Skip to main content
Customer Due Diligence

What is Customer Due Diligence (CDD)?

As businesses onboard new customers, vendors, clients, and partners, regulatory compliance becomes more urgent, forcing the businesses to resort to band-aid identification practices, which initially give them false positives but end up costing violation assessments.


With money laundering and identity fraud being at an all-time high, businesses have to expedite their identity validation practices and establish a robust customer identification process. And this begins with customer due diligence.

Origin Of Customer Due Diligence (CDD)

Customer due diligence was made mandatory to help banking institutions accelerate their prospect identification processes. Verifying the personal information of the customers against the authorized records of the federal organizations allows banks and financial institutions to reduce regulatory risks and prevent financial crime.


Banks, lending, and financial institutions ask for documentation of identity, which allows them to verify the validity of the information provided and ascertains in determining the risk each customer brings to the organization.


Most commonly, financial institutions ask for the following information for identification purposes.

  • Full Name
  • Residential Address
  • Contact Number
  • Email Address
  • Location & Date Of Birth
  • Gender
  • Nationality
  • Marital Status
  • Government-Issued Identification Number
  • Tax Number
  • Occupation
  • Specimen Signature


Know Your Customer (KYC) Process – The First Step of Customer Due Diligence


Every financial institution follows some kind of know your customer regime, wherein it collects the identity information of the customers and validates the information against authorized databases to verify if their customers really are who they say they are.


This information is recorded and stored until the customer is officially no longer in contract with the institution. However, the information is stored in some cases even after the customer’s exit for documentation and evidential purposes.


A know your customer or client process has been mandated so that banking and financial institutions do not onboard profiles with a history of financial crime and fraud.


It further helps establish a basic relationship between the customer and the bank so that both parties are contracting with each other on common grounds.


Customer identification processes are built to allow businesses to assess the validity of the identity information provided by the customers.

Understanding Customer Due Diligence

Customer due diligence is a streamlined process wherein a prospect or customer’s information, which has been previously collected in the KYC process, is assessed for risk and regulatory compliance.


There are different kinds of automated tools and manual validation methods that businesses use to ensure that the KYC documentation and the information provided by the customer are valid per the authorized records.


However, each case is dealt with independently according to the risk they bring. This is why not all profiles are subject to the same screening and validation degrees. The scrutiny is determined according to the public records about the financial history of the prospect or customer.

Types Of Customer Due Diligence (CDD)

Low-risk profiles do not require in-depth financial crime and regulatory compliance validation. However, high-risk profiles, such as the ones that have a vast public record of international financial activity, have to be assessed for money laundering and tax compliance.


The customer due diligence process is broken down into three simplified assessments, where the regulatory compliance screening and its severity differs for each of these.


  1. Basic Customer Due Diligence (BDD)

    A basic or standard customer due diligence process requires the business to obtain identification documentation, such as the name, photograph on a valid and authorized document, residential address, and date of birth. This information is verified against an authorized independent source to confirm the validity of the details. The process is further scaled up based on the nature of the transaction and risk assessment.


  3. Simple Due Diligence (SDD)

    When businesses come across low-risk profiles, they move the enrollment process further as the customer poses no threat to regulatory compliance. These customers usually have no or negligible money laundering activity or fraudulent background and don’t have to be scrutinized further.


  5. Enhanced Due Diligence (EDD)


This protocol must be followed for high-risk profiles. Customers that have previously engaged in money-laundering activities and terrorism financing activities or have a suspicious financial background must be screened through the Enhanced Due Diligence Process.


Banks and financial institutions usually determine if a prospect is a high-risk profile if they are in the Politically Exposed People and AML (Anti Money Laundering) watch lists. PEPs, both local and foreign, have to be scrutinized to ensure that they maintain financial transparency and compliance.


Individuals listed in the AML watch list pose a huge threat to your organization as they have an evident history of engaging in money laundering activity. Contracting with these profiles could lead to civil penalties for each violation.


When you recognize a high-risk profile, use the following measures to gather additional information from the customer.


  • Probe on the sources of their funds and wealth
  • Cross-examine the intended nature of the business relationship
  • Identify the transaction and its purpose
  • Subject the customer to additional monitoring procedures
  • Look for these red flags if they or their representatives want to “move things quickly”

Submitting A Suspicious Activity Report (SAR)

It does not matter if the occurrences take place before or after enrolling a certain profile, illegal and suspicious transactions have to be flagged with a Suspicious Activity Report (SAR).


This report should include the information about the profile gathered during the KYC or CIP process, the transaction, the nature of the transaction, the funds involved, and the type of relationship your business shares with the customer.


Additional information must be submitted in the report basing the severity of the activity. The report must be submitted to the local or federal authorities. Law enforcement will take the necessary measures and come to a decision. At no point should the business reveal to the customer that a SAR has been submitted.

Financial crime and identity fraud were reported to be at a record high globally in 2020. Statistics and survey responses show that at least 47% of businesses (out of 55,000 respondents) experienced at least 6 instances on an average where they lost a collective $42 Billion to financial crime and identity fraud.


This shows that every business is at risk and the risk is only going to increase. This is why businesses are open to exploring various marketplace AI innovations, which integrate regulatory compliance into their ecosystems.


But that’s not all, customer due diligence is not a one-time-done process. This is not your typical enrollment process where you gather the required information, verify the profile, and then forget about it.


You have to constantly monitor and scrutinize your customer base and observe transaction patterns, geography in which the transactions are taking place, cross-border activities, and observe extreme funding fluctuations.

Manual Vs Automated Due Diligence Processes: An Overview

Manual CDD Automated CDD
Time-taking process Time-taking process
Expensive basing long-term goals Expensive basing long-term goals
Limited scalability Limited scalability
Individual-driven ecosystem Individual-driven ecosystem
Higher probability of false positives and false negatives Higher probability of false positives and false negatives
Historic or outdated results Historic or outdated results

How Compliancely Enables AI-Driven Customer Due Diligence Through Authorized Real-Time Identity Checks


Compliancely is an authorized identity validation gateway enabling businesses to search and verify businesses and individuals globally. Check compliance compatibility with 17+ authorized checks leveraged by 9+ industries.

What Does It Mean For You?

Our consolidated list of checks is designed to help you steer clear of high-risk profiles, ascertaining in establishing and maintaining regulatory compliance.


  • Verify 100,000+ profiles and get results in 30 seconds or less
  • Validate TIN/EIN/ITIN/SSN against IRS and SSA databases in real-time
  • Check profiles against authorized federal watch lists, such as FATCA, AML, OFAC, PEP, and more
  • Streamline and accelerate your KYC, CDD regimes, customer identification processes
  • Scrutinize and submit suspicious activity reports with aiding accurate checks
  • Check insolvency, terrorism-financing, and prohibited arms export history
  • Monitor profiles that are engaging in activities that threaten national security (a must for government organizations)
  • Integrate a systemic validation process into your ecosystem and establish self-compliance
  • And do much more with the all-encompassing real-time identity validation API – Compliancely