What is CDD in Banking? Everything You Need To Know (Updated)

What is CDD in banking? Well, there are a few foundations to lay before answering the question.

Our digital identity has never been more important than it is today due to advancements in technology. As a result, it is easy for fraudulent individuals to assume fake identities and personas online in an attempt to fool banks into transacting with them. Customer Due Diligence (CDD) for banks has become very important, especially in the finance industry.

What is Customer Due Diligence (CDD) and why is it important?

Customer Due Diligence (CDD) is the process of carrying out identity verification, background checks, and screening on customers to ensure they are properly risk assessed before being onboarded. Essentially, CDD is a compulsory process that banks must carry out before establishing a relationship with a customer. Customer Due Diligence (CDD) processes are regulated by the Financial Action Task Force (FATF), a global Anti Money Laundering and Counter terrorist financing (AML/CFT) body.

The process is designed to help banks and other financial institutions prevent financial crimes including terrorist financing, money laundering, human and drug trafficking, identity theft, and cyber fraud. CDD for banks is also important in eliminating the risks of open banking.

What is CDD in Banking?

Customer Due Diligence (CDD) in banking is the series of steps taken by the bank to properly assess and identify a customer to prevent financial crimes and satisfy compliance requirements. When it comes to banks, CDD is at the heart of Know Your Customer (KYC) and Anti Money Laundering (AML) initiatives. These activities are essential processes in Customer Due Diligence practice.

What Does the Standard Customer Due Diligence (CDD) processes in Banking Look Like?

An effective CDD process is designed to collect a variety of customer data throughout the duration of the business-customer relationship.

Some of the basic Customer Due Diligence Requirements include:

1. Collecting Customer Information:

The first and most important step of the Customer Due Diligence requirement is collecting the customer information. In this step, the bank collects the customers' information to verify their identity. These include the customer’s full name, house address, email address, phone number, photo identification, government-issued ID and more.

2. Gathering Business Information:

This CDD measure holds when the customer is a business (i.e. Business to Business relationship). In this case, the measure includes identifying information about the customer’s business model, beneficial ownership, source of funds and more.

3. Risk Profiling and Assessment

Based on the bank findings from the data of the customer (identity, location and business type), the customers are classified into different risk levels according to the amount of money laundering risks they pose. This is called risk profiling, and the level of a customer determines the level of due diligence that would be executed. For example, high-risk customers like a Politically Exposed Person (PEP) would require a more in-depth due diligence process than a low-risk customer who only wants to send and receive money.

4. Ongoing Monitoring

This is the final step. Ongoing monitoring is the continuous process of customer due diligence after the customer has been onboarded. It includes keeping an eye on suspicious activities, transactions, unusual customer profiles and more for high-risk customers.

In summary, your CDD procedure should be able to answer these two major questions:

Is the customer who they claim to be online?
Does their risk profile analysis raise any red flags?

As a bank that deals with more low-risk customers, you can fast track your CDD process using online identity verification and AML screening software. Using an automation tool is faster, and more efficient than manual procedures, completing CDD in seconds. However, high-risk customers could take more time depending on the specific situation.

How to Efficiently Carry out Customer Due Diligence Processes as a Bank

Banking and finance is a heavily regulated industry, especially in the aspect of complying with KYC and AML requirements. The numerous boxes they have to tick have made the journey both expensive and complex for corporations today.

According to a report by KPMG, Nigerian banks spend billions of Naira annually to implement Know Your Customer (KYC) processes as part of the mandatory CDD. A separate report by Thomson Reuters estimates that banks take an average of 24 hours to onboard customers.

This indicates that the current system adopted by numerous banks is both unfriendly and time-consuming, leading to high abandonment rates by legitimate customers. The best bet is for banks to embrace automated CDD processes to save money, and time and onboard more customers.

Some of the processes that can be automated for effective CDD include:

1. Identity verification

More companies rely on automated identity verification methods daily to smoothen out and speed up the current onboarding process for new customers.

Identity verification software relies on AI, biometrics and machine learning to validate customer information like passports, drivers’ licence and other government-issued IDs. Liveliness checks may also be applied accordingly for further verification.

Read More - How do banks verify Identity?

2. AML Monitoring and Screening

Automated tools can also be used to identify customers under global terrorism or AML watch lists at the point of application. It could also be used to identify Politically Exposed Persons (PEPs) so the bank can take appropriate action.

