Customer Due Diligence Checklist – Five Steps to Improve Your CDD
To translate: Don’t forget to perform Customer Due Diligence (CDD) or Enhanced Due Diligence (EDD) to make sure you Know Your Customer (KYC)!
So, what exactly is CDD? And why is it so important?
CDD is a critical element of effectively managing risk and protecting you, and your business, against potential association or involvement with financial crimes and nefarious activities. CDD processes are crucial for KYC, and while they vary around the world, in most cases, CDD involves identifying your customer and understanding their activities. This then allows you to assess their risk profile.
Sometimes, Enhanced Due Diligence (EDD) is needed – this is additional information that must be collected for high-risk customers, in order to provide a deeper understanding of customer activity to mitigate risks. Customer risk assessments can be used to determine which level of due diligence is required.
In order to ensure that your business is following best practices, we have put together a checklist to help improve your CDD processes.
Perform CDD measures before entering into a business relationship with your client to detect any bad actors early on.
How? Ascertain the identity and location of the potential customer, and gain a good understanding of their business activities. This can be as simple as locating documentation that verifies the name and address of your customer.
Why? You have to first decide whether a client or customer fits your established risk profile, before entering into a business relationship with them. You can only do this by undertaking the appropriate CDD measures. This ensures that identity thefts and any potential forgeries can be detected early on.
Strengthen your processes when vetting third parties.
How? You may rely on third parties – from banks, to lawyers, to auditors – to help you perform due diligence, however it’s important to choose these parties or providers wisely because the ultimate responsibility for CDD measures remain with you – not the third party.
Why? Sometimes, the only way to get the information required for CDD is through a trusted third-party so it’s important to ensure that their standards and best practices are aligned with your business. At the end of the day you are liable and will be fined or penalized for non-compliance.
Ensure that pertinent information has been collected and stored securely.
How? When authenticating or verifying a potential customer, classify their risk category and define what type of customer they are, before storing this information and any additional documentation digitally.
Why? Having a meticulous and comprehensive process for documenting CDD-related information is not only highly effective, it also mitigates any potential risk for you as a business.
Detect if there is a need for EDD.
How? Beyond basic CDD, it’s important that you carry out the correct processes to ascertain whether EDD is necessary. This can be an ongoing process, as customers have the potential to transition into higher risk categories over time so, conducting periodic due diligence assessments can be beneficial.
For example, most jurisdictions require politically exposed persons (PEPs) to go through the EDD process. Other factors that might trigger EDD are high transaction value accounts, accounts that deal with high-risk countries, or accounts that deal with high risk activities. Factors to consider to determine whether EDD is required include, but are not limited to the;
- Location of the person
- Occupation of the person
- Type of transactions
- Expected pattern of activity in terms of transaction types, dollar value and frequency
- Expected method of payment
Why? Again, this protects you and your business against any involvement with nefarious activities and also ensures that you are meeting various KYC and Anti-Money Laundering (AML) regulatory requirements.
Keep historical records on hand.
How? Store records of instances of CDD and EDD securely, in a digital format.
Why? Keeping records of all the CDD and EDD performed on each customer, or potential customer, is necessary in case of future regulatory obligations.
To learn more about CDD, take a look at the following blog posts:
That core tenet —AML is a critical component of a fair and functioning society— is at the center of an effective program. AML compliance is not a nice to have, or a necessary evil, it’s a fundamental requirement. Ensure that any decision maker who has impact on your budgets or operations understands and respects the true value of compliance.
The Final Rule refers to new FinCEN rules coming into effect on May 11, 2018 regarding customer due diligence (CDD) requirements. Under the Final CDD Rule, collecting, maintaining and reporting of beneficial ownership information is now a requirement for financial institutions.
Anti-Money Laundering (AML) compliance is one of the top issues faced by financial institutions; AML takes up a lot of time, money and resources, is complex and has effects across the organization, and is a significant risk factor, as mistakes can lead to huge fines and reputational loss.
For any financial institution, one of the first analysis made is to determine if you can trust a potential client. You need to make sure any potential customer is worthy; customer due diligence (CDD) is a critical element of effectively managing your risks and protecting yourself against potential financial crimes and nefarious activities.