Customer Due Diligence — Protecting Businesses From Financial Crimes

Candice Spencer
Shufti Pro
Published in
4 min readMar 10


In today’s fast-paced business environment, the threat of financial crimes such as money laundering, terrorist financing, and fraud is ever-present. A recent study shows $28 billion in losses due to identity fraud scams, victimising 27 million U.S. consumers. Regulatory authorities have implemented Customer Due Diligence (CDD) requirements that allow enterprises to verify clients’ identities and analyse their risk.

Businesses protect themselves from financial and reputational loss by adhering to AML & KYC compliance requirements and conducting thorough CDD programmes. Establishing a robust CDD program can be tricky as financial crimes change continually, and risk management requires alignment with customer experience.

This blog will explain how to develop a successful CDD program that prevents financial crimes and delivers a seamless customer experience.

Customer Due Diligence — A Comprehensive Overview

Customer due diligence (CDD) is a set of procedures for analysing new clients and measuring their potential danger to businesses. Moreover, AML & KYC regulations require organisations to adopt customer due diligence checklists for doing business with clients.

It entails screening through data from several sources, such as the client, sanctions lists, and public & private databases. However, regardless of the client’s risk profile, the following is necessary for essential customer due diligence:

  • Customers’ personal identifying information, including names, addresses, and ID pictures
  • Brief description of the client’s business and the industries in which it operates
  • An outline of the various companies with whom the client conducts business

What Is the Difference Between CDD and KYC?

In some industries, such as banking, CDD and KYC procedures are legally required. Regarding money laundering and terrorism financing, CDD incorporates KYC checks but also emphasises the sources of funds. According to research, about 23% of the U.S. was affected by identity theft. However, this number is also expected to increase over the coming year.

Significantly, Know Your Customer (KYC) is a procedure that occurs at the time a new client registers. But, businesses must continuously perform customer due diligence throughout the partnership with the client.

Throughout the onboarding process, the KYC verification will take place. Key elements include first and last name, birth date, and house address, but customer due diligence often investigates further.

More specifically:


  • When — At signup and regular intervals
  • What — Funds resources, purpose, client’s name, DoB, address
  • Who — Those who may be vulnerable to crimes such as laundering money, terrorist financing, corruption, or bribery.


  • When — When the customer signs up
  • What — Name, address, DoB
  • Who — Products and services with age restrictions, some types of financial transactions, and anyone who wants to.

Legal and Regulatory Requirements for Customer Due Diligence in Financial Firms

It is both a good business practice and a regulatory requirement for banks to do thorough checks on their customers. U.S. financial institutions are required to implement CDD procedures by the Bank Secrecy Act (BSA) and USA PATRIOT Act.

Specifically, the BSA demands that financial institutions have established procedures for client verification, beneficial owner identification, and risk-based account evaluations.

Financial institutions must conduct enhanced due diligence on foreign individuals and businesses, politically exposed persons, and high-risk customers under the USA PATRIOT Act. Enhanced due diligence may involve additional background investigations, ongoing performance monitoring, and customer risk profiles.

Fines, lawyer fees, and destroyed reputation are only some risks related to failing to comply with CDD regulations. For instance, in 2020, the New York State Department of Financial Services fined Deutsche Bank $150 million for inadequate CDD controls.

Financial institutions must understand their business’s legal and regulatory needs and have the resources & tools to adopt effective CDD strategies to stay current.

When is CDD a Must for Banking Compliance?

  • Establishing a Business Relationship

Banks must evaluate the customer’s risk profile, identity, and if they use a fraudulent ID before starting a business connection.

  • Occasional Transactions

Depending on the nature of the transaction, extra CDD precautions might be necessary. For instance, if the consumer conducts business with high-risk individuals or the transaction amount exceeds a predetermined threshold (USD/EUR 15,000).

  • Suspicious Activity

If a customer is claimed to be engaging in money laundering or terrorist financing, banks are obligated to perform CDD checks.

  • Unreliable Identification

Banks should take further customer due diligence (CDD) measures if their customers’ information is inaccurate, suspicious, or doesn’t fulfil criteria.

To Sum It Up

In conclusion, AML compliance for financial institutions is impossible without customer due diligence. Financial institutions can comply with the law and prevent crimes, including money laundering, terrorist funding, and fraud, by executing effective due diligence. Thus, financial institutions must prioritise CDD compliance to prevent financial crimes and keep a competitive edge.



Candice Spencer
Shufti Pro

Researcher, Fraud Preventer, Traveller, Reader, Writer, Thinker :)