In this post, we’ll define CDD, provide an overview of how it applies, explain why it’s important, and offer some ways we can help you perform it.
CDD involves conducting background checks, and screening potential and existing customers to ensure they’re correctly risk-assessed and not involved in money laundering, sanctions, terrorism or money muling. Minimum CDD includes checking customers against prohibited lists (PEPs and sanctions), as well as capturing and verifying:
Whereas ‘know your customer’ (KYC) checks focus on screening potential customers before establishing business relationships, CDD also covers ongoing monitoring of suspicious activities.
In that case, enhanced due diligence (EDD) may be required. If the risk is acceptable and a business relationship begins, it’s prudent to monitor that account for suspicious activity.
The primary purpose of CDD is to help businesses establish their customers are not involved in illegal activity and are who they say they are. CDD aims to prevent organised financial crime, including money laundering and terrorist funding, and associated crime like money muling and drug cartels.
Traditionally, CDD only covered financial services, but regulators widened the scope to other regulated sectors and, more recently, unregulated sectors, such as cryptocurrencies and art. Here are some sectors in which CDD must be conducted on business relationships:
The Financial Conduct Authority (FCA) monitors and enforces CDD compliance in the UK. Sectors within and outside of financial services will also have advisory or regulatory bodies; in fact, there are over 100,000 businesses subject to money laundering regulations. Some examples of these regulators include: The Office for Professional Body Anti-Money Laundering Supervision (OPBAS); HRMC; The Solicitors Regulation Authority; UK Gambling Commission; and the Association of Chartered Certified Accountants, which issues requirements businesses must follow and guidance to align closely with the principles of CDD and prevention of financial crime.
Aside from the moral and ethical case for fighting organised financial crime and terrorism by performing CDD, there’s also potential for significant financial impact from fines, imprisonment and reputational damage if guidelines are not followed correctly.
Each business is responsible for its own compliance with CDD. However, the FCA and other regulatory bodies, such as the Gambling Commission, require firms to take a risk-based approach to CDD and AML.
Once a customer’s details have been captured for CDD, a business must decide whether to engage with them based on the information presented. Businesses can use a risk scoring or rating system, such as ‘low risk’ or ‘high risk,’ or a score to help them determine the level of risk the customer poses and which action to take. Possible actions include decline, pass or investigate further. For example, an instance where a PEP is identified would trigger the need for EDD checks. It’s worth noting there’s no specific way businesses must implement a risk-based approach.
The FCA notes businesses using a risk-based approach should not only rely on their own experiences and observations, but also take a proactive approach in seeking out information about money-laundering trends and threats from external sources. This helps businesses ‘effectively review and revise their use of AML tools to fit the specific risks they face.’
At TransUnion, we aim to enable businesses and consumers to transact with confidence. We can help you establish trust and develop a risk-based approach to CDD through our TruValidate Identity Proofing, PEPs and sanctions and Document Verification services, as well as by offering expertise and guidance through our Consultancy Services.
Improved operational efficiency: Automating the majority of initial CDD checks to pinpoint those that are high risk and need further investigation saves you time, resources, operational costs and risk of human error — allowing your teams to focus efforts on more value-added areas.
Better conversion rates with faster onboarding: Reducing processing time from hours to near real-time for low-risk customers helps you meet their expectations and engage them before your competitors.
Proactive decisioning and alerts: Automating your risk scoring means fewer decisions for your team to consider, while proactive fraud alerts enable you to investigate concerns as soon as they appear, reducing the likelihood of the fraud going undetected.
CDD consists of performing background checks, and screening potential and existing customers to ensure they’re not involved in illegal activity. At a minimum, CDD checks include verifying a customer’s name, address, date of birth and photo ID and screening them to ensure they’re not on prohibited lists. The FCA enforces and requires a risk-based approach to CDD. Other regulatory bodies, such as the UK Gaming Commission, issue additional guidance and requirements. Some non-regulated sectors have also adopted CDD processes.
The key steps to performing CDD are verifying, screening and risk assessing customers. Automating your CDD checks can help improve your operational efficiency through cost and resource savings, and potentially increase onboarding rates by minimising application processing time, thereby improving the customer’s experience. TransUnion has deep expertise in identity and fraud prevention and can support you with CDD regulatory requirements.
Contact your TransUnion representative directly, complete the form below to learn more about the TruValidate suite of solutions, or book a consultation to discover how you can turn CDD into a business enabler.
Follow the links for further reading and insights.
The Challenge of Identity Validation and Authentication Amidst Economic Uncertainty, TransUnion, June. 2020
Optimising the Onboarding Flow: Biometrics, TransUnion, Sept. 2021
Friction-Right Customer Journeys: How to Optimise CX Whilst Fighting Fraud
For more details on CDD, visit HMRC site contact HMRC.