A complete guide to effective customer due diligence

Customer Due Diligence (CDD) is all about identifying potential customers and checking their authenticity and legitimacy. In addition, it means cross verifying the details provided by the customer for their legal validity and accuracy. In total, there are four aspects of CDD, namely, simplified, standard, enhanced, and ongoing.

Different aspects of customer due diligence

Here is a brief about four types of customer due diligence

1. Simplified due diligence

The process of simplified customer due diligence comes into the picture when the customer belongs to a low-risk category. The Designated Non-Financial Business and Professions (‘DNFBP’) is required to know the customer’s identity and basic details under a simplified customer due diligence process, and there is no need for carrying out detailed due diligence.

Standard Due Diligence

2. Standard due diligence

Generally, DNFBPs adopt Standard Due Diligence procedures for the majority of the customers. As a part of this process, the identity of the respective customer is verified from several reliable sources. In addition to that, DNFBPs also determine and evaluate the nature of the customer’s business or the customer’s purpose for entering into a transaction with the DNFBP.

3. Enhanced due diligence

Enhanced Due Diligence is usually required for only those customers who have a high-risk quotient and are more likely to get involved with money laundering or financing of terrorism. There are undoubtedly quite a few factors that clearly establish that a particular customer hails from a high-risk background. For instance, the politically exposed people (PEPs) are usually categorized as high-risk customers and require enhanced customer due diligence.


With the help of enhanced customer due diligence, the information of the customers is verified, and critical information like the origin or the source of their funds along with the primary purpose of the transaction is obtained.

Enhanced Due Diligence
It is also required to obtain approval from the senior management before entering into a transaction with high-risk customers.
Ongoing Due Diligence

4. Ongoing due diligence

The financial situation of a customer changes over time, and it becomes inevitable for the DNFBPs to take this into consideration for better execution of the business plans in accordance with the AML/CFT regulations. In order to keep up with the constant change in the financial transactions, DNFBPs should observe the actual movements of the respective customers. Therefore, the risk profile or categorization of the customer should be monitored on a regular basis or specifically upon identification of certain indications arising from doubt about the status of the customer.

Compliance. Trust. Transparancy

Customized and cost-effective AML compliance services to support your business always

Fundamentals of customer due diligence

At the initial level, CDD starts with verification of the identity of the customer and understanding the nature of its business. The entire CDD process involves certain steps and a few regulatory obligations imposed on DNFBPs under AML/CFT regulations, as under:

1. Identification of customer

DNFBPs should first identify their customers, seeking personal information like name, date of birth, nationality, and address. This should further be backed by conclusive evidence issued by the Government in the form of a passport, ID Card, Driving License, etc. Businesses need to implement a comprehensive customer identification program (CIP) to comply with legal requirements.

2. Beneficial ownership

Customer Due Diligence measures should try to identify the beneficial owner of the customer or proposed transaction. This includes understanding the customer’s control or the organization structure.

3. Business Relationship

Post the verification of the customer and identifying business ownership, DNFBPs should focus on obtaining information related to the nature of the business relationship the client intends to establish.
Complete guide to effective customer due diligence

When is customer due diligence required?

The need to apply the CDD process comes into the picture when a business organization is required to abide by AML/CFT regulations, and it intends to establish a business relationship with a potential customer. The business is required to verify the identity of the customer and assess the risk profile. Therefore, DNFBPs/FIs are required to carry out the Know Your Customer (KYC) procedure as part of CDD in the following situations.

What is the process of conducting a customer due diligence program?

Customer Due Diligence is an important as well as a pretty tedious process that needs to be undertaken with utmost efficiency and attention. Here are a few steps that you need to keep in mind while carrying out the CDD program.

Step 1 - Collecting data

The first step of CDD is to get the essential information from customers or potential customers. The information to be obtained includes the following:

If the customer is an individual

Here is the list of information to be sought from the customer-

If the customer is a business entity

Here is the list of information to be sought from the customer who is a business entity:
In addition to that, the wealth profile of customers, irrespective of the customer is an individual or business entity, is to be checked as well. The wealth profile includes detailed information related to the source of income, approximate networth, and average annual revenue.

Step 2 - Verification

The second step of the CDD program is to verify all the information that has been collected at step one. Again, it is essential to note that most of the collected data can be confirmed with the help of a government agency's site or any reputable independent institution. For instance, documents like identity cards, tax receipts, and passports cannot be verified on the respective Government Portals on the basis of the unique number associated with them.

Step 3 - Name screening

Name screening is done in order to see if any customer belongs to a high-risk profile or not. At this point, businesses try to find out whether the customer is on the national or international Sanction List or not. The primary objective behind carrying out the process of name screening is to check that the customers do not fall under the following categories:

Step 4 - Risk profiling

At this stage, the AML Compliance Officer determines the risk level of each customer or potential customer based on various factors. These factors could be:

Once the risk profile is assigned to a customer, DNFBPs and FIs can decide the type of monitoring and level of controls to be imposed while dealing with such customers.

Step 5 - Ongoing monitoring

Once the Customer Due Diligence process is completed and necessary decisions around risk classification have been made, regular monitoring of the customer's risk profile cannot be overlooked. Monitoring should be carried out regularly for identified accounts for all financial transactions. The customer's behavior, along with accounts and transactions, must be compatible with the usual activities, and this needs to be tracked or overviewed at all costs.

Step 6 - Record keeping

This is the final stage of the entire CDD process. At this stage, one has to maintain the CDD related records in accordance with the retention policies of the business organization and as prescribed under AML/CFT regulation. In the UAE, AML/CFT regulations require maintenance of CDD and other AML/CFT related records for the period of 5 years from the relevant dates.

A systematic record-keeping facilitates the DNFBPs to meet its reporting obligation under ANL/CFT regulations and furnish such details to the relevant supervisory authorities as and when demanded in the context of any Suspicious Transaction Report filed by the DNFBP.

Final words

Customer Due Diligence, whether simplified, standard, enhanced, or ongoing, is an important element of an effective AML CFT Program. It helps identify red flags early and saves an organization from entering into a wrongful transaction and business relationship.

AML UAE provides consulting services on customer onboarding and KYC process, CDD, and risk profiling of customers. We also provide training on customer due diligence procedures and help you remain compliant with UAE AML laws and regulations.

Our recent blogs

Contact us

Share via :

Share on facebook
Share on twitter
Share on linkedin

FAQs - Customer Due Diligence

Here is the comprehensive Customer Due Diligence (CDD) Checklist for your easy reference:

  • Collect data on customers or potential customers 
  • Verify the information with government IDs 
  • Screen name against Sanctions, Terrorists, PEPs, or Criminals 
  • Determine the risk profile 
  • Ongoing monitoring of customer relationship
  • Maintain records for a minimum of 5 years 

Add a comment

About the Author

Pathik Shah

CISA, FCA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a multi-disciplinary professional with more than 22 years of experience in compliance, risk management, accounting, system audits, IT consultancy, and digital marketing. He has extensive knowledge of Anti-Money Laundering rules and regulations, and he helps companies comply with legal requirements. Pathik also helps companies generate value from their IT investments.