New economic crime measures continue to be released at pace in the UK. This puts further pressure on companies to comply with regulations.
The latest announcement comes from the Office for Financial Sanctions Implementation (OFSI).
The organisation says that from the 15th of June 2022:
- It can levy a fine at anyone who breaches financial sanctions, regardless of whether they knew or suspected it.
- It can publicise details of sanctions breaches, even if they do not levy a fine.
- Monetary penalty reviews can be conducted by anyone—not just a minister.
The new guidance has been introduced earlier than planned and that’s no surprise. Economic crime has been high on the UK news agenda recently.
First, there has been concern over the influence of corrupt foreign governments following the war in Ukraine.
Both banks admitted to having inadequate checks that led to criminal gangs channeling money through their accounts.
The message from the authorities is simple. Banks and other financial services companies need to take their money laundering obligations seriously, and customer due diligence is a vital part of this.
If they don’t, they will face financial and reputational consequences.
This article explains what customer due diligence is, why it is important, and how to conduct a CDD check.
What Is Customer Due Diligence?
Customer due diligence is a process in which you collect information on a customer’s identity and verify that they are who they claim to be
It also involves ascertaining their company’s business activities and how they will fund the services they buy from you.
It applies to any business that is covered by anti-money laundering regulations—banks and financial service companies fall into this category.
These businesses should conduct customer due diligence whenever they start a new ongoing business relationship or when managing a transaction worth £15,000 or more.
Customer due diligence is a major part of Know Your Customer Checks, which in turn are a key part of anti-money laundering (AML) initiatives.
They help banks and financial institutions to prevent economic crimes. These can include:
- Money laundering.
- Terrorist financing.
- Human and drug trafficking.
Why Is Customer Due Diligence Important?
Customer due diligence is a vital tool in the fight against economic crime in the UK.
There are many reasons why banks and financial institutions should take the process seriously. These reasons include:
1. It’s the law
Banks and financial institutions are regulated by the FCA under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017. They are required by law to have systems to process and document CDD checks as part of their overall AML regime.
2. There are huge non-compliance fines
Failure to comply with money laundering legislation can lead to hefty fines. This can be up to EUR 5 million or 10% of your company’s annual turnover—whichever is higher.
UK banks and financial institutions have been some of the worst offenders for non-compliance. In 2021, HSBC and NatWest were fined over £63 million and £265 million, respectively, for failing to prevent money laundering in their accounts.
Both of these fines would have been 30% higher. However, the fines were reduced because they didn’t contend the accusations.
3. Your reputation is at risk
If your business fails to prevent economic crime,your reputation will be damaged. The negative press will associate your company name with organised crime, which will likely deter customers from working with you. It also shows that your business isn’t functioning correctly. If you can’t meet your regulatory requirements, what else is going wrong at your company?
4. Criminals are becoming more sophisticated
Criminal gangs increasingly use technology to remain undetected. Banks and financial services companies have an important role to play in helping to spot and report any suspicious activity.
5. Customer experience
Your CDD processes need to be thorough but efficient. If they aren’t, then your customers’ experience will be affected and you could lose business. There’s nothing worse than being left waiting on the phone for ages while a customer service rep verifies your details.
What Are the Different Types of Customer Due Dilligence?
There are three levels of CDD for banks and financial institutions. Which one you use impacts the process listed below. They are:
Simplified due diligence
This is the lowest level of CDD. It enables you to forgo some due diligence checks, such as verifying the company’s ultimate beneficial owners.
SDD is usually performed when a customer or transaction is very low risk. This could be a well-known company that has a reliable source of funds or a low-value transaction.
A company that undergoes SDD should still be monitored for suspicious activity.
Depending on the nature of their work, some financial institutions may decide that SDD is too risky and only conduct standard due dilligence.
Standard Due Dilligence
This is the process listed below. This is used for low or medium risk customers to verify their identity, understand their business and find out where it is getting its funds from.
