When done correctly CDD allows businesses to identify high-risk individuals preemptively, adapting the business relationship and cutting it short if required. Not only does this help protect the business from AML penalties, but it also contributes to the overall integrity of the global financial system.
The constantly changing nature of customer due diligence makes it tough for businesses to stay compliant. CDD is no longer the simple matter first outlined in the Securities Act of 1933, but has become a multi-faceted compliance maze, which is increasingly difficult to traverse.
At KYC-Chain, we’re using our blog to help educate business owners and provide sophisticated compliance software to automate much of the customer due diligence process.
Understanding the importance of risk
Before we dive into the various forms of customer due diligence, it is vital to understand the importance of risk-assessments. You can find and download a free example AML risk-assessment here. It’s an excel file with a risk-scoring system and many relevant risk scenarios, both dealing with customers and staff.
Completing an internal AML risk-assessment of your business is the first step in your customer due diligence journey. It is crucial that you understand how high the risk of money laundering and terrorism financing is on your platform.
Finally, it is crucial to maintain a time stamped record of risk-assessments. This ensures that Auditors and regulators can understand your decision making process and provides some protection against a future penalty — should one of your customers be involved in illicit activity.
What is simplified due diligence?
Particularly low-risk individuals and business clients can typically be evaluated using simplified due diligence. This is only appropriate when there is a particularly low likelihood of the relationship being exploited to launder money or finance terrorism.
Using the risk-framework provided above as a basis, you can set up rules which allow you to evaluate customers in a rigorous and methodical manner.
Particularly low-risk individuals will typically exhibit the following characteristics:
- Very low cumulative transaction amounts within the calendar year
- Resident in a country with a strong regulatory framework to fight money laundering and terrorism financing (typically member countries of the FATF)
- Willingness to provide Know Your Customer information during the sign up process
- Provide strong identification documents
- Able to easily prove the origin of funds
- Clearly identifies as the Ultimate Beneficial Owner
Of course these are just examples, and you should complete your own AML risk-assessment in order to fully understand when simplified due diligence is sufficient.
Additionally, it is vital that you closely monitor the relationship in order to identify important changes. If for example, the customer performs a suspicious transaction or moves to a high-risk country, you will need to reassess the risk-profile and apply standard or enhanced due diligence if needed.
What is standard due diligence?
The majority of your customers will typically require a standard due diligence procedure. This is applied when there is a very low possibility of money laundering or terrorism financing occuring as a result of the business relationship.
Around the world standard due diligence practice usually requires businesses to identify their customers as well to verify their identity. Additionally, you are compelled to understand the nature of the business relationship, including the identity of the Ultimate Beneficial Owner.
It should be clear why the customer is paying for the service and the business should feel confident that the transaction is not in any way associated with money laundering or terrorism financing.
Sanction screenings should be applied to ensure that the customer is not listed on watchlists issued by bodies like the European Union or Interpol. You can find a more detailed description of AML sanction screenings here.
Just like cases requiring simplified due diligence, it is vital that you closely monitor your customers and reassess their risk profile should their circumstances change. Suspiciously large transaction amounts as well relocation to a high-risk country are immediate red flags for example.
Enhanced due diligence
Enhanced due diligence is reserved for high-risk individuals and politically exposed persons (PEPs). When dealing with customers that may pose a not inconsiderable risk of money laundering or terrorism financing, special measures need to be exercised in order to ensure the legality of the business relationship.
The risk of financial misconduct needs to be mitigated at all times and a good starting point is typically the customers’ country of residence. If listed on a reputable sanctions list, it means that the country’s regulatory framework does not adequately safeguard the financial system from money laundering, terrorism financing and other illecit activity.
Prospective customers living in North Korea for example, should almost always be treated as high-risk individuals. When dealing with high-risk individuals businesses need to collect more information in order to verify the identity of the Ultimate Beneficial Owner and understand the source of funds.
The checks should vary depending on the score the customer receives in your risk-assessment but there cannot be any doubt as to the legitimacy of the business relationship.
What is a Politically Exposed Person (PEPs)? 0
Politically exposed persons (PEPs) should feature prominently in your risk-assessment as they typically require enhanced due diligence. When the EU’s 5th AML Directive comes into effect in 2020, EU-based businesses will have to take extra precautions for both domestic and foreign PEPs.
For businesses located outside of the EU, PEPs whether domestic or foreign should be treated as high-risk individuals. You can learn more about PEPs and what they mean for your day-to-day operation here.
AML Sanction Screenings
Sanctions are levied by regulatory bodies aiming to impede the activities of known fugitives. The European Union’s consolidated sanctions list is a good example of this, detailing hundreds of individuals that should be treated as representing a particularly high level of risk.
We’ve provided a more detailed breakdown here, but for now it’s important to understand that sanction screenings play a vital part in both standard and enhanced customer due diligence.