KYC AML Guide: the Clock shows the average reeding time of the blog07 min Read


KYC AML Guide: the Clock shows the average reeding time of the blogNovember 28, 2023

What is Customer Due Diligence (CDD) in KYC Identity Verification?

What we hope ever to do with ease, we must learn first to do with diligence. (Samuel Johnson). This historic quote explains the importance of carrying out our due diligence in today’s world where we see KYC (Know Your Customer) becoming an obligation to everyone. Let’s explain the concept of Customer Due Diligence in KYC and the regulatory requirements in CDD.

Belal Mahmoud

KYC Product Consultant

What is Customer Due Diligence (CDD)?

Customer Due Diligence (CDD) is the process of verifying customer identities. Financial institutions and banks collect their client’s information and verify it against different lists of risky individuals. Normally, there are three tiers of due diligence process in KYC:

  1. Simplified Due Diligence (SDD): Carried out for every customer. Normally, every customer passes through SDD due to the ease of scrutiny level.
  2. Customer Due Diligence (CDD): Medium-risk level customers are checked in CDD. it is to ensure that most customers with specific transaction patterns and activities are verified.
  3. Enhanced Due Diligence (EDD): For specifically high-risk level customers. Mostly PEPs (Politically Exposed Persons), SIPs (Special Interest Persons), and other high-risk customers are scrutinized in EDD.

Customer Due Diligence Rule FinCEN

FinCEN issued the final rule on CDD in 2016. It is an amendment in the Banks Secrecy Act regulations that ensures that financial institutions and banks are protected from financial crimes. Furthermore, this rule clarifies the requirements of Customer Due Diligence by the US banks and other financial entities.

What are the 4 Customer Due Diligence Requirements?

FinCEN’s Final Rule mandates four core requirements for Customer Due Diligence that every financial institution and bank needs to fulfill.

  1. Identification and Verification of Customer Identities.
  2. Identification and Verification of Beneficial Owners.
  3. A clear understanding of the nature and purpose of relationships with customers to categorize customer risk profiles.
  4. Ongoing Monitoring for detecting suspicious activity and transactions, and updating customer information regularly.

FATF Recommendations on Customer Due Diligence

FATF (Financial Action Task Force) also takes part in actively addressing the Due Diligence process for helping in regulating the financial sector against money laundering and terrorism financing. According to its 40 recommendations customer due diligence measures also support the FinCEN’s Final Rule’s postulates on CDD as discussed above.

Both FATF and FinCEN mandate that for higher-risk customers, Enhanced Due Diligence (EDD) must be conducted to verify the risk profiles of customers with stringent checks.

Who is Responsible for CDD?

All banks, Financial Institutions, and every firm that requires the KYC (Know Your Customer) process must include the CDD process in its KYC Identity Verification. These Fintech firms are responsible for implementing an efficient KYC Tool that has the following features in CDD:

  • Strong Identity Verification checks for CDD and EDD to filter the profiles and report risky ones.
  • Ensuring a minimum number of False Negatives and False Positives through enhanced document testing mechanisms and biometric verification.
  • The KYC Tool must be able to read the identity documents in multiple languages.
  • It needs to have a Liveness Detection mechanism to ensure an Anti-Spoofing feature.

Overall the CDD is the responsibility of the firm, bank, or FI that requires a customer onboarding process. They also need to properly guide their customers through the process of CDD and EDD and educate them on cooperating with it.

Who comes under Customer Due Diligence (CDD)?

All customers who intend to use the service of a fintech firm, financial institution, or bank are liable to do their due diligence process as per their risk levels. It also applies to non-financial businesses that involve a high volume of transactions.

Due Diligence Checklist for CDD

Due Diligence Checklist may not be required for low-risk customers. For medium-risk customers, the checklist for CDD contains the documents that are needed for verification. Here is a short list of main documents in the Due Diligence Checklist:

1) For Individual Customers:

    • Name (First Name. Maiden Name, Last Name)
    • Address (Postal Address, Current or Residential Address if different from Postal Address)
    • Date of birth (Birth Certificate, Hospital records, Family record, etc.)
    • Telephone number (Landline, Mobile Number, Fax Number, and UAN)
    • National ID number (SSN, ID Card number, etc)
    • Identity documents
    • Mobile Network data
    • Geolocation (GPRS, etc.)
    • Selfies from Smartphones and other devices
    • Live video [any device]
    • Third-party account verification

2) For Corporate clients

    • Business registration number (BRN)
    • Company name [Registered Company name, Trademarks, and Brand Names]
    • Address [Head office and other locations]
    • Operational status
    • Key management personnel (BoDs, CEO and etc.)
    • Date of incorporation

KYC Identity Verification and CDD

As mentioned above, the KYC Tool that conducts the Identity Verification process for a firm’s customers is required to fulfill certain criteria. In order to meet the CDD requirements, the KYC Solution providers need to consider the following:

  • The KYC Technology must match the compliance requirements of their fintech client.
  • KYC Technology must be compatible with multiple platforms and should have an identity database.

It is important for the fintech firms to know their KYC Solution and how to select the best one from available options.

Learn more on How to Choose the Best KYC Solution

Furthermore, KYC AML Guide offers a premium service of Technology Buying to help fintech firms carry out smooth Customer Due Diligence. We do it by providing consultancy that you need to choose the right KYC Partner.


KYC AML Guide: the Facebook share KYC AML Guide: the Linkedin share KYC AML Guide: the Twitter share
Belal Mahmoud
KYC AML Guide: the Linkedin share

Belal possess over 8 years experience in the KYC Identity Verification industry. He has consulted KYC solutions for over 20 new economy companies at DIFC and ADGM while ensuring a seamless technical integration and helped in jurisdictional compliance audits.