KYC AML Guide: the Clock shows the average reeding time of the blog12 min Read


KYC AML Guide: the Clock shows the average reeding time of the blogJuly 11, 2023

Due Diligence Checklist 2023: A Guide To Ensure AML Compliance

Due diligence generally means reasonable care and precautions to avoid potential harm or risk. In relation to KYC (Know Your Customer) and AML (Anti-Money Laundering), Due Diligence is the process that helps mitigate financial crimes like money laundering. This article is about the due diligence checklist and its use in the customer due diligence process.

M Abd'al Bari

Research Associate

What is the Due Diligence Checklist?

Basically, it is a tool used by firms and organizations while conducting due diligence for their clients. It also gives a comprehensive overview of the potential partner or customer for the risk assessment.

It varies depending on the purpose, scope of the due diligence process, and regulatory requirements. Since there are two main types of Due Diligence Processes each of them has a different checklist. These types are Customer Due Diligence and Enhanced Due Diligence.

Due Diligence Checklist required for CDD (Customer Due Diligence)

First of all, customers with low-risk levels might not require any specific checklist. They can go through a Simplified Due Diligence which is carried out only to identify a customer and not verify him/her. But as the risk level of a customer increases the due diligence process becomes complex and stringent.

For the normal risk level customers, CDD is carried out by having a specific checklist. This checklist contains the documents that the customer needs to provide for identity verification & authentication. Most basic information that is included in the due diligence checklist is as follows:

For Individual Customers:

  • Name (First Name. Maiden Name, Last Name)
  • Address (Postal Address, Current or Residential Address if different from Postal Address)
  • Date of birth (Birth Certificate, Hospital records, Family record, etc.)
  • Telephone number (Landline, Mobile Number, Fax Number, and UAN)
  • National ID number (SSN, ID Card number, etc)
  • Identity documents
  • Mobile Network data
  • Geolocation (GPRS, etc.)
  • Selfies from Smartphones and other devices
  • Live video [any device]
  • Third-party account verification

For Business clients

  • Business Registration Number (BRN)
  • Company Name [Registered Company name, Trademarks, and Brand Names]
  • Address [Head office and other locations]
  • Operational status
  • Key management personnel (BoDs, CEO and etc.)
  • Date of incorporation

Moreover, this checklist can have more requirements based on the jurisdiction and the country’s regulatory laws. There may be some third-party information sources that can provide relevant information about the clients and customers as well. So, this falls back on the shoulders of the firm’s compliance officers and KYC AML regulators to clarify and verify. However, it is important that the third-party source is a trustworthy and credible source of information.

Enhanced Due Diligence Checklist (EDD)

Once the customer’s risk profile is identified and the risk score is high, Enhanced Due Diligence (EDD) is conducted to verify the customer’s identification details deeply. Since the risk level is high, it requires more factors to verify and the due diligence checklist becomes stricter. KYC Document Verification is also strict in Enhanced Due Diligence. Following are the EDD checklist items for KYC:

1) Identity Verification:

The customer’s identity is verified through official documents including a passport, national identity card, driving license, or any other government-issued ID.

2) Source of Wealth:

Obtaining information on sources of wealth and identifying any red flags or suspicion in the sources of income. This includes financial transactions, estimated wealth, cash assets, luxury properties & cars, and other related items.

3) Purpose of the Account:

It is mandatory to understand the purpose of the account and risk assessment of money laundering or terrorist financing activities. The purpose of the account is mentioned when an individual or an entity requests to open up a bank account. The bank asks them to declare the reason for opening this bank account and select the specific bank account type as well.

4) PEP Status:

Determining if the customer is a Politically Exposed Person (PEP) to conduct an in-depth risk assessment. PEP status is helpful in assessing the risk level associated with an identity and the due diligence checklist should have it as a basic section.

