Customer due diligence (CDD) is a key part of Anti-Money Laundering (AML) requirements and a crucial compliance obligation for regulated firms.
Effective due diligence can prevent financial crime and help minimise the risk that could arise from doing business with certain customers.
The process of CDD enables financial institutions and other businesses that fall under the Money Laundering Regulations 2017 to gather and verify information about a customer. This intelligence forms part of a risk assessment into that customer and their potential exposure to money laundering and financial crime.
In this article, we answer some frequently asked questions about customer due diligence.
What is Customer Due Diligence?
Customer due diligence (CDD) is the process of verifying that a potential customer or client is who they say they are in order to protect firms from transacting with criminals like money launderers.
CDD checks are a crucial part of the continuous Know Your Customer (KYC) process that happens during a customer or client relationship. KYC involves a series of ongoing checks to continue to verify a customer’s identity.
CDD is usually undertaken when starting a business relationship. Basic checks on individuals involve checking a customer’s:
- Date of birth.
- Photo ID.
For companies, basic CDD checks include on its structure and information about its beneficial owners.
Why is CDD important?
CDD is an essential part of compliance with AML and anti-bribery and corruption laws. CDD aims to prevent identity theft, money laundering, and other financial crimes.
Money laundering allows criminals such as drug gangs and human traffickers to expand and benefit from their operations. Money-laundering offences include tax evasion, theft, fraud, bribery, corruption, smuggling, modern slavery, human trafficking, drug trafficking and illegal arms sales.
CDD checks are a legal requirement imposed by governments and regulatory bodies worldwide to clamp down on financial crimes.
What is the difference between AML, CDD and KYC?
Anti-Money Laundering (AML) refers to the collection of laws, processes, procedures and regulations that prevent and help identify money from illegal sources from entering the financial system.
Customer Due Diligence (CDD) is the series of checks businesses must undertake to confirm a customer’s identity. These include verifying a customer’s name, address, date of birth and photo ID. CDD generally takes place when establishing a relationship.
Know Your Customer (KYC) is a continuous process that happens during a customer or client relationship and involves a series of ongoing checks to continue to verify that customer’s identity.
Which businesses does CDD apply to?
Any business that interacts with customers and is covered by KYC and AML regulations must undertake customer due diligence. This includes:
- Money service businesses.
- High-value dealers.
- Trust or company service providers.
- Accountancy service providers.
- Estate agencies.
- Bill payment service providers.
- Telecommunications, digital and IT payment service providers.
- Art market participants.
- Letting agency businesses.
What is a risk-based approach to AML?
The UK government adopts a ‘risk-based’ approach to money laundering, and regulated businesses are encouraged to use a similar approach in their AML response.
Once a business has undertaken its initial CDD checks, it must then decide whether and how to engage with them. Businesses use a risk scoring or rating system, such as ‘low risk’ or ‘high risk,’ to help determine the level of risk the customer poses and, consequently, the appropriate action to take.
What is Enhanced Due Diligence (EDD)?
If a customer is identified as high risk, a business conducts further checks, known as Enhanced Due Diligence (EDD). EDD is an extension of KYC and CDD.
Customers could be flagged as high-risk for various reasons, including:
- If they are identified as a Politically Exposed Person (PEP) or they are a known associate of a PEP.
- If they have connections with higher-risk business sectors, such as the arms trade or the gambling industry.
- If they have links to a high-risk country.
- If they make, or have made, an unusual or suspicious transaction.
- If they provide false or stolen identification documents or information.
Not all high-risk customers are necessarily involved in criminal activity. Rather, being flagged as a high-risk customer means there is a higher risk that warrants closer attention.
What additional checks are involved in EDD?
Deeper and broader checks involved in EDD can include:
- Obtaining additional verification documentation.
- Research into a customer’s business or political associates, beneficiaries and other contacts.
- Checking for negative media coverage.
- Tracking transactions.
- Establishing the origin of funds.
- Collecting beneficial ownership information.
The extra information gathered during EDD checks helps businesses to establish a proportionate response to the higher level of risk posed by such customers and supports them in making a responsible decision about how they will interact with them.
What happens if firms do not comply with CDD and EDD requirements?
Firms that do not comply with customer due diligence obligations run the risk of inadvertently being conduits for money laundering and other financial crimes. They also face fines, imprisonment and reputational damage for not following the correct procedures.
All regulated firms should comply with their due diligence requirements and review their processes on a regular basis.
Compliance Solutions for Regulated Businesses
At AML & Compliance, we understand precisely what is required from all regulated businesses and have the experience to help devise and produce an effective AML compliance programme to fit your needs.
We can help organisations of all shapes and sizes from across different sectors to undertake a risk assessment to ensure that they are compliant with AML regulations and have the necessary policies and procedures in place to avoid any breaches.
A risk assessment provides valuable insight into a business when performed correctly. Along with an overview of risk, these crucial assessments also highlight issues within the business, so it is essential to undertake a risk assessment properly. All of a company’s building blocks must be considered, including its staff, clients, operations, and finances.
By working with AML & Compliance, a business can be assured that we will bring the required level of knowledge and expertise needed to perform a risk assessment which has value to the business and is not simply a box-ticking exercise. Our team can also provide a full range of services that include:
- Compliance Policies.
Our services focus on businesses’ Anti-Money Laundering and Regulator requirements through the implementation of effective policies, procedures, training, and consultancy. We also provide continued monitoring of staff and ongoing training to ensure that everyone within a business is aware of the latest requirements and complies with their responsibilities.
Get in Touch
If you believe your business may be at risk, or wish to confirm your firm is achieving the required standard of AML and Compliance, we can help. We offer a full range of services focused on ensuring businesses across all regulated sectors create, maintain and evidence their compliance with the requirements of their regulators and legislation.
Our Packaged Services include:
These packages have been designed to provide a core compliance service to regulated businesses in the most cost-effective way to manage and control their AML and Compliance processes.
We adopt a sensible and pragmatic approach to fees, ensuring that we are competitive and always add value. As necessary, we will agree on packaged services to control cost and enable clients to spread payments to alleviate cash flow, yet ensure services are provided when needed.
If you want to discuss our services in more detail, contact us at 0203 985 8553, email us firstname.lastname@example.org or complete an enquiry form.