Customer due diligence (CDD) is understanding who your customers are before you provide a designated service, and keeping that understanding current through the relationship. It is the heart of an AML/CTF program.
The types of CDD
- Initial CDD - identify and verify the customer (and any person acting on their behalf) before you provide the service.
- Beneficial owners - identify and take reasonable steps to verify the individuals who ultimately own or control the customer.
- Ongoing CDD - keep customer information current and monitor the relationship for the life of it.
- Enhanced CDD - do more where the ML/TF risk is higher (for example, higher-risk customers, services or countries).
- Simplified CDD - do proportionately less where the risk is demonstrably lower.
Screening and risk rating
As part of CDD, screen each customer against politically exposed person (PEP) and sanctions lists, and assign a customer risk rating that drives how much due diligence you apply. Record your findings and the evidence you relied on in the CDD file.
Records
Keep your CDD records so you can show what you did and why. AML/CTF Compliance runs this as a structured workflow - identify and verify, screen, rate and record - and keeps it in your browser. See what Tranche 2 is for the wider obligations it sits within.
Frequently asked questions
What is customer due diligence?
CDD is identifying and verifying who your customer is (and their beneficial owners) before you provide a designated service, and keeping that current through the relationship. It includes PEP and sanctions screening and a risk rating.
What is the difference between enhanced and simplified CDD?
Enhanced CDD applies more scrutiny where ML/TF risk is higher; simplified CDD applies proportionately less where the risk is demonstrably lower. Your customer risk rating drives which applies.
What is a beneficial owner?
The individual or individuals who ultimately own or control a customer. AML/CTF requires you to identify and take reasonable steps to verify them.