The pandemic and self-isolation year has changed the state of things in almost all areas of our lives. It forced many financial organizations to look at their business in a new way and even reconsider their priorities. By now, almost all of them have switched to working with clients via the Internet. That is why protection against online fraud has never been so relevant.
In a situation of general instability, customer due diligence plays an especially important role. The term is often used in finance and legal, but it can be applied to other areas as well. It means collecting the personal information of your customers and its analysis, not only to determine their needs but also to find potential threats to your business.
In this article, you will find information about what types of CDD are there, how this procedure is performed, and how you can apply it to your own company.
1. About CDD
Customer due diligence (or CDD for short) is a whole range of activities aimed at investigating a potential client. Although the concept itself appeared in the United States back in the 1920s, its application acquired particular importance in the 21st century.
In simple terms, the task of the CDD is to determine, based on the personal data obtained, whether a person is who they claim to be, how reliable they are, and whether there are any pitfalls in the interaction with them. This process is a part of a comprehensive customer service approach called KYC (Know Your Customer).
Basic personal information is collected for analysis, it includes first and last name, date of birth, residential address, social security/passport number, and sometimes a photo or sample signature. All these will allow you to see a person’s activity, determine the risks for your company, and reveal a client’s participation in illegal transactions. By conducting a competent verification of a person, you help to reduce the level of financial fraud.
2. Organizations That Should Apply CDD
Although terms such as CDD, KYC, and AML are applied to banks, these processes can also be used in non-bank structures. The list of specific organizations and institutions required to apply customer due diligence methods may vary by country and region.
However, it often includes art traders, insurers, companies that provide accountancy, tax-related, telecommunication, bill payment, real estate, virtual currency, and money services. By and large, any organization that is somehow connected with the provision of financial assistance should use CDD and AML measures.
3. CDD Levels
The approach to work with each client should be individual. Accordingly, each verification can be carried out in different ways. Taking all of these actions is not only a statutory requirement but also a reasonable way to protect your business from potential problems. A company carries out an initial risk assessment and, depending on it, adjusts a verification process. At the moment, experts distinguish three main levels of CDD.
As the name implies, such a check is basic and applies to most of a company’s clients. Based on personal data received, a customer and the nature and purpose of a relationship are identified. Determining that the customer is who they claim to be is very important in any business, as ID card fraud is one of the most common types of fraud.
The simplified procedure is used when the risk of a client being involved in money laundering is low or minimal. In this case, you only need to establish their identity; there is no need for verification. Such measures are applied to those who do not make transactions exceeding a certain amount, or companies whose activities are already monitored, and information about which is freely available.
In contrast, an enhanced check is carried out when the illegal transaction rate is high. Clients to whom this procedure should be applied include politically exposed people, persons who might participate in terrorist activities, or high-risk areas. Also, enhanced verification should be carried out against those who open a bank account without a personal presence.
If you have decided to conduct just such a check, you have the right to request additional information from your client. For example, a bank statement or documents confirming the legal receipt of a large amount of money (e.g., the sale of a house or an inheritance). The situation with cash is more complicated. However, the absence of papers confirming their legality does not always mean that they were received dishonestly.
4. CDD Application
Organizations, companies, and institutions that use anti-money laundering measures at the core of their work should always implement CDD when they start working with a potential client. There are many situations when checking is applied in practice:
- Transfers of large sums of money. The maximum amount allowed varies by country. For the United States, for example, it is $10 000.
- Unreliable documents. E.g., a client provided you with papers that made you suspicious because they did not meet your requirements.
- Irregular transactions. Suppose the amount of such a transaction exceeds a certain maximum, or it is carried out by a person located in a high-risk region (for example, sanctioned countries). In that case, it is necessary to conduct due diligence.
- New client. It is perhaps the most common use case for CDD. Any new business relationship involves a customer due diligence and risk assessment for your company.
- The likelihood of money laundering. It is possible through the creation of shell or front companies, charities, trusts, double invoicing, etc. Besides, checks, bonds, and securities can be used for these purposes. If you suspect a client of such activities for terrorism financing or money laundering, you should apply EDD measures.
5. Importance of CDD
The modern world of business relations is going through an era of major changes. Lack of personal contacts, large cash flows, and at the same time, the active use of digital technologies forces companies to intensify monitoring of the activity of potential customers. According to experts, up to $2 trillion is laundered annually. There are several pieces of legislation aimed at preventing the financing of terrorist organizations and money laundering.
And modern business should follow them. A properly and timely CDD will help you avoid problems with the law due to indirect or direct involvement in illegal activities. You will not have to pay heavy fines and participate in legal proceedings. Moreover, if it turns out that your business somehow contributed to financial fraud, it will cause irreparable damage to your reputation, and you will lose customers and investors.
6. CDD Efficiency
When it comes to any illegal activity, prevention is much more useful than direct control. CDD is a set of measures aimed at preventing unlawful activity through risk assessment. A multi-stage verification procedure allows you to catch a scammer or a whole group in the act.
This method has proven to be the most effective, primarily because it is more flexible than others. You can adjust your verification process depending on a particular person’s data, operations, and the region of activity, not only at the moment but also after a while. Moreover, businesses tend to be better equipped than government agencies, allowing them to detect illegal transactions better.
7. Possible CDD Challenges
While CDD is critical to preventing unlawful activities, not all companies actually apply established practices. Unfortunately, there are several reasons for that. And the most important of them is that verification slows down the process of onboarding a client and sometimes hinders the attraction of new ones. To reduce the friction that occurs, organizations are neglecting necessary data validation measures.
Also, the implementation of CDD processes implies expanding your staff and their training, which entails additional expenses. The checks of each client also involve certain financial costs. Considering that not every client will stay with you for a long time, and verification needs to be carried out for every new person, it can significantly hit a small company’s budget.
Moreover, despite the active introduction of modern technologies and automation of most processes, some work can still be done manually. For example, enhanced due diligence for a new customer can take up to 34 weeks. Small organizations do not have enough resources and qualified staff to speed up the verification process. During this period, there is a possibility of missing out on a good deal, so some companies neglect deep checking.
Another complication is the lack of fixed CDD standards. By and large, each company uses its own methodologies and sources. The problem is that the data may be incomplete or out of date, especially if you use third parties to collect information.
To avoid mistakes, you should be sure of the reliability and honesty of your source. It can lead to the fact that you either miss a real fraudster or accuse an innocent client of illegal actions. In the second case, an investigator’s re-check will follow, which will further slow down the onboarding process.
8. After Verification
Of course, even if a verification showed that a client is reliable, it does not mean that they will not participate in suspicious transactions in the future. Also, even if the first few transactions were clear enough, they might be part of a larger scheme.
Keep in mind that the collected information should not only be stored but also regularly updated and analyzed so that you can detect illegal activity on time. Remember that the task of CDD is to bring fishy customers to clean water and protect your company from the risk of being involved in financial fraud.