Customer Due Diligence (CDD) in Banking Explained
What is Customer Due Diligence in Banking?
Customer due diligence (CDD) is a process that evaluates prospective customers. It involves performing customer identity verification, confirming that the customer is not on a prohibited list, checking their background, and generally assessing the risk factors of the customer.
Almost all banks are subject to know your customer (KYC) and anti-money laundering (AML) regulations, and CDD is a critical requirement in most of these regulations.
Here are key aspects involved in a CDD check:
- Customer identification—To identify customers, organizations must obtain personal information, such as name, a photographic identification document (ID), birth certification, and address. The goal is to verify identity against an independent and reliable source.
- Beneficial ownership—in many cases, organizations need to evaluate an entire company rather than a single individual. This is when due diligence measures check the company's beneficial ownership. It usually includes assessing the control structure of the company.
- Business relationship—this check helps organizations obtain information related to the nature of a specific business relationship they are considering and its purpose.
In this article:
- Lengthy CDD Processes Cause Onboarding Friction
- Costs of Compliance Are Dramatically Rising
- Inconsistent Standards for Verification Create Poor Quality Data
Why is Customer Due Diligence Required?
Companies required to comply with AML regulations are also usually necessary to perform CDD, verify the customer's identity, and assess their risk profile.
Here are several circumstances during which financial institutions and other companies must perform CDD:
- New business relationship—before entering a business relationship, companies must run a CDD check to ensure that their customer is not using a fake identity and matches the desired risk profile.
- Occasional transactions—Some transactions warrant CDD measures. For example, transactions involving money that exceeds a predefined threshold or any transaction with an entity located in a high-risk foreign country.
- Money laundering suspicion—companies must run CDD checks when suspecting a customer of financing terrorism or laundering money.
- Unreliable documentation—when customers supply inadequate or unreliable documentation, companies must apply CDD measures.
Companies should base their KYC and CDD checks on risk factors. For example, assessing each client's risk concerning anti-money laundering (AML) or combating terrorism (CFT) financing. And their due diligence scrutiny should be adjusted accordingly.
Most clients are subject to standard CDD measures, requiring customer verification and identification. The business can apply a simple CDD process when the risk is low. Once the initial screening passes, there is an assessment of the business relationship, and the company can decide whether to proceed.
Types of Customer Due Diligence for Banks
The financial industry is strictly regulated and needs to meet KYC and CDD requirements. Here are the three types of CDD used in the banking industry:
Standard Due Diligence
This process involves verifying and identifying customers through the application of KYC practices, which requires verification based on personal identity information and government-issued IDs. Reliable and independent third parties usually perform it.
Standard due diligence checks investigate entities and individuals with average risk scores. The goal is to uncover their intended reason for achieving the new business partnership. It is applied when large transactional volumes are involved, or the customer is suspected of criminal activities.
Simplified Due Diligence
This type of due diligence applies during low or no risk of financial crime scenarios. For example, customers residing in low-risk locations can identify as using IDs and personally identifiable information (PII).
Enhanced Due Diligence
Performing enhanced CDD when the financial risks are high may involve suspicion of money laundering, tax evasion, terrorist financing, or corruption. This type of due diligence process investigates high-risk customers located in high-risk areas. The goal is to ensure that large amounts of funds, transactions, and assets are properly vetted to minimize the risk of crimes or regulatory penalties. Customers are usually screened against blacklists, politically-exposed person (PEP's) lists, and government-issued sanctions.
Challenges of Customer Due Diligence
Lengthy CDD Processes Cause Onboarding Friction
Companies put a lot of effort into onboarding and retaining their customers. To achieve this, companies strive to create customer journeys that are seamless and convenient. Unfortunately, CDD processes can often introduce lengthy and uncomfortable steps into the customer journey.
While some companies manage to create a balance that keeps customers satisfied, a clumsy CDD may be the factor that prevents a company from onboarding customers. Financial institutions are usually required to comply with CDD and AML regulations. While not all sectors must comply, companies may add more restrictions, and non-compliant businesses face fines.
Costs of Compliance Are Dramatically Rising
Compliance regulations are regularly being revisited and updated by their governing bodies, and the cost of compliance continues to rise. As a result, financial institutions and banks need increasingly bigger budgets to cover the additional costs of compliance staff, frequent transaction monitoring, and strict KYC checks.
According to a survey by Thomson Reuters, big financial institutions spend up to $500 million per year on KYC and CDD. Other studies show companies spend as much as $48 million per year on KYC compliance. Onboarding corporate clients can cost up to $25,000 per client.
These costs are not sustainable for large financial companies, which means they are far beyond the reach of smaller or upcoming companies. These companies require a solution that offers a significantly lower cost for KYC and CDD. Ideally, this solution can help provide the right balance between regulatory compliance, budget requirements, and user experience.
Inconsistent Standards for Verification Create Poor Quality Data
While regulation requires financial institutions to put in place customers due to diligence procedures, they do not define how they should carry out CDD. As a result, there is no standardized process for verification and no systematic way of ensuring that a customer is authentic.
Financial institutions must therefore put their trust in third-party verifiers. They must rely on the correctness of the data of these third parties and trust that their methods are secure. Unfortunately, third-party identity verification providers use inaccurate or incomplete data sources to verify customer identity in many cases.
Non-standard data structures, fragmented sources, and low data quality standards make the process of authentication difficult, slow, and prone to error. As a result, the customer risk score provided by identity verification services often tends to be incorrect. Inaccurate risk assessment results in low-risk applicants being accidentally flagged, or conversely, high-risk applicants being accepted, creating a compliance risk.
With 45% of financial organizations noting that it is 'very' or 'fairly' challenging to monitor the continual compliance status of their clients, there must be a more effective standard for authentication to enforce CDD compliance.
Customer Verification with BlueCheck
BlueCheck’s industry-leading identity verification infrastructure ensures the highest accuracy and efficiency in financial services industries, where due diligence impacts everything from cost-effective compliance and risk mitigation to competitive advantage and market leadership.