Identity

Customer Due Diligence: The Ultimate Guide

Category
Identity
Written by
Parallel Team
Published on
September 1, 2021

Doing your due diligence is a universal need for almost any transaction.

This is especially true for financial transactions where you want to verify that you are interacting with a reliable person in a secure way.

Financial institutions tackle these problems with a thorough and regulatorily-mandated Customer Due Diligence (“CDD”) process. CDD provides the financial institution with information regarding a customer’s identity and helps them flag any suspicious activity in their account going forward.

While traditional financial institution CDD methods tend to be long-drawn, expensive and painful from the user’s perspective, new tech solutions are eliminating these roadblocks to make way for a better customer experience.

In this article, you’ll learn all about CDD, drawbacks of the traditional way and a turnkey tech platform enabling a smoother CDD process.

This Article Contains:

(Use the links below and jump to a specific section)

What Is Customer Due Diligence?

Financial institutions and banks have CDD procedures to verify each customer’s identity and ensure there are no red flags when opening accounts for them.

These CDD procedures are a direct result of the Bank Secrecy Act (the first modern anti money laundering (“AML”) statute passed in 1970) and subsequent legislation, including the PATRIOT Act of 2001 and, more recently, the “CDD Rule” put into place in 2018.

Together, these pieces of legislation require the following US institutions to conduct CDD when onboarding new clients:

  • Banks
  • Mutual funds
  • Brokers
  • Securities dealers
  • Futures commission merchants

The CDD Rule requires each of the above institutions to conduct a thorough identity verification of all entities opening an account with them. This includes both individuals and business entities. For business entities, financial institutions are required to look through the corporate structure to the underlying beneficial owner (that is, a legal entity or natural person who behind the business entity).

The CDD Rule is an essential part of a KYC/AML protocol that enlists the support of financial institutions in identifying proceeds from criminal activity and mandates assistance from those financial institutions in investigating and, if necessary, freezing financial accounts funded from criminal enterprises.

In this way, the US government aims to cut off the primary conduits for laundering money or terrorism financing and mitigate the risks associated with potential customers’ illegal transactions.

Customer Due Diligence vs. Know Your Customer

CDD and Know Your Customer (“KYC”) are both integral components of a financial institution’s onboarding protocol that might seem similar on the surface. Each process involves collecting sensitive information regarding every potential customer, but the ultimate aims and uses of that information collection exercise are somewhat different.

The US Financial Industry Regulatory Authority’s (“FINRA”) Rule 3310 requires each financial institution to develop and maintain a robust AML program designed to satisfy their obligations under the Bank Secrecy Act (BSA) and implementing regulations promulgated thereunder, including the CDD rule by FinCEN. As a part of those obligations, financial institutions must both identify the natural persons behind an account opening and verify the identity of those persons.

In addition, each financial institution is required under FINRA Rule 2090 to engage in KYC - that is, obtain a robust understanding of the requirements for a particular account to better service the customer’s needs and comply with applicable laws and regulations. This includes gathering detailed information on a potential client’s risk tolerance, knowledge, and finances.

In each case, these AML and KYC checks must be completed before the potential customer opens their account.

While a firm’s KYC program will require it to develop a customer risk profile at account opening, that information may go stale or change over the course of their relationship with the institution. The financial institution is obligated to refresh KYC information from time to time to ensure it maintains a robust understanding of its clients’ needs.

Of course, the type of information collected in a KYC process is not enough to prevent illegal activities after account opening.

This is where ongoing CDD comes in - to help weed out riskier customers early on and ensure continuous monitoring of the customer risk profile and transactions over time. It aims to detect any potentially illegal activities early on or even as they’re happening.

To do this, CDD typically includes more than just client-provided documentation. Frequently, CDD checks will employ sophisticated software to conduct sanctions screening, politically exposed person checking and monitoring, adverse media identification, and real-time monitoring and flagging of suspicious activity in the client’s account.

Two Levels of Customer Due Diligence

As a part of its obligations under the CDD Rule, financial institutions must take a risk-based approach to customer onboarding. This means that not all customers will require the same level of documentation and verification.

To remain compliant, financial institutions should conduct standard due diligence on all customers with an enhanced due diligence procedure for potential customers that represent a higher risk level.

