Customer due diligence (CDD) is the process through which banks and other financial institutions verify the identities of their customers and the nature of their business. This process is mandatory by law and helps the institution understand the money laundering risks they face.
This article widely discusses customer due diligence (CDD), its processes, types and other things you should know.
What is Customer Due Diligence (CDD)?
Customer due diligence is the process of proof checking your customers' information and background to verify their identity and assess the level of risk involved in conducting business with them. The customer due diligence process requires organisations to collect important customer information like their name, address, occupation, and how they plan to use their account.
Information provided by the customer is fact-checked against official records and databases such as passport, utility bill, drivers’ license, etc. Basically, this helps the firm understand what type of customer they are and the related anti-money laundering (AML) and combating finance terrorism (CFT) risks they pose. Globally, all Financial Action Task Force (FATF) member countries have to implement customer due diligence domestically as part of their larger scope of AML and CFT goals.
What are the basics of Customer Due Diligence (CDD)?
The Customer Due Diligence process is guided by three foundational rules. They include:
1. Identifying customers
This is the first and most basic step of the Customer Due Diligence process. It involves the company collecting personal information from its customers through accepted IDs. Data to be collected include address, passport, name, photographic ID card, and more.
2. Establishing business relationship
In this process, the company establishes the nature and purpose of the business relationship which they are creating with the customer.
3. Establishing beneficial ownership
Here, the company seeks to establish the identity of the ultimate beneficial ownership (UBO) when the customer is acting on behalf of a third party. The UBO simply refers to the individual or group that benefits from the activities of the customer.
When is Customer Due Diligence (CDD) Required?
Customer Due Diligence (CDD) is required when an organisation falls under the AML/ CFT regulation. This means it has to conduct identity verification on potential customers to assess their risk profile.
The organisation is required to undergo these CDD and KYC steps for these situations:
1. Suspicion of financial crimes:
If the customer is suspected of terrorism financing or money laundering.
2. Occasional Transactions:
There are certain transactions that necessitate CDD measures. For example, this could apply to high-risk transactions or amounts of money over a certain limit.
3. Ongoing monitoring:
Although CDD starts with a process, it doesn't end there. It is not a one-time obligation, therefore, companies are required to frequently perform CDD at different times in the business-customer relationship to ensure the customer is compliant with their established risk profiles.
4. Untrusted Documentation:
This is a situation wherein the custom provides an unreliable identity KYC document for verification. In such a situation, CDD should be applied.
Is Know Your Customer (KYC) the same as Customer Due Diligence (CDD)?
No, KYC is not the same as CDD. KYC is one of the processes involved during Customer due diligence, while CDD is the overall process that both identifies the customer and assesses the risks involved in doing business with them.
What is the difference between KYC and CDD?
The major difference between KYC and CDD is that KYC is one of the processes organisations carry out to prove that they have satisfied CDD. CDD itself is the overall system that both verifies and identifies risks surrounding the business-customer relationship.
Why is Customer Due Diligence (CDD) important?
Customer Due Diligence (CDD is important due to the high stakes involved in transacting with customers in the finance industry. CDD is necessary for comparing money laundering and terrorist financing, which has become a global spectrum for criminal enterprises.
Some of the reasons why Customer Due Diligence is important are:
- To protect the reputation of financial institutions
- To avoid legal compliance penalties
- Coping with increasing costs
- To keep up and expose new tricks of fraudsters and criminals
- To improve on poor service quality
Step-by-step process on how to perform Customer Due Diligence (CDD)
The step-by-step process on how businesses can carry out CDD includes:
- Collect all relevant information from the customer (name, address, nationality, etc.).
- Make use of an authentication system to validate customer data.
- Scrutinise and assess the activities of customers e.g Politically Exposed Persons (PEPs) or customers from high-risk countries.
- Constant updating of CDD checks procedures as client profile changes.
What is Risk-Based Customer Due Diligence (CDD)?
Risked-based Customer Due Diligence is the due diligence procedure which varies directly with the level of risk in question. CDD and KYC processes should take a risk-based approach at every time. This means that the company involved should assess the AML/ CFT risk posed by each customer and set their due diligence procedure as it fits.
Therefore, although the customer would face their standard CDD procedure, which largely means identity verification, more strict or less stringent processes could be applied for customers that pose higher or lower risks.
As a rule of thumb, the following processes must be included in a company’s risk assessment procedure:
- Standard risk assessment that takes into account the risk variables surrounding the business-customer relationship.
- Money laundering procedures and policies that incorporate the firms' risk assessment.
- Internal audit teams to robust test internal policies, procedures and adequate controls as required.
- Continuous training and monitoring of personnel on how to carry out risk-based CDD.
Read also - What is Corporate KYC?
What is Enhanced Due Diligence (EDD)?
Enhanced Due Diligence (EDD) is the KYC process that allows organisations to adequately evaluate other corporations and high-risk individuals before conducting business with them. EDD is carried out because some clients pose greater risks of financial crimes to businesses. To protect themselves, businesses have to take extra steps to assess associated risks than they normally would. Examples of these clients are Politically Exposed Persons (PEP) or corporations from high-risk nations.
EDD is used by businesses to protect themselves and satisfy compliance requirements. During the EDD, qualified specialists should be consulted to avoid mistakes and time-wasting.
What is Ongoing Monitoring?
Ongoing monitoring is the system of regular scrutinising commercial ties in a business-customer relationship. It is important in identifying patterns and behaviours of customers over time, which could quickly be identified as an indication of suspicious activities if broken.
The following actions are carried out during ongoing monitoring:
- Keeping records, data, documents, and important client information for CDD purposes.
- Monitoring transactions throughout the duration of the business-customer relationship to ensure a client's activities correspond to their risk profile.
- Keeping track and staying highly sensitive to suspicious changes in the risk profile of a client.
Applying Technology Expertise to Effectively Conduct Customer Due Diligence Process
For the most effective outcomes, CDD and KYC processes are built by combining technology and expertise. As risk profiles and criminal intelligence evolves, financial institutions should be prepared to be flexible and adapt to their CDD approach to satisfy AML/ CFT regulations.
YV OS is Youverify’s flagship product that allows businesses to perform Customer Due Diligence (CDD) in a matter of seconds.
Here is a video description of how it works:
You can now onboard customers and complete KYC using just their mobile phone numbers. Keep in mind that it has to be the phone number linked to their bank account and NIN. By collecting their phone numbers, our “Advanced Search” can help you retrieve other relevant information like their NIN, BVN and full data.
The implication is that businesses and organisations can now onboard customers with just their phone numbers and complete KYC with full compliance. This greatly transcends the current use of customers' phone numbers for only user authentication like OTP.
Advanced Search is available on our flagship product, YV OS, and only available to customers in compliance with Nigeria Data Protection Regulation (NDPR).