Customer due diligence (CDD) is a process that evaluates prospective customers. It involves performing customer identity verification, confirming that the customer is not on a prohibited list, checking their background, and generally assessing the risk factors of the customer.
Almost all banks are subject to know your customer (KYC) and anti-money laundering (AML) regulations, and CDD is a critical requirement in most of these regulations.
Here are key aspects involved in a CDD check:
In this article:
Companies required to comply with AML regulations are also usually necessary to perform CDD, verify the customer's identity, and assess their risk profile.
Here are several circumstances during which financial institutions and other companies must perform CDD:
Companies should base their KYC and CDD checks on risk factors. For example, assessing each client's risk concerning anti-money laundering (AML) or combating terrorism (CFT) financing. And their due diligence scrutiny should be adjusted accordingly.
Most clients are subject to standard CDD measures, requiring customer verification and identification. The business can apply a simple CDD process when the risk is low. Once the initial screening passes, there is an assessment of the business relationship, and the company can decide whether to proceed.
The financial industry is strictly regulated and needs to meet KYC and CDD requirements. Here are the three types of CDD used in the banking industry:
This process involves verifying and identifying customers through the application of KYC practices, which requires verification based on personal identity information and government-issued IDs. Reliable and independent third parties usually perform it.
Standard due diligence checks investigate entities and individuals with average risk scores. The goal is to uncover their intended reason for achieving the new business partnership. It is applied when large transactional volumes are involved, or the customer is suspected of criminal activities.
This type of due diligence applies during low or no risk of financial crime scenarios. For example, customers residing in low-risk locations can identify as using IDs and personally identifiable information (PII).
Performing enhanced CDD when the financial risks are high may involve suspicion of money laundering, tax evasion, terrorist financing, or corruption. This type of due diligence process investigates high-risk customers located in high-risk areas. The goal is to ensure that large amounts of funds, transactions, and assets are properly vetted to minimize the risk of crimes or regulatory penalties. Customers are usually screened against blacklists, politically-exposed person (PEP's) lists, and government-issued sanctions.
Companies put a lot of effort into onboarding and retaining their customers. To achieve this, companies strive to create customer journeys that are seamless and convenient. Unfortunately, CDD processes can often introduce lengthy and uncomfortable steps into the customer journey.
While some companies manage to create a balance that keeps customers satisfied, a clumsy CDD may be the factor that prevents a company from onboarding customers. Financial institutions are usually required to comply with CDD and AML regulations. While not all sectors must comply, companies may add more restrictions, and non-compliant businesses face fines.
Compliance regulations are regularly being revisited and updated by their governing bodies, and the cost of compliance continues to rise. As a result, financial institutions and banks need increasingly bigger budgets to cover the additional costs of compliance staff, frequent transaction monitoring, and strict KYC checks.
According to a survey by Thomson Reuters, big financial institutions spend up to $500 million per year on KYC and CDD. Other studies show companies spend as much as $48 million per year on KYC compliance. Onboarding corporate clients can cost up to $25,000 per client.
These costs are not sustainable for large financial companies, which means they are far beyond the reach of smaller or upcoming companies. These companies require a solution that offers a significantly lower cost for KYC and CDD. Ideally, this solution can help provide the right balance between regulatory compliance, budget requirements, and user experience.
While regulation requires financial institutions to put in place customers due to diligence procedures, they do not define how they should carry out CDD. As a result, there is no standardized process for verification and no systematic way of ensuring that a customer is authentic.
Financial institutions must therefore put their trust in third-party verifiers. They must rely on the correctness of the data of these third parties and trust that their methods are secure. Unfortunately, third-party identity verification providers use inaccurate or incomplete data sources to verify customer identity in many cases.
Non-standard data structures, fragmented sources, and low data quality standards make the process of authentication difficult, slow, and prone to error. As a result, the customer risk score provided by identity verification services often tends to be incorrect. Inaccurate risk assessment results in low-risk applicants being accidentally flagged, or conversely, high-risk applicants being accepted, creating a compliance risk.
With 45% of financial organizations noting that it is 'very' or 'fairly' challenging to monitor the continual compliance status of their clients, there must be a more effective standard for authentication to enforce CDD compliance.
BlueCheck’s industry-leading identity verification infrastructure ensures the highest accuracy and efficiency in financial services industries, where due diligence impacts everything from cost-effective compliance and risk mitigation to competitive advantage and market leadership.