5) Ultimate Beneficial Ownership (UBO):

To Identify the ultimate beneficial owners of the customer and identify any potential risks associated with their ownership structure. Sometimes, the true owners of the firm are hidden which makes it difficult for regulators to identify criminals. Therefore, the UBO section is also an important part of the due diligence checklist.

6) Sanctions and Watchlists:

Carrying out sanction screening for the UBOs against international sanctions lists, terrorist & AML watchlists, and other public records. This will match the checklist items with the existing record and help in identifying a criminal on the spot.

7) Reputation Risk:

Conduct a background check on the customer and their UBOs to identify any negative news or public information that may indicate a potential reputation risk. When a person or an entity turns out to be notorious in the news media, mostly something is wrong there.

8) High-Risk Jurisdictions:

Identifying high-risk countries in cross-border transactions and assessing the potential risk associated with them. Some countries have a high risk of terrorism and money laundering so the checklist should cover the cross-border transaction aspect as well.

9) Enhanced Monitoring:

In-depth transaction monitoring is implemented for high-risk customers or transactions to identify any suspicious activity.

10) Ongoing Review:

Conduct regular reviews of the customer’s account and activity. It is to ensure ongoing compliance with KYC regulations and identify any potential risks or changes in circumstances.

Additional Measures (Industry-wise) in Due Diligence Checklist

Regulatory Compliance:

Mainly, the due diligence checklist depends on the industry and jurisdiction. It is important to ensure that all relevant regulations are complied with and that any potential legal risks are identified.

i) Intellectual property:

For the use of intellectual property in a transaction, it is important to conduct a thorough review of the intellectual property assets to ensure that they are properly registered and protected. Most luxurious properties are involved in being funded by illicit money or owned by the PEPs or criminals.

ii) Cybersecurity Issues:

In today’s digital age, cybersecurity risks are an important consideration in any transaction or investment. A cybersecurity review should assess the security of the target’s networks, systems, and data to ensure that they are adequately protected against cyber threats. eKYC and blockchain is the latest and trending concept in cybersecurity.

iii) Environmental Compliance:

If the transaction or investment involves real estate or manufacturing, it is important to assess any potential environmental risks and liabilities, including compliance with environmental regulations. Environmental concerns may also include points like checking the status of

iv) Human Resource Concerns:

While acquiring a company, it is important to conduct a review of the target’s human resources policies and practices, including employee contracts, compensation, and benefits. This is to ensure that the people hired are honest, ethical, and have moral values. Moreover, their training is essential in accordance with the regulatory and compliance standards with updated knowledge.

v) Financial Projections:

In addition to reviewing historical financial performance, it is important to review the target’s financial projections to ensure that they are realistic and achievable. If any suspicious financial trail is found, it must be reported in the suspicious activity report.

vi) Supply Chain Diligence:

It is important to assess the reliability and sustainability of the supply chain and any potential risks or disruptions. Since money laundering can be carried out through supply chain activities mostly by physically hiding the money, it requires due diligence.

Do note that these measures may not all be applicable to every Due Diligence Procedure. It depends upon the industry type, the level of due diligence required, and other factors.

Wrap up

The Due Diligence Checklist is a handy tool for conducting a streamlined risk-based due diligence process. To ensure regulatory compliance for AML and CFT, Due Diligence processes are necessary at different risk levels. Similarly, the checklist makes it easy to confirm that all the KYC document verification requirements are fulfilled. A due diligence checklist may differ in terms of risk factors, complexity, and level of due diligence but the goal remains the same. Covering each aspect of due diligence is necessary to strengthen the due diligence process and checklist. This will not only make the entire KYC and AML compliance process stronger but also increase the trust level among the parties involved.


KYC AML Guide: the Facebook share KYC AML Guide: the Linkedin share KYC AML Guide: the Twitter share
M Abd'al Bari
KYC AML Guide: the Linkedin share

Muhammed Abd'al Bari is a certified Research Professional of KYC/AML Guide. Connect with Muhammed on LinkedIn