< Back to Glossary

Customer Due Diligence (CDD)

What is customer due diligence (CDD)?

Customer due diligence (CDD) is a process that banks and financial institutions use to verify the identities of their customers, and by understanding the nature of their business.

It is a part of the know your customer (KYC) process which, as the name suggests, requires companies to know who their customers are. This ranges from basic identification through to their financial behavior and their money laundering and terrorism financing risk level.

Why do banks do customer due diligence?

Banks and financial institutions must do customer due diligence to accurately understand the money laundering risk of the people they work with. This is a mandatory requirement for all Financial Action Task Force (FATF) member states as part of their anti-money laundering/combatting the financing of terrorism (AML/CFT) domestic legislation.

How do banks perform CDD?

Doing effective CDD involves using financial crime software to bring together information on a customer’s identity – their name and address – as well as the area in which they work, and how they will be using their account.

This information is then run through a verification process which analyzes a variety of different forms of identification to ensure customers are being truthful. Qualifying documents generally include a passport, driving license, national identity card, recent utility bill, recent bank statement, and birth certificate. For businesses, this would extend to corporation documents.

Alongside this, financial institutions must understand the nature of the business relationship they will be entering into with the customer. If a third-party or company is acting on behalf of somebody else, the financial institution should also seek to understand ultimate beneficial ownership (UBO). This is the person or entity that benefits from the activity taking place.

When is CDD required?

CDD is required in five key areas.

  • New customer onboarding – Gathering information on new customers is vital in making sure that a financial institution knows the identity of the people or business they are working with.
  • Incorrect documentation – If there are problems with documents that have been used for identification, further CDD checks will be carried out.
  • Transaction monitoring risk flags – If a transaction (or multiple transactions) have met a risk threshold, a CDD check will be carried out. This might be due to abnormally high debits or credits, due to receiving or sending money to a high-risk foreign country, or because of a high-risk person being involved in a transaction.
  • Money laundering/terrorism suspicion – If there is a suspicion of money laundering on the account, often due to the reasons listed above, customer due diligence checks should be initiated.
  • Periodic auditing – although CDD checks are done with new customers, it is prudent for financial institutions to engage in ongoing due diligence to ensure that the risk level hasn’t changed since the previous check.

What is enhanced due diligence (EDD)?

In some cases, enhanced due diligence (EDD) may be required. This is where banks and financial institutions must do more research on a high-risk customer. This may be because they are a politically exposed person (PEP) or because they are the target of economic sanctions. Neither possibility means their custom will be rejected but the institutions must make sure they do not breach their own risk profile.

EDD checks may include asking for more documentation than would ordinarily be required, establishing the source of funds, applying further scrutiny to transactions, and putting further ongoing due diligence checks in place.

What is ongoing due diligence (ODD)?

Ongoing due diligence (also known as ODD or ongoing monitoring) refers to the ongoing analysis of customers so that banks and financial institutions can better understand customer relationships, their transactions, and the nature of their business.

It helps to identify, mitigate, and manage the risk of money laundering or terrorism financing. Alongside this, ongoing due diligence is also used to continually ensure that a customer’s risk profile, business and source of funds is in keeping with the bank’s own risk levels.

Ongoing due diligence is a key part of effective KYC procedures and compliance obligations.

Do all banks and financial institutions do CDD?

All banks and financial institutions within the FATF do customer due diligence checks. They may not carry out the checks themselves, and instead contract a third-party to do so on their behalf. However, regulatory responsibility lies with the financial institution rather than the third-party. As such, they should make sure that the third-party provider meets all FATF criteria.

How long do banks keep CDD documentation?

Rules differ globally but most CDD regulations require financial institutions to maintain records on collected information for at least five years. These records include all personal identification documents and business documents.

As such, financial institutions are quickly able to pull together requests from financial crime authorities if required.

What is the difference between CDD and KYC?

CDD and KYC are similar.

The simplest way to differentiate the two is that know your customer checks are background checks that should be done as part of a bank or financial institution’s risk-based strategy during the initial registration process.

Customer due diligence is an ongoing process that continues after the onboarding.

SymphonyAI offers modern and effective CDD software

Comply with regulations efficiently and effectively with integrated name screening of customers and connected parties, risk scoring, and real-time onboarding. SymphonyAI’s CDD solution provides a single, dynamic view for detecting and managing customer risk, incorporating graphic representations of risk categories and a multi-layered view of complex corporate structures.

Fully customizable and offering fast processing to minimize customer impact, the CDD solution also provides enhanced due diligence and consolidates customer information from disparate systems throughout the customer journey and supports new UBO and existing regulatory directives (e.g. FinCEN CDD final ruling and the 4/5/6th EU AML directives).

Learn more about SymphonyAI CDD software.

Latest Insights

Top 10 AML software for banks in 2025
 
12.20.2024 Blog

Top 10 AML software for banks in 2025

Financial Services Square Icon Svg
Four ways generative AI with Sensa Investigation Hub accelerates financial investigations
 
12.10.2024 Blog

Four ways generative AI accelerates financial investigations

Financial Services Square Icon Svg
Revolutionizing financial crime investigation - the power of agentic AI technology
 
12.10.2024 Blog

Revolutionizing financial crime investigation – the power of agentic AI technology

Financial Services Square Icon Svg