A complete guide to effective customer due diligence
Different aspects of customer due diligence
1. Simplified due diligence
The process of simplified customer due diligence comes into the picture when the customer belongs to a low-risk category. The Designated Non-Financial Business and Professions (‘DNFBP’) is required to know the customer’s identity and basic details under a simplified customer due diligence process, and there is no need for carrying out detailed due diligence.
2. Standard due diligence
Generally, DNFBPs adopt Standard Due Diligence procedures for the majority of the customers. As a part of this process, the identity of the respective customer is verified from several reliable sources. In addition to that, DNFBPs also determine and evaluate the nature of the customer’s business or the customer’s purpose for entering into a transaction with the DNFBP.
3. Enhanced due diligence
Enhanced Due Diligence is usually required for only those customers who have a high-risk quotient and are more likely to get involved with money laundering or financing of terrorism. There are undoubtedly quite a few factors that clearly establish that a particular customer hails from a high-risk background. For instance, the politically exposed people (PEPs) are usually categorized as high-risk customers and require enhanced customer due diligence.
With the help of enhanced customer due diligence, the information of the customers is verified, and critical information like the origin or the source of their funds along with the primary purpose of the transaction is obtained.
4. Ongoing due diligence
The financial situation of a customer changes over time, and it becomes inevitable for the DNFBPs to take this into consideration for better execution of the business plans in accordance with the AML/CFT regulations. In order to keep up with the constant change in the financial transactions, DNFBPs should observe the actual movements of the respective customers. Therefore, the risk profile or categorization of the customer should be monitored on a regular basis or specifically upon identification of certain indications arising from doubt about the status of the customer.
Compliance. Trust. Transparancy
Customized and cost-effective AML compliance services to support your business always
Fundamentals of customer due diligence
1. Identification of customer
2. Beneficial ownership
3. Business Relationship
When is customer due diligence required?
The need to apply the CDD process comes into the picture when a business organization is required to abide by AML/CFT regulations, and it intends to establish a business relationship with a potential customer. The business is required to verify the identity of the customer and assess the risk profile. Therefore, DNFBPs/FIs are required to carry out the Know Your Customer (KYC) procedure as part of CDD in the following situations.
What is the process of conducting a customer due diligence program?
Step 1 - Collecting data
If the customer is an individual
If the customer is a business entity
Step 2 - Verification
The second step of the CDD program is to verify all the information that has been collected at step one. Again, it is essential to note that most of the collected data can be confirmed with the help of a government agency's site or any reputable independent institution. For instance, documents like identity cards, tax receipts, and passports cannot be verified on the respective Government Portals on the basis of the unique number associated with them.
Step 3 - Name screening
Name screening is done in order to see if any customer belongs to a high-risk profile or not. At this point, businesses try to find out whether the customer is on the national or international Sanction List or not. The primary objective behind carrying out the process of name screening is to check that the customers do not fall under the following categories:
Step 4 - Risk profiling
At this stage, the AML Compliance Officer determines the risk level of each customer or potential customer based on various factors. These factors could be:
Once the risk profile is assigned to a customer, DNFBPs and FIs can decide the type of monitoring and level of controls to be imposed while dealing with such customers.
Step 5 - Ongoing monitoring
Once the Customer Due Diligence process is completed and necessary decisions around risk classification have been made, regular monitoring of the customer's risk profile cannot be overlooked. Monitoring should be carried out regularly for identified accounts for all financial transactions. The customer's behavior, along with accounts and transactions, must be compatible with the usual activities, and this needs to be tracked or overviewed at all costs.
Step 6 - Record keeping
This is the final stage of the entire CDD process. At this stage, one has to maintain the CDD related records in accordance with the retention policies of the business organization and as prescribed under AML/CFT regulation. In the UAE, AML/CFT regulations require maintenance of CDD and other AML/CFT related records for the period of 5 years from the relevant dates.
A systematic record-keeping facilitates the DNFBPs to meet its reporting obligation under ANL/CFT regulations and furnish such details to the relevant supervisory authorities as and when demanded in the context of any Suspicious Transaction Report filed by the DNFBP.
Customer Due Diligence, whether simplified, standard, enhanced, or ongoing, is an important element of an effective AML CFT Program. It helps identify red flags early and saves an organization from entering into a wrongful transaction and business relationship.
AML UAE provides consulting services on customer onboarding and KYC process, CDD, and risk profiling of customers. We also provide training on customer due diligence procedures and help you remain compliant with UAE AML laws and regulations.
Our recent blogs
Share via :
FAQs - Customer Due Diligence
Here is the comprehensive Customer Due Diligence (CDD) Checklist for your easy reference:
- Collect data on customers or potential customers
- Verify the information with government IDs
- Screen name against Sanctions, Terrorists, PEPs, or Criminals
- Determine the risk profile
- Ongoing monitoring of customer relationship
- Maintain records for a minimum of 5 years
Add a comment
About the Author
CISA, FCA, CS, DISA (ICAI), FAFP (ICAI)
Pathik is a multi-disciplinary professional with more than 22 years of experience in compliance, risk management, accounting, system audits, IT consultancy, and digital marketing. He has extensive knowledge of Anti-Money Laundering rules and regulations, and he helps companies comply with legal requirements. Pathik also helps companies generate value from their IT investments.