Customer Due Diligence: What is CDD, AML, CFT & KYC?

Guide to understanding and implementing AML and Customer Due Diligence (CDD) legislation in finance, investment and property. Covers acronyms, software, workflows and templates.

Find out about due diligence software, creating workflows and building templates to get to know your customer.

But to start with we need an understanding of all the main elements of AML/CFT legislation. Let’s get to know the regulations implemented to try and stop criminals disguising their ill gotten gains?

The legislation is focused predominantly on banks, casinos, financial institutions, advisers, brokers, and some trust and company service providers.

Read on, as we give a quick break down the elements and associated acronyms.

Video from 


What does CDD mean?

CDD stands for Customer Due Diligence  and refers to the process of conducting a due diligence review of your customers. 

CDD comes in three levels

  • Standard CDD – used for most situations where CDD is required. 
    Think of your standard customer
  • Simplified CDD – for use with specific customers that are considered low risk.
    Think of the Police, Navy, Government bodies and registered financial institutions.
  • Enhanced CDD, ECDD or EDD – which is used when there are factors creating a higher level of ML/TF risk. Your obligations to track more activities increase.  
    Think of international property and money transfer

Third Party Providers

Most companies use a third party provider to conduct Enhanced Customer Due Diligence during on-boarding. They help with independent research and validation of identity and Ultimate Beneficial Ownership. They can also provide platforms for the monitoring of transactions.

ECCD thresholds on monitoring and classifying of transactions vary by industry and country but cover: large cash transactions, cross border transactions and changes in payment sources.  

Companies like Accuity provide access to global data and databases that can validate identity and ultimate beneficial ownership of financial institutions  through their Bankers Almanac API .

Everything You Need to Know About Customer Due Diligence

Learn how to deploy CDD policies that protect your business from criminals.

What does AML mean?

AML stands for Anti Money Laundering and refers to a set of regulations, laws, and practices that are intended to help prevent criminals laundering their illegally acquired money. It aims to prevent them from conducting a transaction that will make their criminally gained money appear to have come from a legitimate, legal business.  


The Impact of AML

Recent regulations have had a large impact on banks and financial institutions issuing credit and the real estate industry covering the purchase of property.
AML legislation asks these institutions and companies to ensure they conduct due diligence, record and verify the identity of their clients (KYC). Financial institutions in particular, are required to monitor customers' transactions and report on anything suspicious (CDD). This could be larger than usual transactions, cross border transactions or large cash sums.

Reporting Suspicious Transactions or Activities

Hold up, just in case, what do I do if I suspect a client or have seen a transaction that is suspicious,  laundering money or financing terrorism?

Most countries have mechanisms for you to lodge a SAR which stands for Suspicious Activity Report or STR Suspicious Transaction Report. You can file these types of reports to:

What does KYC mean?

KYC stands for Know Your Customer or Know Your Client and refers to the process of verifying your customer is who they say they are, and establishing what their requirements are as a client.   

It’s an ethical requirement in the financial and securities industry and ensures that companies and practitioners act in the best interest of the client by establishing their needs.  A basic profile of their knowledge of investment,their risk tolerance, and just where they are financially is the goal of the process.

If you’ve conducting KYC for financial purposes you would gather data like:  

  • Investment experience
  • Timeline for investment
  • Tax status
  • Risk Tolerance
  • Other investments
  • Liabilities
  • Dependents
  • Liquidity needs

If you’re conducting a basic level of KYC, at a personal level you would also need basic identification, contact and demographic data:

    • Date of birth
    • Employment status
    • Tax number
    • Annual income
    • Net worth
    • Address

If you’re conducting basic KYC in a business to business environment have a look at this KYC checklist from. It could be and easy way for you to implement the process.

What is eKYC?

eKYC stands for Electronic Know Your Customer and refers to conducting the KYC process online, using software or platforms that enable the collection of data, forms and supporting documents.


Did you know?

FileInvite can be used to automate your document collection process.We have a KYC form template in-app, or you can create your own.


What is a PEP?

PEPs stands for Politically Exposed People. PEPs are treated differently from a data and privacy perspective. There are three categories of PEPs.


Individuals who hold a function or a prominent public position in a government body domestically.


Think a President, Prime Minister or Parliament. 


Individuals who hold a function or a prominent public position in a government body of a foreign country.  


Think Jacinda Ardern or Justin Trudeau.

International organisation

Are individuals who hold a prominent public position or function in an international organisation.


Think Musk, Yvon Chournard or  Christine Lagarde.

Customer Due Diligence Software

The FileInvite platform provides an intuitive secure client portal to your clients. Take a trial and see how you can seamlessly collect forms, data and conduct due diligence around your customers and suppliers.  

  • Have customers sign and complete declarations using our e-signature platform.
  • Use our handy KYC templates and forms to establish identity and store supporting files that address your obligations around Knowing Your Client.
  • Store all this information securely for re-purposing via API.

Get the ultimate guide to growing your Mortgage business

Get our free ebook on how you can level up your Mortgage Brokering business with our Mortgage Broker Business Plan


Save hours each week with easy-to-use automation

When deadlines loom, there are better things to be doing than chasing clients for information.


Stop chasing clients for documents

Gone are the days of requesting documents from clients via email. Our customers have experienced an average 34% decrease in document return turnaround, and we've collected over 7,000 5-star reviews in the process.



Impress your clients and your colleagues

Request all the files you need from your clients in one system. Your clients are then guided through an intuitive portal experience and followed up with friendly reminders as your due date approaches.



Make contracts a breeze

With FileInvite's legally-binding eSignature technology, you can easily request single or multiple-party signatures on contracts, agreements, and applications. FileInvite was named a 2021 emerging favorite in Gartner's Capterra Digital Signature category.



Automate your information requests

Automatically create digital versions of your paper forms using templates. Your clients complete them online through their dedicated client portal.



Integrates with your existing tools

Sync returned files with Google Drive, Dropbox, OneDrive, Box & more. And use API or Zapier to send returned form data to your desired destinations.



Get visibility across your workflow

Request, review, approve and manage documents in one dashboard. Staff can do this at an individual level, and managers can have a team view.



Delight your clients with the FileInvite experience