Cookie settings
Our website uses cookies from third party services to improve your browsing experience. Read more about this and how you can control cookies by clicking "Privacy Preferences".
Accept all cookiesPrivacy Preferences
Close Cookie Preference Manager
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Privacy Policy (always active)
You have read and agreed to our 
privacy policy
Accept all cookiesSave Preferences
Home
/
Blog
/

Customer Due Diligence (CDD) - Why it’s Essential in Finance

Table of Contents
articles

Customer Due Diligence (CDD) - Why it’s Essential in Finance

Customer Due Diligence (CDD) is defined as the process of collecting and verifying information about a customer throughout their customer lifecycle in order to assess the risk they might pose to a financial institution.

Aside from allowing banks to avoid taking on potential huge risks, Customer Due Diligence is also essential for following Anti-Money Laundering and Combating the Financing of Terrorism regulations. In other words, properly implementing CDD processes is also a requirement for staying compliant in most jurisdictions.

This article is going to cover Customer Due Diligence, how and why it’s performed, and go into more detail about why it’s essential in the finance world.

Featured image for Customer Due Diligence (CDD) showcasing team Atfinity in their office

What is Customer Due Diligence (CDD)?

While Due Diligence is applied to other industries, like real estate or M&A, Customer Due Diligence (CDD) is most commonly used when talking about the world of finance.

Customer Due Diligence refers to the process of identifying, verifying and logging key customer information upon onboarding or certain transactions, using it to create a risk profile, and monitoring the account for suspicious activity or changes in circumstances.

And while it’s called Customer Due Diligence, CDD doesn’t only apply to natural persons or individuals. Rather, the CDD process applies to legal entities (such as companies or other banks) in the same manner, with the only notable difference being that different information is needed to complete the process.

In other words, it fulfils a very similar role as Know Your Customer (KYC) or Know Your Business (KYB). This is also why the terms are often used interchangeably even though they’re slightly different in scope.

CDD vs KYC/KYB

Since Know Your Customer and Know Your Business also deal with identifying, verifying and creating risk profiles for customers, these terms are often used interchangeably with CDD. This is especially true if we factor in Perpetual KYC, which relates to ongoing monitoring.

Currently, there isn’t a clear consensus on the exact difference between these terms. Some use them as synonyms, while others see KYC and KYB as just a portion of CDD. And some even define KYC/KYB as the “what” and the CDD as the “how”.

Generally, there are no wrong answers here. I however, prefer to use them as separate terms. This is because Customer Due Diligence is wider in scope, covering checks, monitoring, and many different obligations banks must comply with. KYC and KYB on the other hand are narrower in scope and typically only refer to the initial checks performed during onboarding.

Performing Customer Due Diligence

In terms of performing Customer Due Diligence, we can split the process into two distinct halves: CDD during onboarding and CDD throughout the client lifecycle.

It’s also worth noting that Customer Due Diligence is most commonly handled by specialised CDD software. This is due to the simple fact that the bank has to log and keep track of a lot of different information, coming from different sources and in different formats.

Furthermore, for CDD software to be optimised for the best user experience, it often needs to be integrated with different third party databases and have a detailed risk calculation program. In addition to this, optimised CDD software will typically take advantage of automations to better streamline the process.

Therefore, why it might seem simple at a glance, performing CDD can be quite complex.

CDD during onboarding

Onboarding is a crucial part of Customer Due Diligence as it’s during this time that a bank or financial institution creates a risk profile for a given customer. During this stage, a person will be required to provide at least the following information:

• Their name
• Date of birth
• Residential address

This information is then compared to government-issued forms of identification. Certain banks may also offer additional verification methods, such as video identification. If the customer in question is a legal entity however, different information will be required. Namely:

• The name of the legal entity
• The address of the registered office in the country of incorporation
• The principal business address

This information is then compared to government-issued documentation, such as a Certificate of Incorporation. However, this is by no means an extensive list. Depending on the jurisdiction in question and the perceived risk associated with an individual or entity, additional information will be required.

For example, a legal entity will need to provide information about their ownership structure. And for both entities and individuals, the bank or financial institution must understand the nature of their business relationship and their respective source of wealth or funds. Therefore, this is just a fraction of the complete CDD checklist.

Furthermore, for both individuals and entities, the bank or financial institution will need to perform a background check. This means checking whether the individual or key members of the legal entity show up on different watchlistssuch as the sanctions list, a PEP list, a criminal database, and so on.

CDD during the client lifecycle

Aside from the initial onboarding, Customer Due Diligence must also be performed periodically as well as when the individual or entity is making a large transaction.

