The simplified, regular and enhanced CDD/KYC levels. Customer Due Diligence is the process of identifying your customers and checking that they are who they say they are. In practice, this means obtaining a customer’s name, photograph on an official document that confirms their identity and residential address, and date of birth.
The Simplified, Regular And Enhanced CDD/KYC levels
There are three levels of customer due diligence: standard simplified and enhanced. The level of customer due diligence that needs to be applied is derived from a customer’s risk score, which should be calculated when onboarding a customer and during the ongoing due diligence process.
Regular Customer Due Diligence (CDD)
In most cases, standard due diligence is the level of due diligence that will be used. These are generally situations where there is a potential risk, but it is unlikely that these risks will be realized.
Standard due diligence requires you to identify your customer as well as verify their identity. Besides, there is a requirement to gather information to understand the nature of the business relationship. This due diligence should provide you with confidence that you know who your customer is and that your service or product is not being used as a tool to launder money or any other criminal activity.
As with simplified due diligence, there is a requirement to monitor your client and the relationship; this will highlight any potential trigger events that may result in further due diligence being required.
Simplified Customer Due Diligence (SDD)
Simplified Customer Due Diligence, or SDD, is the lowest due diligence that can be completed on a customer. This is appropriate for little opportunity or risk of your services or customer becoming involved in money laundering or terrorist financing.
Where you are satisfied that a customer, product, and services fall into simplified due diligence criteria, your only requirement is to identify your customer. When completing simplified due diligence, there is no requirement to verify your customer’s identity as you would with a standard or enhanced due diligence approach. The business relationship should be continually monitored for trigger events, creating a requirement for further due diligence in the future.
Several factors can help determine if a situation is a low-risk situation, such as the service or product being provided or the type of customer you engage with. Often, customers required to disclose information regarding their ownership structure and business activities or companies subject to the Money Laundering Regulations are a lower risk.
For example, suppose your customer is a public authority or listed on a regulated market. In that case, they may be perceived as lower risk as they must disclose information.
Suppose at any point during the relationship with your customer, additional intelligence becomes available, which suggests that the customer or product may pose a higher risk than originally thought. In that case, a more enhanced level of due diligence should be conducted.
Enhanced Due Diligence (EDD)
Beyond basic customer due diligence or CDD, it’s important that you carry out the correct processes to ascertain whether enhanced due diligence or EDD is necessary. Enhanced due diligence is a level of customer due diligence that provides greater scrutiny of potential business partnerships and highlights the risk that regular customers cannot detect due diligence measures.
This can be an ongoing process, as existing customers have the potential to transition into higher-risk categories over time. In that context, conducting periodic due diligence assessments on existing customers can be beneficial.
A major problem during EDD is understanding how much information about a customer is necessary. The solution to this problem can be a factor-based risk rating approach. Factors one must consider to determine whether EDD is required include but are not limited to the location of the person, the occupation of the person, the type of transactions a person conducts, the expected pattern of activity in terms of transaction types, value, and frequency, and the expected methods of payment.
Ensuring The Utmost Security Of Remote Verification
Fraudsters will occasionally provide real documents and even selfies obtained on the darknet. Because no document manipulation has occurred, even the most reliable verification systems will not detect anything suspicious in this case. Businesses can use an additional facial biometric check called liveness to prevent criminals from onboarding customers remotely. This check ensures that the true holder of the documents is verified.
Final Thoughts
In today’s business and regulatory climate, a company should be concerned with more than just profits; it should also try to understand who it does business with. This includes identifying and verifying customers’ identities, as well as adhering to KYC guidelines. When a financial institution enters into a new business partnership with individuals or organizations without fully understanding their previous and current business dealings, they may be subject to costly lawsuits and regulatory fines.