Enhanced Due Dilligence (EDD)
EDD is used on customers that get a high risk score. There are a number of reasons why they could get a higher risk score. For example, they could appear on a list of international sanctions.
Enhanced due dilligence involves taking a risk based approach and conducting extra checks to ensure that the customer’s business interests are legitimate.
How Do You Conduct Customer Due Diligence?
Your due diligence process needs to answer two critical questions:
- Is the person who they say they are?
- Does their risk profile present any concerns?
Step One: Verify the Customer’s Identity
Ask the customer to provide personal details that can be used to identify them, including their:
- Contact number.
- Email address.
- Tax number.
Also ask them for photo ID that can be verified,for example, their passport. Today, this process is usually done online using a form.
An increasing number of financial institutions now provide digital ID verification systems. These enable customers to verify their own ID using their device’s built-in camera. Here’s how this works:
- The customer takes a picture of their ID.
- The system identifies key customer information from the ID and enters it into a form. It also scans the customer’s image on the ID.
- The customer confirms that the information in the form is correct.
- The customer takes a picture of their face.
- The system uses biometric face recognition to verify the customer’s photograph against their ID image.
- The form is verified against the relevant database.
- The form and image will also be screened for:
- Potential signs of fraud.
- Sanctions lists and other AML watchlists.
- If the image and the form both match, then the customer’s identity is confirmed
- If they don’t match, further verification may be required.
Step Two: Collect Information On Their Business.
Here you’ll collect information about the business. This tells you what normal activity looks like and enables you to spot any unusual behaviour or suspicious activity.
The information you need to collect includes the:
- Registered company name.
- Company’s trading name.
- Companies House number.
- Registered office address.
- Business operations location.
- Business model and activity,
- Customer’s role at the business.
- Source of funds.
- Purpose of the transactions.
- Names of anyone with significant control over the business.
- Company’s ultimate beneficial owner.
Step Three: Risk Scoring.
The customer is assigned a risk score or risk profile based on the information collected in stages one and two. This risk score allows them to choose whether they conduct simplified, regular or enhanced due diligence.
If the customer gets a high risk score, you will need to conduct EDD. This involves:
- Obtaining additional verification.
- Establishing the origin of the ultimate beneficial owner’s wealth.
- Analysing previous transactions.
- Checking for adverse media coverage.
- Visiting their business.
- Create a strategy for monitoring the client in future.
Step Four: Ongoing Monitoring.
CDD is an ongoing process—you never know if and when a client might pose a money laundering risk.
Set up a system to regularly monitor the customer’s risk profile and transactions. Conduct new CDD checks at least annually.
It’s vital to know as soon as possible if a customer’s risk profile changes. Our own AML platform allows you to set up monitoring alerts that immediately inform you when this happens.
We have data on every UK company and our database is updated in real time, which means you’ll know straight away if a company’s risk profile changes.
A good example is if a company buys new assets that it shouldn’t be able to afford. This would warrant further investigation to identify the source of the funds.
Conduct Fast, Accurate and Fully Compliant CDD
Robust money laundering policies and procedures protect you from money laundering and keep you compliant with regulations. Customer due diligence is a vital part of these procedures.
Red Flag Alert’s database holds detailed financial information on every UK company. We provide a comprehensive AML service that enables you to conduct accurate CDD.
At the same time, we use the latest technology to provide a fast, convenient ID and verifications service. This means you can continue to offer a great customer experience.
Our AML service includes:
- Conducting accurate digital identify checks in minutes.
- Checking and monitoring clients against international blacklists for sanctions, politically exposed persons (PEPs) and more.
- Obtaining information on company directors, including their other business interests.
- Obtaining company data, including beneficial owners and what other businesses it is connected to.
- Generating due diligence reports so that you have a verifiable audit trail that meets money laundering regulations.
- Setting up monitoring alerts so you know as soon as your client’s risk profile changes.
Not ready for a demo? Discover 7 ways Red Flag Alert can help you conduct commercial due diligence in this article.