Skip to content
CityLearning
Financial crime

CDD (Customer Due Diligence)

Customer due diligence (CDD) is the set of checks UK regulated firms must carry out to identify and verify customers, understand the nature of the relationship, and identify any beneficial owners. Required under the Money Laundering Regulations 2017, CDD is the baseline AML control applied to every business relationship.

Customer due diligence (CDD) is the set of checks UK regulated firms must carry out to identify and verify their customers, understand the nature and purpose of the business relationship, and identify any beneficial owners. CDD is required under the Money Laundering Regulations 2017 and is the baseline anti-money laundering control applied to every business relationship, including those not assessed as higher risk.

Why CDD matters

CDD is the foundation of a firm’s AML framework. The MLR 2017 require firms to apply CDD when establishing a business relationship, carrying out an occasional transaction above the relevant threshold, suspecting money laundering or terrorist financing, or doubting previously obtained identification. Firms must also conduct ongoing monitoring to keep CDD information current.

Where a customer or transaction is higher risk, the firm must escalate to enhanced due diligence (EDD); where risk is demonstrably low, simplified due diligence may be appropriate. Getting the risk assessment wrong by applying too little diligence is a frequent cause of regulatory criticism.

Who it applies to

All firms within scope of the MLR 2017, and in particular their onboarding, relationship management and compliance teams.

EDD, PEP, beneficial ownership and MLRO.

Frequently asked questions

What is customer due diligence (CDD)?
Customer due diligence is the baseline set of checks UK regulated firms must perform under the Money Laundering Regulations 2017. It involves identifying and verifying the customer, identifying any beneficial owners, and understanding the purpose and intended nature of the business relationship. CDD must be applied at onboarding and kept up to date through ongoing monitoring.
How does CDD differ from EDD?
CDD is the standard level of due diligence applied to every customer relationship, while enhanced due diligence (EDD) is the additional scrutiny applied to higher-risk customers, such as politically exposed persons or those involving high-risk third countries. EDD builds on CDD rather than replacing it, with the depth of checks proportionate to the assessed risk.

Reviewed by Margaret Hassett

← Back to the compliance glossary

Turn definitions into training

See how CityLearning's UK compliance courses help your team understand terms like this in practice.