Resource > Glossary >
Customer Due Diligence (CDD)
Updated on:
April 11, 2024

Customer Due Diligence (CDD)

Customer Due Diligence (CDD) is the process of verifying the identity of a customer & assessing the risks associated with doing business with them.

  • Customer Due Diligence (CDD) is a critical component of Anti-Money Laundering (AML) and Know Your Customer (KYC) compliance.
  • It involves verifying the identity of a customer through official documents or official company registries.
  • CDD involves assessing the risks associated with doing business with a customer based on factors such as their country of origin, occupation, and financial history.
  • Financial institutions must conduct CDD on all customers, including individuals, companies, and other entities.
  • Failure to perform adequate CDD can result in regulatory fines and reputational damage.

About FullCircl

FullCircl is a Customer Lifecycle Intelligence (CLI) platform that helps B2B companies in financially regulated industries do better business, faster. Its solutions allow front and middle office teams to win the right customers, accelerate onboarding and keep them for life.

FullCircl has merged with ID&V platform provider W2 Global Data to provide regulated entities with the next generation of regulatory compliance.

What is Customer Due Diligence (CDD)?

Customer Due Diligence (CDD) is a critical component of Anti-Money Laundering (AML) and Know Your Customer (KYC) compliance. It refers to the process of verifying the identity of a customer and assessing the risks associated with doing business with them. CDD is designed to prevent financial institutions from being used for illegal activities such as money laundering, terrorism financing, and other forms of financial crime during customer verification at account opening.

The first step of CDD is to verify the identity of the customer (identity verification). Financial institutions must obtain official documents such as passports or driving licenses to verify the customer's identity.

They may also use electronic verification methods, such as digital identity verification, to confirm the customer's identity. When verifying the identity of corporate entities as part of Customer Due Diligence requirements, financial institutions typically obtain and review various types information. The specific documents required may vary depending on the jurisdiction.

CDD process

  • Obtaining legal documentation: Financial institutions typically request copies of official documents such as a certificate of incorporation, articles of association, and a register of directors and shareholders. They may do this automatically through services such as FullCircl or by using company registries such as Companies House.
  • Identifying the beneficial owner (UBO): The individuals or entities who ultimately own or control a company. This involves identifying the beneficial owner, who may be different from the legal owner or the director. Banks may request documentation such as a shareholder register or ultimate beneficial owner declaration, or use services such as FullCircl.
  • Gathering information on the company's business activities: to understand the nature of the company's business activities to assess the level of risk associated with the customer. They may request information such as a business plan, financial statements, and details of the company's customers and suppliers.

The second step of CDD is to assess the risks associated with doing business with the customer. This involves gathering information about the customer's country of origin, occupation, financial history, and other relevant factors that may affect the risk of financial crime. Financial institutions use this information to determine the required level of customer due diligence meaning they can closely monitor their transactions for suspicious activity. For corporate entities, this may include;

  • Conducting background checks: on the company's directors, shareholders, and beneficial owners to ensure they are not on any watchlists or have any history of financial crime. This may involve reviewing PEPs and Sanctions registries and searching for adverse media stories which may pose a threat.
  • Ongoing monitoring: Financial institutions must continuously monitor the customer's transactions and business activities, updating their CDD profile as necessary. This may involve requesting additional documentation or information as the customer's risk profile changes, or using services such as FullCircl to proactively identify potential issues.

Where there is a high degree of risk, financial institutions in some cases must also perform Enhanced Due Diligence (EDD) on their customers, which includes more in depth checks including source of funds, additional identification, manual reviews, and more.

Financial institutions must conduct Customer Due Diligence checks on all customers, including individuals, companies, and other entities. Failure to perform adequate CDD can result in regulatory fines and damage to the company name. However, it is important to balance the need for CDD with the need to provide a seamless customer experience.

This means implementing risk-based approaches to CDD that allow for flexibility in the level of due diligence required based on the risk profile of the customer.

By putting together a customer due diligence checklist, financial institutions and other regulated entities can ensure they tick the regulatory compliance box whilst offering their customers a slick onboarding experience.

CDD regulation

Customer due diligence (CDD) regulation mandates financial institutions to thoroughly verify and understand their customers' identities and activities to mitigate risks.

Key regulations include the EU's Fifth Anti-Money Laundering Directive (AMLD5) and its successor, the Sixth Anti-Money Laundering Directive (AMLD6), impose stringent CDD obligations on financial entities, enforced by the European Banking Authority (EBA) and national competent authorities.

Additionally, the Financial Action Task Force (FATF) sets global standards for CDD practices, encouraging countries to adopt robust regulatory frameworks. These regulations aim to enhance transparency, detect illicit financial activities, and safeguard the integrity of the global financial system.

How to navigate CDD requirements

Services such as FullCircl can be used to automate many of the KYC and AML Customer Due Diligence requirements as part of corporate customer onboarding processes. This could include pre-screening at first engagement with the relationship manager to identify potential risks and address them early on, delivering a better customer experience.

Bespoke rules can be used to automate credit decisioning based on a financial institutions individual risk appetite, and in-life monitoring can alert relationship professionals, compliance and risk managers to new developments throughout the life of the customer, enabling a proactive approach to customer due diligence, thus reducing risk exposure and ensuring a better customer experience.

It's important to understand that regulated entities all have a different approach to their risk appetite. An off-the-shelf solution for customer due diligence isn't appropriate to ensure that compliance and customer expectations can work in perfect harmony. FullCircl works with each client to craft a custom CDD workflow which will ensure regulatory adherence and an efficient customer journey.

Visit to find out more.

Research and Insights