Understanding Due Diligence
Learn more about applying a risk-based approach to conducting CDD in Part 2 of The Compliance Team’s Guide to Customer Onboarding.
Read Part 2To understand the money laundering and terrorist financing risks financial institutions face, firms must verify their customers’ identities and the account relationship’s intended purpose. Compliance officers the world over know this as the customer due diligence (CDD) process. As a foundational element of any sound anti-money laundering (AML) program, new starters and compliance veterans alike should ensure their knowledge is fresh and up-to-date.
Part 2 of The Compliance Team’s Guide to Customer Onboarding highlights the core components of CDD and discusses best practices for conducting the process based on a risk-based approach across varying scenarios.
The CDD process encompasses the entire lifecycle of the account, beginning as early as possible and usually before a business relationship has been established with a client. While approaches vary between jurisdictions, ideally, firms can verify the identity of the client, the person purporting to act on their behalf, or the ultimate beneficial owner before any transaction is conducted.
Due diligence also needs to be conducted throughout the life of the transaction. Institutions should implement CDD measures under the following circumstances:
The extent of due diligence performed on customers should depend on the risk of money laundering or terrorist financing they pose. The level of due diligence and the processes compliance staff must follow should be set out in their organization’s policies.
In some situations, if the risk of money laundering or terrorist funding is very low, a simplified due diligence (SDD) process may be enough to satisfy legal requirements. However, not all jurisdictions permit SDD and, where it is permitted, numerous restrictions exist on when it may be used.
When reaching a determination that a reduced degree of money laundering or terrorist financing threat is presented in a particular scenario, the following factors can be considered relevant:
This level of due diligence needs to be constantly reassessed to determine whether the factors permitting its implementation are still relevant.
Standard due diligence is the level that will most likely apply to any client. Involving a detailed analysis of the new client, standard due diligence recognizes that there is a potential risk of criminal money laundering or terrorist financing, but it is considered unlikely that such risks will be realized.
According to the Financial Action Task Force’s (FATF) Recommendation 10, standard due diligence for client onboarding should include:
Enhanced due diligence (EDD) is the highest level of due diligence, involving the decision to investigate particular clients more thoroughly after they have been deemed high risk. Such clients could include politically exposed persons (PEPs) or businesses from high-risk jurisdictions.
Following FATF guidance, companies should implement risk-based EDD measures that reflect the specific anti-money laundering and counter-terrorist financing risk that individual customers present. These should include:
Uncover more risk management best practices throughout each section of The Compliance Team’s Guide to Customer Onboarding, including understanding ultimate beneficial ownership structures and reporting potentially suspicious behavior.
Learn more about applying a risk-based approach to conducting CDD in Part 2 of The Compliance Team’s Guide to Customer Onboarding.
Read Part 2Originally published 05 December 2022, updated 30 September 2024
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2024 IVXS UK Limited (trading as ComplyAdvantage).