Security should be the first and foremost priority of financial institutions and banks. You wouldn’t want to provide access to financial systems to fraudsters of any kind? It makes sense for banks and financial services institutions to vet their customers and potential customers thoroughly. Verifying customers before giving them access to financial services is crucial. This is needed to prevent money laundering, embezzlement, account takeover fraud, and all types of fraud. And this is why customer due diligence is an important part of onboarding new customers.
In this guide, we’ll walk you through what is customer due diligence and what it means for banks and other financial institutions.
What Is Customer Due Diligence?
Customer Due Diligence (CDD) is the process of identifying your customers and checking if they are who they claim to be. Organizations need to properly risk-assess customers and give them a risk profile before onboarding them. To achieve CDD, businesses need to obtain a customer’s details and cross-reference them with those of an official document that confirms their identity.
CDD is a regulatory requirement for banks, financial institutions, and other businesses starting a relationship with a new customer. The purpose of this is to prevent financial crime and prevent potential crimes that can happen by doing business with highly risky customers.
In the customer due diligence, FIs have to analyze customer information from several sources, including the customer sanction lists as well as public and private data sources. The amount of information you collect depends on the risk profile of your customers. Basic customer due diligence requires the following:
- Information about the identity of your customers, including their name, address, and a photograph of an official ID document.
- An overview of your customer’s activities and the markets they do business in
- Basic understanding of other entities that your customers do business with
Customer Due Diligence is at the foundation of Anti-Money Laundering (AML) and Know Your Customer (KYC) compliance. CDD is aimed to help financial institutions verify their customers, confirm they’re not on any sanctioned lists, and assess the risk factors.
Customer Due Diligence Practice for Banks
Financial institutions have to build and follow a risk-based strategy to comply with customer due diligence as part of KYC and other regulations. This helps in making sure that the organizations remain compliant with basic regulatory laws and regulations of the markets that they operate in.
The level of CDD in banking depends on the type of business-customer relationship and the customer’s risk profile. In a broader sense, banks need to take the necessary steps to make sure that a customer is who they claim to be. This can help in preventing fraudulent activities such as identity fraud or impersonation.
What does a Customer Due Diligence Process Look Like?
An effective customer due diligence process includes collecting a series of detailed customer information before initiating a customer-business relationship. But that’s not all, a customer due diligence process is operational long after the customer is part of a business. Here are the requirements for a robust customer due diligence process.
- Customer Information: To make sure that customers are who they claim to be, businesses need to collect customers’ basic information. This basic information is the full name, photo identification, address, phone number, email address, occupation, tax identification, and more.
- Business Information: CDD processes should have additional information regarding a customer’s business model, source of funds, and UBO.
- Customer Risk Profile: Another crucial part of customer due diligence is building a risk profile for every customer. This risk profile is made by collecting information such as location, business type, and customer identity. Based on this information, a risk profile is built (low, medium, high), which is to show the level of money laundering risk they pose. A customer’s risk profile determines how much due diligence is needed for a customer. High-risk customers need more detailed diligence compared to low and medium-risk customers.
- Continuous Monitoring: The customer due diligence process doesn’t stop after customer onboarding by a bank/financial services industry. An ideal CDD measure should include some kind of ongoing monitoring system and keep an eye on high-risk clients, suspicious transactions, sudden changes to customer profiles, and so on.
Your customer due diligence process should answer all the fundamental questions:
- Is the applicant the person claiming online?
- Does the risk profile of the applicant raise any red flags?
Low-risk customers can be fast-tracked through the approval process. All because of the online customer verification software and online bank account verification software. Because of the automation, customer verification has become 40% more streamlined. This means that the customer onboarding process for low-risk customers should be cut down to under 2 hours.
However, the decision time for higher-risk individuals may still take longer. Most of the time it takes around 48-72 hours to onboard high-risk customers. Assuming that 90% of the customers will be low to medium-risk customers, the cost and efficiency gains of automated ID verification and AML screening can reduce the costs dramatically and improve user experience.
