What is Customer Due Diligence? CDD Types, Requirements, Applicability, and More

The Latin phrase “Caveat Venditor” meaning “Let the seller beware”, finds a whole new meaning with Customer Due Diligence (CDD). CDD is a set of requirements imposed on all business entities that interact with their customers as part of the Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations. It requires financial institutions and similar entities to verify the identities of their clients and find their risk profiles.

CDD is one of the three levels of the due diligence mechanism. Simple and Standard CDD are applicable for low-risk customers, while Enhanced Due Diligence is applicable for high-risk consumers.

Which Businesses Need to Follow CDD Rules?

Since the CDD Rules fall under KYC regulations, any business that interacts with its customers’ individual identity must conduct CDD.

However, to get a bit more specific, all financial service providers must conduct CDD. This is because CDD aims to reduce the amount of financial crimes, especially money laundering and financing of terrorism. Along with the previous classification, businesses that operate in the member states of the Financial Action Task Force (FATF), must also conduct Customer Due Diligence.

Situations that Require Conducting CDD

As we mentioned before, CDD involves assigning risk levels to its clientele based on the location, history, criminal and political records, and more of every client. However, if certain business activities are being performed, or are about to be performed, concerned organizations need to obligatorily conduct CDD.

Businesses need to conduct CDD in the following situations:

• Onboarding New Clients: Whenever a business is looking to create new relationships with clients, it needs to conduct CDD. This is to ensure that any client about to be onboarded does not have any prior connections or history that might flag them as high-risk.

• Specific Transactions: In case any customer makes a transaction above a specified monetary limit (which varies based on the financial institution), the concerned institution needs to record and report said transaction under CDD and AML requirements. Similarly, if any of the clients is considered high-risk, or is interacting with another high-risk entity, businesses need to conduct CDD on the entities involved.

• Suspicious Activity: Businesses need to stay vigilant and flag any transactions that may be out of a client’s regular patterns. These might turn out to be legal and legitimate, but CDD suggests a precautionary approach to these situations. Suspicious activity can be a sudden increase in the number of deposits or withdrawals, a sudden rise in the amount of regular deposits, and more.

• Identity Verification Issues: In case a customer has submitted a piece of identification that is difficult to verify, or raises suspicions about its authenticity, businesses need to conduct CDD and ensure that there is no mischief at play.

What are the Requirements of CDD?

So far we’ve mentioned the situation under which an organization may need to conduct due diligence on its customers, but what exactly are the activities that comprise CDD? Let’s find out:

1. In case an individual triggers the requirement to conduct CDD on them, the business needs to verify the identity of the concerned person. This can include verifying that the person in the identification document and the person submitting it are the same and ensuring the authenticity of any submitted documents.
2. Similarly, if a company raises any alarms, the business needs to verify the identity of the person(s) that form the company’s ownership. The organization might even be required to look into the legitimacy of the client business by investigating its regulatory submissions and operations.
3. The business that needs to conduct CDD also needs to understand the nature of the relationship it has with its client. If the client is not too significant in terms of transaction volume and value, the business may maintain regular vigilance on them. However, for more significant clients, the business would need to keep a keener eye on them. Businesses also need to pay extra attention to any Politically Exposed Person (PEP), or any entity with a prior criminal record.

Conclusion

In the last three years, failure to comply with regulations has cost financial institutions growing amounts of money. The fines have gone up from $4.2 billion in 2022 to $6.6 billion in 2023. The biggest fine on a single entity so far was worth $4.3 billion.

Based on these decisions by the regulatory bodies, it is clear that the attitude towards law-breaking is not at all forgiving. So, businesses need to take due diligence requirements seriously; not only from a morally correct angle but also from a financially prudent standpoint as well.

Looks overwhelming? 

Don’t worry. Signzy has an API marketplace that provides easy-to-integrate and consumer-friendly solutions to the rising demands of the due diligence sector. Visit now and book a demo with us to help your business stay up to date with the lawmaker’s words.