Standard customer due diligence

Financial institutions should conduct standard customer due diligence on all potential clients. This includes customers the financial institution deems to have only low or moderate money laundering risks.

The obligations under the CDD rule are absolute. At a minimum, the institution must collect basic customer information, including name, address, social security number and date of birth.

In addition, the institution should validate all information provided against public and private databases and run customer information against known terrorist watchlists like the OFAC consolidated sanctions list.

If any information appears inconsistent or does not align in a validation exercise, the customer can be asked to offer more information.

Enhanced customer due diligence (EDD)

If, after conducting standard due diligence, the financial institution determines a potential client is a high risk for money laundering, the firm may require EDD to move forward.

Items that may trigger an EDD review include identification that the person:

  • is politically connected (called a “politically exposed person”)
  • has adverse media hits
  • fully or partially matches the name of a sanctioned person or entity
  • has inconsistencies in the standard due diligence information provided

In these cases, the institution will likely undergo bespoke onboarding procedures with the AML officer’s participation to decide whether to move forward.

This may include a rigorous examination of the customer’s source of funds, their intended business relationship, the purpose of their transaction and any relevant account history with the customer.

Why Is Customer Due Diligence Important?

CDD is an expensive and time-consuming exercise, but it is a crucial process for every financial institution.

Let us help you understand why you need to conduct thorough CDD processes for any new customers.

1. Customer identification and verification

CDD aims to verify if the customer is who they say they are. This is of critical importance for maintaining a good customer relationship and ensuring compliance with the law.

Firms use both documentary and non-documentary forms of validation, including the use of government-issued IDs or other evidence of identity.

For accounts is in the name of a company or other similar business entity, a firm’s CDD obligation requires it to identify and collected documentation pertaining to all of the beneficial owners (a legal entity customer who benefits from the account) of that business entity above a certain percentage threshold. The percentage threshold required depends on the perceived riskiness of the client.

2. Identify suspicious activity

CDD acts as a necessary check in the wider AML laws required under the BSA, as amended by Patriot Act (2001). It aims to identify and trace any chains for terrorist financing.

3. Mitigate cybersecurity risks

Criminals are using increasingly sophisticated technology to escape law enforcement.

Institutions must similarly fine-tune their methods and embrace more sophisticated technology to nip such activity in the bud. A robust CDD program is one of the chief ways to catch criminals before they enter the system.

4. Prevent fines for non-compliance

AML checks are required by law and subject non-compliant firms to hefty fines. Authorities have levied approximately $32 billion in fines related to non-compliance with AML regulations since 2009.

The Traditional CDD Method

CDD is an elaborate and ongoing process that institutions tweak based on a number of factors, including their current lines of business and the perceived riskiness of a potential client.

Generally, it is spread out over the following three phases:

1. Verification

For natural persons, most institutions require their customers identify themselves and produce government-issued identity documents with a photo to corroborate their identity. Firms may use machine learning and optical character recognition to quickly and accurately verify the document’s authenticity and confirm the person providing the information is who they say they are.

For business entities, financial institutions may require founding corporate documentation, lists of beneficial owners and other data points to confirm the entity is validly existing and that it’s beneficial owners are who they say they are.

2. Screening

In the second phase, the institution compares the customer’s identity with:

  • Government watchlists
  • List of politically exposed people
  • Any negative media coverage
  • Public and private data sets

Based on the results of this screening process, the potential customer will be assigned a particular risk level.

  • Low Risk: standard verification
  • Medium to High Risk: appearance on government watchlists, a politically exposed person, inconsistent information - requires enhanced due diligence

3. Transaction monitoring

Finally, institutions conduct ongoing monitoring for all existing customers to detect any potentially suspicious transaction or other anomalies that indicate:

  • Money laundering
  • Financial crime
  • Corruption
  • Drug trafficking
  • Terrorist financing
  • Hacking
  • Insider trading

Even if an occasional transaction does not seem suspicious initially, a pattern of such activities may warrant further investigation.

The Bank Secrecy Act requires financial institutions to submit a Suspicious Activity Report (“SARs”) without informing the customer if they detect such activities. Filing an SAR notifies law enforcement authorities for further investigation.