Regarding the former, the frequency at which CDD will be performed will depend on the risk profile associated with the individual or entity as well as the bank’s or financial institution’s internal risk policies. Additionally, a CDD check may be performed due to changes in circumstance.

For example, if the person moves to a country that is considered a high risk by a regulating body, such as the Financial Action Task Force (FATF).

Speaking of the latter, banks and financial institutions can also perform a CDD check if a person starts making uncharacteristically large transactions or transactions over a predetermined threshold.

However, the exact amount that would trigger this type of check will also depend on the customer’s previous history as well as the bank’s own approach to risk management.

Moreover, depending on the risk level associated with the individual or entity, a CDD check may be performed after every transaction.

Determining the level of risk during Customer Due Diligence

The end goal of the Customer Due Diligence process is to establish and then review the risk level of a given customer. How risk is calculated however does vary. For one, different banks and financial institutions have a different risk appetite. That is to say, they are willing to take on more or less risk.

Secondly, they might also have slightly different criteria. For example, a commercial bank might consider a withdrawal of 10,000 euro as a reason to review an account while a private bank might set the bar at 100,000.

However, there are parts of the risk assessment process that are applied across the board. For example:

• If the customer is from a high risk country
• If the customer is themselves or is closely related to a Politically Exposed Person (PEP)
• If the customer is on a sanctions list
• If the customer can’t be properly identified
• If the customer is suspected of committing money laundering or financing terrorism

The end result of the risk assessment is that the customer goes through an appropriate level of Due Diligence. There are three levels of Due Diligence and they vary in terms of robustness, as they directly correlate with a customer’s risk level. They are:

Simplified Due Diligence: Simplified Due Diligence, also called Reduced Due Diligence, is the least robust form of Due Diligence, typically only covering basic identification and verification. It is used when a customer is deemed a low risk. For example, when a bank does business with a government entity.

Standard Due Diligence: Standard or Regular Due Diligence is the most common form of Due Diligence. Aside from identification and verification, it covers beneficial ownership structures for legal entities and understanding of the business relationship/ purpose of the transaction. It is used when a customer is considered a low to medium risk, which will happen in the vast majority of cases.

Enhanced Due Diligence: Enhanced Due Diligence is the most robust form of Due Diligence. Aside from all the aforementioned steps, it also covers additional identification and verification methods, lower transaction thresholds, more frequent reviews and closer monitoring. This form of Due Diligence is the most resource-heavy, and is only used when a customer is deemed a high risk.

The importance of Customer Due Diligence

The importance of Customer Due Diligence cannot be overstated as it’s essential in the fight against financial crime. Namely, it allows banks and financial institutions to work together with law enforcement to prevent attempts at money laundering and the financing of terrorism.

By closely monitoring all customers that could pose a risk, banks and financial institutions are then obligated to file a Suspicious Transactions and Order Report (STOR) in the EU or a Suspicious Activity Report (SAR) in the US if a customer is suspected of committing financial crime.

Furthermore, by utilising sanctions, PEP and similar lists, Customer Due Diligence allows financial institutions to fight other forms of crime, such as corruption. And in the modern day, Customer Due Diligence is even being slowly implemented across the crypto market, helping to stop money laundering and other forms of criminal activity.

In summary, following Customer Due Diligence protocols is essential for banks and financial institutions to remain compliant with AML, CFT and similar regulations. This is because it provides one of the most effective ways to monitor, report, and fight against different types of financial crime.

Conclusion

In conclusion, Customer Due Diligence or CDD is essential in finance as it allows banks and financial institutions to stay compliant with AML and CFT regulations and fight against certain types of crime as well as avoid risk. It consists of a series of checks that aim to identify, verify, monitor and assess the risk of customers during the initial onboarding as well as the entire client lifecycle.

Due to its complexity, it is often handled by automated software and it’s a constantly evolving process. This allows it to keep up with the criminal world without putting too much strain on the end user.

FAQ

No items found.

Alexander Balzer

CEO and Founder of Atfinity

Atfinity logo

Atfinity AG

Elias-Canetti-Strasse 7

8050 Zurich

Switzerland

info@atfinity.swissLinkedIn Icon

SOLUTIONS

Private BanksNeo Banks & Fin-TechsCommercial & Investment BanksLenders

USE CASES

Client OnboardingClient Lifecycle ManagementLoan OriginationFAQ

NAVIGATION

TechnologyCase StudiesAbout UsContact

NAVIGATION

BlogCareerGlossaryInvestors

Copyright © Atfinity AG 2024. All rights reserved.

Imprint
Privacy