You wouldn’t hire a new employee without making sure they’re the right fit for the job, right?
Just as employers thoroughly vet candidates, organizations across the financial services industry need to have a good read on their prospective clients before allowing them to open an account to mitigate fraud and money laundering risk. This is where customer due diligence comes into play.
What is Customer Due Diligence?
Customer due diligence (CDD) is the act of performing background checks and other screening on the customer to ensure that they are properly risk-assessed before being onboarded.
CDD is at the heart of Anti-Money Laundering (AML) and Know Your Customer (KYC) initiatives. It is designed to help banks and financial institutions prevent financial crimes like money laundering, terrorist financing, human and drug trafficking and fraud.
What Does The Typical CDD Process Look Like?
An effective customer due diligence program includes collecting a variety of customer information throughout the course of a company-customer relationship.
Customer Due Diligence Requirements
- Customer Information: To ensure customers are who they say they are, companies collect the customer’s full name, photo identification, address, phone number, email address, occupation, tax identification number and more.
- Business Information: CDD measures should include additional identifying information about the customer’s business model, source of funds and beneficial ownership.
- Customer Risk Profiles/Risk Assessments: Based on the customer’s identity, location and type of business, customers are sorted into different risk levels (usually low, medium and high) to indicate the level of money laundering risk they pose. A customer’s risk profile determines how much due diligence is required. High-risk customers need a more in-depth due diligence process than low-risk customers.
- Ongoing Monitoring: Customer due diligence doesn’t stop after the customer is onboarded. CDD measures should include some sort of ongoing monitoring system and keep an eye on higher-risk customers, suspicious transactions, changing customer profiles, etc.
Sample Customer Due Diligence Flow Chart
This sample flow chart walks through nine steps a financial institution may take as part of their KYC process. We’ve talked to hundreds of banks, and there seem to be hundreds of variations of how they perform customer due diligence. Your CDD workflow should answer these fundamental questions:
- Is the applicant the person they claim to be online?
- Does the risk profile of the applicant raise any red flags?
Low-risk individuals can be fast-tracked through the approval process. Thanks to automation of online identity verification and AML screening, this streamlined process can be 40% more efficient than traditional manual processes. This means decision time can be cut to under 2 hours for low-risk individuals, with this process often completed in minutes.
However, decision time for higher-risk individuals may still take longer, between 48 and 72 hours, because of the extra review time needed to vet these individuals. Assuming that more than 90% of your applicants will fall into the low-to-medium risk pool, the cost and efficiency gains of automated identity verification and AML screening can have a dramatic reduction on AML costs and improvement in the user experience.
Streamlining The Customer Due Diligence Process
Complying with KYC and AML requirements has made the account opening process a long and complex journey for corporations.
While estimates vary, banks take an average of 24 days to complete the customer onboarding process (Thomson Reuters, 2017), and many suspect it’s only getting worse thanks to increasing regulations.
Moreover, increased onboarding time and friction leads to higher abandonment rates by legitimate customers. These costs can often far exceed the cost of any perpetrated fraud when one considers the lifetime value of those lost or abandoned customers.
This is why organizations are taking steps to streamline the CDD process to save money, time and customers.
While there are a number of alternative verification methods, more and more companies are now relying on automated identity verification to smooth out and speed up the onboarding process for new customers.
Automated identity verification relies on AI, machine learning and biometrics to validate passports and driver’s licenses, check against the customer-provided selfie and, in some cases, perform a liveness check to ensure the applicant is physically present and not spoofing the system with a picture of someone else or using a doctored video.
Ongoing Monitoring & Screening
Similarly, AI and machine learning provide financial institutions with a more effective transaction monitoring system with fewer false positives for suspicious activity.
Just as individuals were scored and put into risk categories during the identity proofing stage, individual transactions can also be scored and combined with advanced algorithms that track expected vs. actual transaction behavior and update the customer’s risk rating in real time.
By continually checking and pinging established (and constantly refreshed) databases (including OFAC, HMT, UN and thousands of other government, regulatory, law enforcement, fitness and probity watchlists), financial institutions can be notified immediately via an alert. If a customer appears on one of these PEPs and sanctions lists, they can mitigate risk and take appropriate next steps. This ensures that the company is kept informed of any status changes to their existing customer base in real time.
Better identity verification, AML screening and transaction monitoring solutions are enabling financial institutions to meet the requirements of regulators, banking partners and auditors with an electronic audit trail of all system and user actions with date and time stamps. These solutions help financial institutions spot patterns and outliers by monitoring current transactions alongside historic transaction and behavior data.
Why KYC Isn’t Enough
A Guide to Fighting Fraud and Financial Crime from Onboarding to Ongoing Monitoring
Why Is CDD Important?
When you consider what’s at stake, it starts to make a little more sense why banks and other financial institutions are spending big money on AML compliance. These countermeasures are designed to thwart the growing threat of money laundering, which unfortunately isn’t a tactic used by drug cartels alone — it’s now being used across a broad range of criminal enterprises.
Here are a few reasons to take CDD seriously:
- Big Compliance Fines: Enforcement actions related to AML have been on the rise. Since 2009, regulators have levied approximately $32 billion in AML-related fines globally. Most of these have been leveled against U.S. firms. In 2020 alone, FinCEN fined banks in the United States a total of $11.11 billion.
- Sophisticated Cyber Threats: Criminals are using more sophisticated means to remain undetected, including globally coordinated technology, insider information, the dark web and e-commerce schemes.
- Reputational Risk: AML incidents put a financial institution’s reputation on the line. In fact, the average value of each of the top 10 bank brands is $45 billion.
- Rising Costs: Most AML compliance activities require significant manual effort, making them inefficient and difficult to scale. The cost of AML compliance across U.S. financial services firms equaled $25.3 billion per year, with some major financial institutions spending up to $500 million annually on KYC and customer due diligence (Thomson Reuters).
- Poor Customer Experience: Compliance staff must have multiple touch points with a customer to gather and verify information. Perhaps not surprisingly, one in three financial institutions have lost potential customers due to inefficient or slow onboarding processes.
Some Quick CDD Legalese
Now that we’ve established CDD’s part in AML compliance, let’s cover some legal definitions.
The application of customer due diligence is required when a firm that is covered by money laundering regulations enters into a business relationship with a customer or a potential customer. This includes occasional one-off transactions even though this may not constitute an actual business relationship.
A customer/business relationship is defined as being formed when two or more parties engage for the purposes of conducting regular business or to perform a one-off transaction. The term “business relationship” applies where a professional, commercial relationship will exist with an expectation by the firm that it will have an element of duration.
A More Enlightened Approach to CDD
A growing number of banks and fintechs are discovering how to automate their CDD (and, if necessary, enhanced due diligence) processes resulting in a vastly better customer experience and a dramatic reduction in online abandonment rates. By utilizing advanced tools like Jumio’s Identity Verification and AML Solutions, financial institutions can easily meet their regulatory requirements without sacrificing customer experience.
Learn more about how you can streamline your onboarding and ongoing monitoring CDD measures with Jumio.