3 Problems With The Traditional CDD Method

CDD is essential for complying with applicable rules and regulations - it is, therefore, necessary that all institutions instill a robust compliance regime.

However, a robust CDD program also comes with certain inconveniences for all parties involved:

1. Time-consuming

Some estimates indicate that opening a simple bank account can take up to 24 days because of lengthy KYC and CDD formalities.

This duration increases with the customer’s risk category. Customers identified as high-risk can take up to an additional month to be formally approved for account opening.

This elongated process can be a bad experience for customers, particularly when the delay is due to manual processes or misreported information.

2. Manual entries and verification

KYC and CDD procedures involve requesting the most sensitive personal information from the customer. The layers of documentation and evidence required for a typical onboarding can be a real strain on the customer.

Frequently, the potential customer will push back, stating that opening an account should not warrant so much personal information. Moreover, they have likely had to verify the same set of documents multiple times, leading to a tremendous amount of frustration.

On the cost side, manual verification of all of this documentation and information dramatically increases the workload of the institution’s employees and compliance staff.

3. Increases abandonment rates

Ultimately, the poor customer experience may push a customer to drop out of the process altogether. Multiple verifications and delays tend to be the touchpoints when exasperated customers quit.

Since most potential customers pass through CDD without any evidence of money laundering or other financial crime, this is a huge hit to the institution. Considering the customer’s lifetime value, the cost of abandonment can be quite high.

But thankfully, there are a number of companies building solutions that automate these processes. Today, tech solutions can fast-track the process like never before without compromising on privacy or thoroughness.

Parallel Markets for Seamless Customer Due Diligence

Parallel Markets is an investor verification platform that eases the onboarding process for financial companies and their customers.

Discover a frictionless way to complete KYC, AML compliance, beneficial ownership mapping, and accredited investor verification.

Here’s how to complete CDD measures on Parallel Markets:

  • Companies integrate Parallel Markets into their system either via API or with our no-code solution
  • Investors apply for verification on the platform and receive their Parallel Passport

The Parallel Passport is a unique repository of all identity documents of a customer that they need to apply for only once. A single Passport can be used to verify customer identity across all partner platforms and products.

A customer with the Parallel Passport will never need to submit the same information twice.

And the financial company can:

  • Reduce investor onboarding time by 90%
  • Decrease investor drop-offs
  • Eliminate human error
  • Track complete customer journeys on the Parallel Markets dashboard

All in all, Parallel Markets is the one-stop solution for all things related to customer verification.

Wrapping Up

As technology advances, financial institutions and law enforcement agencies are finding better ways to flag suspicious activities. As a result, financial institutions must also keep updating their CDD process to flag suspicious customers.

This reduction in fraud or other potential criminal activity does not need to come at a heavy price. That’s where Parallel Markets’ superior customer onboarding support can help you.

With a Parallel Passport, your customers will never have to submit the same documents twice. And you can track their beneficial ownership information, KYC, and overall application status on Parallel Markets’ dashboard.

For a secure and seamless diligence process, sign up with Parallel Markets today!

Disclaimer The information contained in this article is provided for informational purposes only and should not be construed as legal advice on any subject matter. You should not act or refrain from acting on the basis of any content included in this article without seeking legal or other professional advice.

More From Parallel

Regulatory Updates
by
Suzanne Elovic

The Corporate Transparency Act — Will It Work?

info@parallelmarkets.com
Products
AML MonitoringBusiness VerificationInvestor OnboardingAccreditationEntity Data Manager
Resources
BlogGlossaryDeveloper Documentation
Account
Log InForgot PasswordSupport
Company
AboutSelect PartnersCareersRequest DemoTerms of ServicePrivacy Policy

Accreditation verifications are completed through FM (USA), LLC, an affiliated entity, and a registered broker-dealer and member FINRA/SIPC. Neither Parallel Markets Inc., FM (USA), LLC, nor their affiliates provide any investment advice or make any investment recommendations to any persons, ever, and no communication through this website or in any other medium should be construed as such. By accessing this site and any pages thereof, you agree to be bound by our Terms of Service and Privacy Policy.

Copyright © Parallel Markets [year]