What is Customer Due Diligence and what controls should you focus on?

Ultimate guide to Customer due Diligence

Customer due diligence (CDD) is a key element in helping your firm:

  • Understand clients and their business

  • Identify and Verify that their clients are who they say they are

  • Identify the Money Laundering (ML) and Terrorism Finance (TF) risks inherent to dealing with the client

  • Adequately monitor the client

  • Keep in line with both local and international regulations

  • Identify and subsequently monitor Politically Exposed Persons

Primary & Secondary Documents

These documents help to verify the identity of customers either through documentary or non-documentary methods.

Primary Documents

  • Driver’s Licence with photo

  • Passport

  • Articles of Incorporation

  • Trust Deed

Secondary Documents

  • Utility bill

  • Valid credit card

Identification & Verification


Obtaining the personal details and other relevant information in relation to that person:

  • Official Full Name;

  • Place and Date of Birth;

  • Permanent Residential Address;

  • Identity Reference Number;

  • Nationality


Verification takes place by reference to documents obtained through reliable and independent sources including government authorities (departments or agencies) or a regulated utility company.

Documentation Verification


  • Valid (unexpired) passport;

  • Valid (unexpired) government-issued ID card;

  • Valid (unexpired driving license


  • Recent statement from a recognised credit institution;

  • Recent utility bill;

  • Correspondence from a central or local government authority;

Purpose of Business

An essential part of KYC is to understand the scope of the customer relationship, their goals, and intentions. This serves several uses from a business perspective such as identifying the correct products and services that can be used. However, for the purpose of AML & Terrorist Financing, this information will also help to indicate risks and or suspicious behaviour.

Questions you should ask

  • Does the customer make sense from a commercial angle?

  • Is the customer trying to pay in cash?

Establishing the above will also enable the client to make comparisons with other similar peer businesses and hence be useful in determining whether there is any suspicious behaviour.

Source of Funds

The Source of Funds refers to the activity, event, business, occupation or employment from which the funds used in a particular transaction are generated. This is sometimes seen as the ongoing cash flow the customer generates from the course of trading.

You should not be satisfied with a generic description when questioning the customer about the origin of the funds being used.

Source of Wealth

The Source of Wealth refers to the economic activity which generates the total net worth of the customer. This is sometimes also seen as the initial capital injection into the company. It is hence extremely important to understand how and from where the money and assets were generated. The Source of Wealth is normally identified at the beginning of a relationship and is then updated on an ongoing basis when material developments arise in the course of the business relationship.

Expected Transactions

In order to adequately measure and assess the expected business activity of the client, the KYC should seek to establish several important factors related to transactions. These are:

  • Volume: How many transactions are expected from the client?

  • Value: What is the average or expected range of values for the transactions to consist of?

  • Interface: Will the transactions be mostly cash, online transfer, SEPA Payment, cheque or any other interface?

Jurisdiction: Will transactions be made locally, internationally, or both?

Key risks before KYC sign-off

You must assess the risks inherent to their customer through the ‘Risk-Based Approach’ (RBA).

  • Examples of risks can be as follows:

Customer: PEP, Sanctioned, Core Business, needless complexity of ownership etc; Product/Service: Anonymity (ex trust), Money Transfer, International correspondent banking services

Interface: Online, Agents and or brokers

Geographical: Sanctioned, HRJs, Non-Cooperative, Non-reputable

  • All Client Due Diligence (CDD) documents should have approval from a senior manager/ director associated with Financial Crime

  • A KYC form that is NOT signed off with appropriate approval should be considered as incomplete

CDD Key takeaways

You must identify customers and, where applicable, their beneficial owners, and then verify their identities. You must also understand the purpose and intended nature of the customer’s relationship with you

  • In situations where the money-laundering risk associated with the business relationship is increased, for example, where the customer is a PEP, you must carry out additional, enhanced due diligence (EDD)

  • Where you cannot apply customer due diligence measures, including where you cannot be satisfied that it knows who the beneficial owner is, your firm must not enter into, or continue, the business relationship