Customer Due Diligence: What is CDD, AML, CFT & KYC?
Guide to understanding and implementing AML and Customer Due Diligence (CDD) legislation in finance, investment and property. Covers acronyms, software, workflows and templates.
Find out about due diligence software, creating workflows and building templates to get to know your customer.
But to start with we need an understanding of all the main elements of AML/CFT legislation. Let’s get to know the regulations implemented to try and stop criminals disguising their ill gotten gains?
The legislation is focused predominantly on banks, casinos, financial institutions, advisers, brokers, and some trust and company service providers.
Read on, as we give a quick break down the elements and associated acronyms.
Video from ed.ted.com.
What is AML?
AML stands for Anti Money Laundering and refers to a set of regulations, laws, and practices that are intended to help prevent criminals laundering their illegally acquired money. It aims to prevent them from conducting a transaction that will make their criminally gained money appear to have come from a legitimate, legal business.
The Impact of AML


Reporting Suspicious Transactions or Activities
Hold up, just in case, what do I do if I suspect a client or have seen a transaction that is suspicious, laundering money or financing terrorism?
- Australia - AUSTRAC as a suspicious matter report SMR
- Canada - F2R - Financial Transactions and Reports Analysis Centre
- New Zealand - FIU - Financial Intelligence Unit
- United Kingdom - NCA - National Crime Agency
- United States - FCEN - Financial Crimes Enforcement Network
What is KYC?
KYC stands for Know Your Customer or Know Your Client and refers to the process of verifying your customer is who they say they are, and establishing what their requirements are as a client.
It’s an ethical requirement in the financial and securities industry and ensures that companies and practitioners act in the best interest of the client by establishing their needs. A basic profile of their knowledge of investment,their risk tolerance, and just where they are financially is the goal of the process.
If you’ve conducting KYC for financial purposes you would gather data like:
- Investment experience
- Timeline for investment
- Tax status
- Risk Tolerance
- Other investments
- Liabilities
- Dependents
- Liquidity needs
If you’re conducting a basic level of KYC, at a personal level you would also need basic identification, contact and demographic data:
- Date of birth
- Employment status
- Tax number
- Annual income
- Net worth
- Address
If you’re conducting basic KYC in a business to business environment have a look at this KYC checklist from. It could be and easy way for you to implement the process.
What is eKYC?
eKYC stands for Electronic Know Your Customer and refers to conducting the KYC process online, using software or platforms that enable the collection of data, forms and supporting documents.
Did you know?
FileInvite can be used to request information from clients, who will return documents back to you automatically. No more chasing clients for documents! We have a KYC form template in-app, or you can create your own.
What is CDD?
CDD stands for Customer Due Diligence and refers to the process of conducting a due diligence review of your customers.
CDD comes in three levels
- Standard CDD – used for most situations where CDD is required.
Think of your standard customer - Simplified CDD – for use with specific customers that are considered low risk.
Think of the Police, Navy, Government bodies and registered financial institutions. - Enhanced CDD, ECDD or EDD – which is used when there are factors creating a higher level of ML/TF risk. Your obligations to track more activities increase.
Think of international property and money transfer
Third Party Providers
Most companies use a third party provider to conduct Enhanced Customer Due Diligence during on-boarding. They help with independent research and validation of identity and Ultimate Beneficial Ownership. They can also provide platforms for the monitoring of transactions.
ECCD thresholds on monitoring and classifying of transactions vary by industry and country but cover: large cash transactions, cross border transactions and changes in payment sources.
Companies like Accuity provide access to global data and databases that can validate identity and ultimate beneficial ownership of financial institutions through their Bankers Almanac API .
What or who is an UBO or Ultimate Beneficial Owner?

A UBO or ultimate beneficial owner of a customer is defined as an individual (a natural person or persons) who ultimately owns or controls (directly or indirectly) the customer.
For example ABC Company may be your customer, but who benefits from the activities of ABC Company? Is owned by Albert, or a trust that Albert has formed for his mother, or is it a shell for criminal activity?
Ownership for the purposes of determining ultimate beneficial ownership means owning 25 per cent or more of the customer. So if Albert has more than a 25% ownership stake in ABC Company, you’ll need to conduct CDD and have him complete your KYC process.

For each and every beneficial owner with a 25% or larger controlling stake in the company, you’ll need to conduct KYC/CDD.
The definition of 'control' includes whether the control is exerted by means of trusts, agreements, arrangements, understandings or practices and whether or not the individual has control based on legal or equitable rights. It includes where an individual can exercise control through making decisions about financial and operating policies.
To start collecting details and data from your clients, use our beneficial ownership form.
What is a PEP?
PEPs stands for Politically Exposed People. PEPs are treated differently from a data and privacy perspective. There are three categories of PEPs.
Domestic
Individuals who hold a function or a prominent public position in a government body domestically.
Think a President, Prime Minister or Parliament.
Foreign
Individuals who hold a function or a prominent public position in a government body of a foreign country.
Think Jacinda Ardern or Justin Trudeau.
International organisation
Are individuals who hold a prominent public position or function in an international organisation.
Think Musk, Yvon Chournard or Christine Lagarde.
Due Diligence Software
The FileInvite platform provides an intuitive secure client portal to your clients. Take a trial and see how you can seamlessly collect forms, data and conduct due diligence around your customers and suppliers.
- Have customers sign and complete declarations using our e-signature platform.
- Use our handy KYC templates and forms to establish identity and store supporting files that address your obligations around Knowing Your Client.
- Store all this information securely for re-purposing via API.
Further reading and links
Australian Legislation - You can find more information about AML and CFT legislation in Australia, here.
Canadian Legislation - You can find the full Proceeds of Crime (Money Laundering) and Terrorist Financing Act in Canada, here.
New Zealand Legislation - You can find more information about AML and CFT legislation in New Zealand, here.
Get the ultimate guide to growing your Mortgage business
Get our free ebook on how you can level up your Mortgage Brokering business with our Mortgage Broker Business Plan
Save hours each week with easy-to-use automation
When deadlines loom, there are better things to be doing than chasing clients for information.
Stop chasing clients for documents
Gone are the days of requesting documents from clients via email. Our customers have experienced an average 34% decrease in document return turnaround, and we've collected over 7,000 5-star reviews in the process.
LEARN MORE
Impress your clients and your colleagues
Request all the files you need from your clients in one system. Your clients are then guided through an intuitive portal experience and followed up with friendly reminders as your due date approaches.
LEARN MORE
Make contracts a breeze
With FileInvite's legally-binding eSignature technology, you can easily request single or multiple-party signatures on contracts, agreements, and applications. FileInvite was named a 2021 emerging favorite in Gartner's Capterra Digital Signature category.
LEARN MORE
Automate your information requests
Automatically create digital versions of your paper forms using templates. Your clients complete them online through their dedicated client portal.
LEARN MORE
Integrates with your existing tools
Sync returned files with Google Drive, Dropbox, OneDrive, Box & more. And use API or Zapier to send returned form data to your desired destinations.
LEARN MORE
Get visibility across your workflow
Request, review, approve and manage documents in one dashboard. Staff can do this at an individual level, and managers can have a team view.
LEARN MORE