3. Ongoing Monitoring and Screening

Also, AI and machine learning allow financial institutions to effectively monitor customer transactions and activities in real-time. Algorithms could be used to track expected and actual transactions of customers to update their risk rating. This would help flag suspicious activities for the bank to take appropriate steps.

Also, through constant connection and pinging of local and international watchlists, banks can be immediately notified when a customer appears on any of the sanction lists. This ensures the company is well informed of any status change to their existing customer profile in real-time.

Checklist for Customer Due Diligence for Banks

The first step in building a strong relationship with any customer is conducting thorough customer due diligence for banks. This involves verifying a customer's identity and assessing their potential financial risks. CDD for banks is a crucial aspect of Know Your Customer (KYC) compliance and mitigating the risk of financial crime.

Customer due diligence checklist that banks may follow to ensure compliance and avoid errors include:

1. Identity Verification:

Several methods can be employed for customer due diligence for banks (CDD for banks) purposes. One popular approach is online document verification, which uses digital tools to assess the legitimacy of a customer's identification documents during onboarding. This streamlines the process while upholding security standards.

2. Reviewing of Customer's Financial Background

In addition to identity verification, CDD for banks should also consider a customer's financial background. This includes reviewing current and past financial information, as well as understanding their business activities. A comprehensive financial picture helps banks assess potential risks associated with the customer.

3. Partnering for Efficiency: Utilizing Third-Party Solutions in CDD for Banks

Many banks leverage third-party expertise to enhance their CDD for bank processes. These partners can include lawyers, auditors, or specialized providers of CDD solutions, such as digital identity verification tools. Selecting reliable and reputable third-party vendors strengthens the overall customer due diligence process.

4. Enhanced Due Diligence (EDD): When Standard CDD for Banks Isn't Enough

For high-risk customers, such as politically exposed persons (PEPs) or individuals from high-risk countries, additional due diligence may be necessary. Enhanced due diligence (EDD) involves a more in-depth investigation to mitigate the potential for money laundering or other financial crimes.

5. Record-keeping for Secure Data Management.

Regulations mandate that banks retain financial transaction records for a minimum of five years. This includes all information gathered during CDD measures, such as account files, business correspondence, and related analyses. Secure storage of this sensitive data is paramount to prevent loss or breaches.

6. Maintaining Up-to-Date Information

Customer circumstances can evolve. CDD for banks requires ongoing monitoring and potential adjustments to risk assessments. Events such as changes in ownership or business structure might necessitate further due diligence to ensure continued compliance and risk mitigation.

A More Effective Approach to Customer Due Diligence (CDD)

A lot of banks are becoming more open to the benefit of using automated tools for CDD, forcing an industry-wide mass adoption.

Youverify Operating system (YV OS) is Youverify’s flagship product that allows banks to complete CDD in a matter of seconds.

Here is a video description of how it works:

The implication is that banks can now onboard customers with just their phone numbers and complete KYC/ CDD procedures with full compliance. This greatly transcends the current use of customers' phone numbers for only user authentication like OTP.

Book a demo session today to see how YV OS can help automate your business’s KYC Due Diligence! Also, feel free to contact us here for any questions.

FAQ on Customer Due Diligence for Banks

1. What are the 4 pillars of CDD?

The 4 pillars of customer due diligence requirements include customer identification and verification, beneficial ownership identification, business-customer relationships definition, and conducting ongoing transaction monitoring.

2. What are the 3 types of CDD?

The 3 types of CDD are standard CDD, enhanced CDD, and ongoing CDD. Standard Customer or Client Due Diligence is the basic level of information organisations must collect and verify about their customers., while enhanced CDD is used when a customer is considered a high-risk customer and a thorough investigation is needed.

3. What is the difference between CDD and EDD? CDD Versus EDD

CDD is the standard basic process used by a bank to assess a customer's risk while EDD is used when the customer presents a higher risk such as a PEP- Politically Exposed Person. Such a person may require a thorough investigation and monitoring.

4. What is the customer due diligence rule for banks?

The CDD Rule for banks has four key requirements which are customer identification, beneficial ownership, understanding the customer, and ongoing monitoring.

5. What are Red Flags in CDD?

Red flags in CDD are warning signs of potentially suspicious or high-risk activities. When banks verify customer information (Customer Due Diligence or CDD), they look for anything that might seem suspicious. These "warning signs" can help identify customers who might be involved in risky activities. The warning signs may include irregular transaction patterns, ID issues, dealing with risky countries, and complicated company ownership.

Updated July 11, 2024

Youverify is a 2023 RegTech100 Company