recognise and respond to emerging threats.

As regulators are becoming more stringent globally around AML compliance, strengthening the AML systems continues to remain among the top priorities. Tookitaki AML solution enables financial institutions to realise benefits with dynamic customer risk scoring, leveraging advanced machine learning models for improved effectiveness of Enhanced Due Diligence with fewer resources.

To know more about our AML solution and its unique features, request a demo here.