Customer due diligence (CDD) is the set of checks UK regulated firms must carry out to identify and verify their customers, understand the nature and purpose of the business relationship, and identify any beneficial owners. CDD is required under the Money Laundering Regulations 2017 and is the baseline anti-money laundering control applied to every business relationship, including those not assessed as higher risk.
Why CDD matters
CDD is the foundation of a firm’s AML framework. The MLR 2017 require firms to apply CDD when establishing a business relationship, carrying out an occasional transaction above the relevant threshold, suspecting money laundering or terrorist financing, or doubting previously obtained identification. Firms must also conduct ongoing monitoring to keep CDD information current.
Where a customer or transaction is higher risk, the firm must escalate to enhanced due diligence (EDD); where risk is demonstrably low, simplified due diligence may be appropriate. Getting the risk assessment wrong by applying too little diligence is a frequent cause of regulatory criticism.
Who it applies to
All firms within scope of the MLR 2017, and in particular their onboarding, relationship management and compliance teams.
Related terms
EDD, PEP, beneficial ownership and MLRO.