Streamlining Customer Due Diligence Process
Complying with KYC and AML requirements has made the account opening process complex and time-consuming for most businesses. Different banks take different amounts of time for onboarding new customers. But, on average a bank takes 24 days to complete the customer onboarding process. And with a growing number of regulations, it’s only going to get worse.
Moreover, increased onboarding time and friction will cause higher abandonment rates by customers. These costs can exceed the costs of any type of fraud considering the lifetime value of lost customers.
This is why it’s high time businesses need to streamline the CDD process to save money and get new customers.
1. Identity Verification
While there are a series of other ID verification methods, more and more businesses are now relying on automated identity verification to smooth out the onboarding process. Automated ID verification relies on AI, machine learning, and biometric verification to authenticate identity documents. In some cases, banks may even ask customers to perform a liveness check to ensure that the applicant is physically present instead of customers using a pre-recorded video.
2. Ongoing Monitoring & Screening
Not just ID verification, AI and machine learning software can easily provide financial institutions with a more effective transaction monitoring system. This reduces the risk of false positives for suspicious activity.
Same as building risk profiles, individual transactions can also be scored and combined with advanced algorithms that track expected vs actual transaction behavior and update customer risk ratings in real-time.
Better ID verification, AML screening, and transaction monitoring solutions are enabling financial institutions to keep up with the changes made by regulatory bodies. These technological solutions can help financial services institutions to spot patterns and suspicious transactions by monitoring current transaction data and comparing them with historical transaction data.
Importance of CDD
When you consider the amount of harm fraudulent activities can do, it makes sense the amount financial institutions spend on complying with KYC and AML compliance. These countermeasures are designed to prevent money laundering and other financial frauds.
Here are the main reasons why banks need to take CDD seriously:
- Big compliance fines: The enforcement of AML regulations is on the rise, since 2009, regulators have levied over $32 billion in AML non-compliance fines. In 2020 itself, FinCEN fined banks in the United States for over $11.11 billion.
- Sophisticated Cyber Crimes: Criminal are using more sophisticated methods to remain undetected, including globally coordinated tech, insider information, the dark web, and e-commerce.
- Reputational Risk: AML non-compliance puts financial institutions’ reputations on the line. The average value of the top 10 banks is $45 billion.
- Rising Costs: Most AML compliance activities require a huge manual effort, making them inefficient and difficult to scale.
Enlightened Approach to CDD
A growing number of banks and FinTechs are discovering how to automate their CDD process and if needed the enhanced due diligence process. By using the latest tools and technologies such as online document verification and online KYC verification software, businesses can improve the customer due diligence process.
When is CDD Necessary in Banking?
- Starting a Business Relationship: Before starting a new customer-business relationship, banks have to perform due diligence checks, verify who the customers and ensure if they aren’t using a fake identity.
- Occasional Transactions: Certain transactions may require you to follow CDD strategies. For example, transactions over a certain monetary amount (over USD 10,000) or if the customer is transacting with high-risk persons or regions.
- Suspicious Activity: Banks have to implement CDD checks if the customers have a suspicious history and a shady activity related to money laundering or financing terrorism.
Unreliable Identification: If the information offered by your customer is unreliable, suspicious, or doesn’t meet requirements, banks should implement additional CDD measures.
Reducing Customer Due Diligence Time: How to Go From Weeks to Minutes?
The regulations made for saving customers and businesses from fraud are diverse and institutions have to keep pace with developing strategies to remain compliant. As such, creating a smooth onboarding process that is robust and efficient isn’t a mean feat. The biggest challenge in staying compliant is for businesses to keep evolving requirements while reducing friction and delays. A process full of friction and delays lead to increased poor customer frustration and drop-offs.
When onboarding new customers, financial institutions need to know who they are dealing with before getting into a full-fledged business relationship. To verify customer identities, due diligence is important.
Customer due diligence is an important part of your businesses’ risk management. Different customers have different levels of risks, so CDD is conducted based on risk level. You should assess the potential risk level of each customer, and adjust your due diligence strategy. For the majority of clientele, standard due diligence practices that just require the authentication of customer identities will suffice.
