Regulatory Obligations Under Customer Due Diligence

What is CDD?

Customer Due Diligence is to identify customer information in order to verify the identity and analyze the risk presented by a customer. Client names, addresses and information on the business determines how they are planning to use an account. This information should further be verified with references to official government documents. This includes but is not limited to driving licenses, passports, utility bills, business licenses etc.

CDD is a foundation of the Know your customer processes. This requires companies to understand who the customers are, their financial behaviors. This helps understand the risks associated with the client. 

Regulatory Obligations under Customer Due Diligence:

1. Customer Identification 

Identifying basic personal information such as name, ID, address, DOB from reliable and independent sources. 

2. Beneficial Ownership

The ultimate beneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement. Reference to “ultimately owns or controls” and “ultimate effective control” refer to situations in which ownership/control is exercised through a chain of ownership or by means of control other than direct control (FATF). While it is specific for jurisdictions, FATF guidelines recommend anyone that holds above 25% of a company’s ownership should have CDD done.  It is crucial for companies to unwind corporate structures to understand the Ultimate Beneficial Ownership of the client being onboarded. This further helps clarify the company’s overall structure and purpose. 

3. Business Relationship 

Companies need to ensure that they are aware of the nature and purpose of the business relationship. Being able to understand the demographics of the relationship helps understand the transaction patterns, the overview of the account, the cash-flow etc. to prevent money laundering and terrorist financing. 

When is CDD required?

It is crucial for institutions to follow AML/CFT and CDD measures for the following instances: 

1. Suspicion

A suspicion of money laundering – despite the level of line of defense it is coming from – should be escalated to perform CDD on the client and/or the transaction. 

2. Off-trend Transaction

Based on the KYC collected by the client, companies must set a transaction-pattern based on the portfolio. If a transaction offsets a pattern; the company should take measures to perform CDD on the client to mitigate any possibility of money laundering and/or terrorist financing.

3. Documentation

In any event, the documentations provided by the client should always be verified. In case the documentation seems inadequate, defective or suspicious, additional due diligence needs to be performed to ensure that no fraud is taking place.

4. New clients

It is key to establish proper KYC/KYB and due diligence for new clients. This information further helps the company be more informed about AML/CFT risk assessments. 

5. Continuous monitoring

Change is the only constant with time. Clients – individuals or corporates – are facing changes daily. To maintain risk and prevent financial crimes, it is crucial for CDD to be done on a periodic manner, be it monthly or quarterly on all existing clients. This ensures that if for instance, a client has made changes within the business structure or has changed the nature of their business, a modified risk model shows their most recent risk assessment. 

For the betterment of risk management within your firm, it is important to know your client. Client Due Diligence allows analyzing clients with money laundering and terrorist financing risks at root.