Financial institutions face numerous risks when it comes to criminal activity, such as money laundering and acts of financial terrorism. In order to build a better understanding of the threats they face in order to implement suitable countermeasures, financial institutions such as banks and currency exchange platforms employ different processes and systems.
The forefront of these processes typically encompasses the identification and verification of their customers as well as establishing the nature of the business in which they are involved. This is also known as Customer Due Diligence or CDD for short, and the due diligence process is the most important security step.
What Is Customer Due Diligence
The CDD process is the foundation of what is known as the Know Your Customer (KYC) process. This process is in turn at the forefront of Anti-Money Laundering And Counter Financial Terrorism (AML/CFT) regulations that have been set in place to prevent criminal activity within financial institutions.
To put it simply, CDD and KYC as a whole ensure that the right AML/CFT measures are able to be implemented for effective countermeasures against crimes such as money laundering and illegal transactions.
How exactly does CDD do this? As a whole, the KYC process is meant to aid institutions in building risk assessment reports for each customer by assessing their financial behaviour so as to extrapolate the kind of risk they present to an institution. At the forefront of this process is the CDD.
The CDD is responsible for collecting and identifying information in order to verify a customer’s identity. This includes details such as names, addresses, and even information regarding what they intend to use their account for. This helps the institution accurately assess the level of criminal threat that a customer poses.
The Basics Of Customer Due Diligence
All sorts of different financial institutions exist in our current day and age, from banks to crypto exchange platforms. This has resulted in changing regulations when it comes to KYC protocols, including the likes of CDD. However, at the core of CDD lies obligations that should be practised by all financial institutions — the basics of Customer Due Diligence.
Customer identification may be simple to understand, but it is one of the most important components of CDD. Customer identification may come in many different forms, but collecting personal information regarding one’s name, address, and photo ID are some of the key forms of identification. This information, when received from a credible and independent source, allows for users to be easily identified as well as be verified to prove the legitimacy of ownership of an account.
Third-party persons or companies have to have their beneficial ownership verified by financial institutions. This is one of the first steps in preventing money laundering schemes from even accessing the financial institution where further exploitation may occur. Said third-party has to receive what is known as an Ultimate Beneficial Ownership, otherwise known as UBO, by going through several processes of screenings, including an identity check as well as risk assessments.
Users of a financial institution, be it for personal or beneficial ownership, also have to have their business relationships assessed. Establishing an understanding of the nature of the business that their clients are involved in is key for financial institutions to build up an assessment of the risk that said client poses to the institution when it comes to matters involving money laundering and financial terrorism. This then allows companies to implement the appropriate AML/CFT controls to prevent misuse of their services.
When Should CDD Be Implemented?
New Business Relationships
When a user or a company wishes to do business with a financial institution, it is important that CDD, as well as the other protocols that follow within the KYC framework, be implemented. Information regarding a client such as personal information and business relations has to be thoroughly scrutinised and verified to ensure the legitimacy of identity.
Irregular transactions include the likes of transactions exceeding thresholds, transactions with high-risk individuals, and even transactions within high-risk regions. These types of transactions more often than not warrant a CDD check, alongside other checks within the KYC regulation.
Threat Of Criminal Activity
When a client is suspected of being involved with activities that pose a security risk to financial institutions such as money laundering or acts of financial terrorism, CDD checks and other forms of further scrutiny should be employed.
CDD checks are typically employed early on, but continued monitoring is equally as important. This is to seek out any irregular behaviour that may point toward criminal activity. Furthermore, this strengthens the accuracy of risk assessments made.
Can CDD Be Conducted By Third Parties?
It is perfectly legal for third-party companies to carry out CDD processes on behalf of financial institutions that employ their services. In fact, not only are they permitted to carry CDD out, but also store CDD data for these financial institutions that employ them.
However, these third-party companies have to meet the regulatory standards set by the Financial Action Task Force (FATF).
How Is CDD Performed?
When doing business with a financial institution, clients are assessed and assigned a certain risk level. These companies are then advised to carry out CDD measures and processes with regard to a client’s risk level.
Take for example a client with a low-risk level. Companies are able to carry out basic CDD measures which would be sufficient enough. However, these measures may not be thorough enough for clients with higher risk levels. These individuals are recommended to be subjected to higher scrutiny due to the higher risk that they present.
CDD measures are at the forefront of the KYC regulations that ensure security from external threats faced by financial institutions. With risks constantly evolving and criminals being able to bypass protocols with greater ease in current times, these measures have to be constantly evolving as well.
Technology can enable us to achieve this by facilitating the CDD process with higher efficiency and speed. However, technology can only go so far as to facilitate. Greater efforts into the development of improved CDD and KYC protocols will have to be continuously carried out in the years to come.