In certain lower-risk scenarios, simplified due diligence is enough. When carrying out simplified due diligence, you just need to identify your customers instead of identifying and verifying them.
On other hand, there might be instances where standard due diligence isn’t enough, in this case, you’d need to adopt an enhanced due diligence process.
Let’s break down 3 different levels of customer due diligence:
- Simplified Due Diligence (SDD): Simplified Due Diligence is used in situations where the risk of money laundering or terrorist funding is minimal and CDD isn’t important. SDD happens in accounts that have low transactional value, the risk of illegal activities is minimal at best.
- Customer Due Diligence (CDD): This type of diligence happens when information is obtained on customers to verify their identity and assess the risk profile of customers. These types of diligence checks are done on customers when opening a financial account in some form.
- Enhanced Due Diligence (EDD): EDD is done for customers to assess the identities of high-risk customers and monitor their transactional history to mitigate the chances of future risks. Most jurisdictions need politically exposed people lists (PEPs) to go through the EDD process. Other factors that require EDD for a customer are high transaction/value accounts, or accounts that deal with high-risk countries, or accounts that deal with high-risk activities.
Due diligence is vital for mitigating fraud, not only to comply with regulations and avoid hefty fines, but it is also a smart business strategy. Not knowing your customer identity is a risk factor for most businesses.
International standards require a risk-based approach to be added to the customer due diligence. Companies have to assess the money laundering risks each customer poses and adjust their due diligence checks.
Customer Due Diligence Checklist
1. Conduct Basic Customer Due Diligence
The first step is to conduct a simple investigation, such as identifying and verifying a customer’s identity. Businesses are needed to verify the identity of the customers they’re dealing with. These requirements apply to all new customers as part of Know Your Customer regulations.
There are multiple methods businesses can verify customer identities. The first step is online document verification, which involves assessing the legitimacy of a customer’s identity document.
In addition to online ID verification, businesses should also look forward to verifying customers’ financial information and their business activities.
2. Take Help from Third Parties
Most of the time, businesses will opt to work with third-party solution providers while conducting customer due diligence. Third-party solution providers can be auditors and providers of CDD solutions such as online document verification. Businesses need to make sure that any third parties they work with are reliable and are trusted enough to share confidential data.
3. Figure Out if EDD is Needed
If the customer is considered as high risk, the businesses may need to go beyond ordinary customer due diligence. Enhanced due diligence is necessary if you’re entering into a business relationship with a politically exposed person (PEP), and if the transaction involves a person from a high-risk country.
4. Keep a Thorough Record
A bank/financial institution is forced by law to keep a record of all the financial transactions for at least 5 years. This includes any information collected through CDD measures, account files, and any related analysis.
Businesses also have to securely document and store all the information, as this information contains sensitive information, it would be challenging if the information was lost.
5. Keep Up-to-Date Records
It’s vital for businesses to keep records of their customers. If any changes happen regarding your customers, you’ll need to redo their risk assessment and carry out further due diligence if it’s required.
Speeding Up the Process
Regulated businesses have to apply risk-based customer due diligence measures to prevent their businesses from getting threatened by money laundering or terrorist financiers. To avoid these financial frauds, KYC & AML checks have to be completed. With proper due diligence checks, businesses can reduce the financial, reputational, regulatory, and strategic risks from other entities.
Traditionally, businesses perform due diligence checks using manual paper-based processes. Manual work requires a human, and it takes up a lot of time, the process is full of errors and offers no visibility to the customers. The manual process usually is frustrating, and time-consuming. That’s why integrating new technologies into the CDD process is always a good idea.
How does DIRO Help?
DIRO’s online document verification software offers instantaneous document verification that can easily strengthen the KYC & AML process. DIRO offers stronger proof of authentication with verifiable credentials. With DIRO being able to verify over 7000 document types from all over the globe, it can strengthen the AML and KYC verification process.