With CDD requirements becoming more complex, financial institutions must understand the different kinds of CDD processes. Here are 5 types of CDD processes.
CDD, AML & KYC are the three important terms commonly used in the realm of customer identification and risk management. CDD is about assessing the customer's identity, AML is about preventing money laundering, and KYC is the overall process of knowing your customer. Understanding and applying these concepts is crucial for businesses in regulated industries to mitigate risks and comply with legal requirements.
Customer Due Diligence (CDD) is the process of verifying and authenticating a client’s identity and quantifying the risks they may introduce in business relationships. CDD processes begin before institutions provide clients with services and, in some cases, may continue at regular intervals throughout the client’s tenure. The purpose of CDD requirements is to prevent financial crimes such as money laundering and identity theft.
Financial institutions use five kinds of CDD procedures based on initial client risk assessments: Standard CDD, Simplified CDD, Enhanced CDD, Delayed CDD, and Ongoing CDD.
Standard CDD applies to clients who present no significant risks on initial assessment. Standard CDD requires personally identifiable information about the client, beneficial owners, and any persons authorised to act on behalf of the client. This information should include:
For best practices to make initial assessments and verify information provided, institutions can consult the guidelines prescribed in Australia’s 2006 Anti-Money Laundering and Counter-Terrorism Financing Act.
Typically, financial institutions only approve simplified CDD for clients that have prior obligations to transparency and public disclosure such as government entities, local authorities, and public service agencies. The 18(2) of the AML/CFT Act lists qualified client types for reference. This process requires that institutions:
Enhanced CDD applies to clients assessed to be at high risk for financial crimes. Typical high-risk triggers include the following circumstances:
When enhanced CDD is required, institutions should gather all information required by standard CDD procedures and supplement the file with a detailed exposition of the client’s sources of wealth and funds. Records of this investigation and disclosure should clearly indicate that the institution took reasonable steps to verify all claims regarding the sources of funds.
While financial institutions typically cannot begin any work for clients prior to satisfying CDD requirements, a few exceptions exist to allow institutions to begin work processes essential to preventing the interruption of ongoing business operations. These exceptions are only available to clients with low-risk assessments. Delayed CDD has three requirements:
Institutions should practice ongoing CDD with all clients at intervals indicated by the client’s risk status. Low-risk clients require CDD confirmation once a year. Medium to high-risk clients should undergo the process every six months. Additionally, institutions should apply CDD procedures any time significant changes are made to the existing business relationship.
As white-collar office workers largely shifted to work-from-home during the last two years, financial institutions around the globe saw an unexpected rise in new accounts opened. Following reports issued by watchdog organizations in the U.K. and the U.S. in 2021, it became clear that the surge in new accounts had concealed a parallel increase in money laundering and other criminal activities that rely on financial services.
In the U.K. alone, suspicious activity reports in 2021 came in at 20% over 2020 and 2019 totals. In response, government offices responsible for the prevention and prosecution of financial crimes such as the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) and Australia’s Serious Financial Crime Taskforce (SFCT) are tightening their requirements for compliance with customer due diligence (CDD) processes.
Financial institutions in affected countries have already begun enhancing their CDD procedures, with some collecting over 600 unique fields of information.
At the end of the more strident processes, it would be no exaggeration to say that the vetting financial institution may know more about their clients than their own friends and family. With CDD requirements evolving rapidly – and generally becoming more complex – financial institutions should prioritize developing a comprehensive understanding of the different kinds of CDD processes.
FileInvite offers financial institutions a document collection platform and file sharing service with bank-grade security and KYC templates. FileInvite maintains SOC 2 Type 2 compliance and employs 256-bit encryption in client portals.
To learn more and request a demo, visit FileInvite today.
Use technology to streamline rote manual tasks in your CDD and KYC processes by gathering and analyzing customer information efficiently.
Fortiro automates fraud detection processes, cutting processing times while enhancing overall information security. Learn more.
How Aprio Cloud, an outsourced accounting firm, automated accounting, and financial documents requests. Alex also shares her tips for better business...