Customer Due Diligence
According to FinCen, there are four core elements of customer due diligence (CDD). CDD improves financial transparency and prevents bad actors from abusing companies to disguise illicit activity.
Financial Institutions should develop explicit written policies following the anti-money laundering (AML) program. CDD policies should cover:
- Customer identification and verification
- Beneficial ownership identification and verification
- Understanding the nature and purpose of customer relationships to develop a customer risk profile.
- Ongoing monitoring for reporting suspicious transactions and, on a risk basis, maintaining and updating customer information
These are Know Your Customer (KYC) policies. Working with a customer due diligence provider can help enhance KYC policies, protecting the institution and its customers.
Customer Identification and Verification
Identification and verification ensure that the customer information is current and accurate at account opening or periodically.
FinCen recommends using a customer’s risk profile to guide the policies applied to that customer. High-risk customers may warrant more frequent updates or further screening of media, news articles, or identification of correspondent commercial banking activity (i.e. a customer’s customer).
Beneficial Ownership Identification and Verification
Changes to beneficial ownership should be identified due to the ongoing monitoring of client information. The institution should use this information to update the customer risk profile accordingly. Again, each institution should develop clear written policies that guide these decisions.
Customer Risk Profiling
Financial institutions are not required to use a specific method or categorization model to establish customer risk profiles. There is also no requirement to automatically categorize certain products or customer types as “high risk”.
Instead, institutions should consult government publications to identify products, services, customers, or geographic locations that may present unique risks. The institution should have an understanding of financial crime risks such as money laundering and terrorist financing.
All risk profiling will involve a spectrum of activity risks. Therefore due diligence measures will vary on a case-by-case basis. This reiterates the need to assess each client rather than automatically categorize certain products as high risk.
Ongoing Suspicious Transaction Monitoring
There is no specific schedule set by FinCen for financial institutions to update customer information. Instead, normal monitoring should be sufficient to identify high-risk customers who require additional verification or monitoring.
An institution may choose to review customer information on a regular schedule based on identified risk. This decision must follow the CDD policies of the institution.
Customer Due Diligence Providers
Using a CDD provider gives an institution access to established policies and analyzes the institution’s current policies. This comparison reveals the KYC program pitfalls as well as the measures that can enhance the program.
Enhanced customer due diligence provided by a third party helps with independent verification of identity, beneficial ownership, and other risk factors. Providers also offer platforms for monitoring large cash transactions, cross-border transactions, and changes in payment sources.
At the end of the day, CDD providers are one tool a financial institution can use to ensure they are compliant with FinCen regulations. The enhanced measures provide transparency and security against nefarious or criminal banking activity.