For companies in financial services, growth is driven as much by efficiency savings as through innovation. However, they must balance these competing issues while still meeting their regulator's requirements.
Customer Due Diligence (CDD) is at the center of this dynamic. Customers expect to be able to execute transactions quickly and easily. Regulators expect financial service providers to have full visibility of their customer’s personal and professional circumstances and to be fully compliant. Senior managers seek efficiency savings while also launching new products.
Let’s examine these issues in more detail and explore how technology can help you achieve your objectives.
Customer Due Diligence: An Overview
CDD focuses on compliance in managing ongoing customer relationships. It covers issues including transaction monitoring, risk management, compliance analysis, and management reporting and typically builds on Know Your Customer (KYC) due diligence programs.
Why Does CDD Matter?
Banks and financial service providers are very familiar with KYC due diligence requirements. So, where does CDD fit in?
CDD aims to complement pre-existing KYC programs. While KYC due diligence often marks the beginning of a customer relationship, CDD programs are implemented to ensure that ongoing developments with customers – for example, changes in their personal or professional circumstances – are not missed. CDD programs ensure that customer risk issues are included in the ‘Business as Usual’ (BAU) for numerous business processes, including transaction management, loan origination, risk management, and limit management, for example.
The Implications of CDD for Banks and Financial Service Providers
Meeting CDD requirements requires secure, robust, and scalable systems, processes, and data to meet current and future demand.
Operationally, this means embedding CDD capabilities in a company’s business processes so that the regular checks don’t become a bottleneck that hinder customer relationships and impact growth.
The Key Requirements of CDD
At its core, CDD covers these key issues:
Customer Identification and Verification
Financial service providers must be able to verify their customers’ identities and have documentary evidence to support this.
Beneficial Ownership Identification and Verification
The details of a business's beneficial ownership must also be confirmed and checked regularly. Changes in ownership must be captured quickly, which can be challenging if an entity is based in a foreign country with a complex ownership structure.
Defined Business-Customer Relationships
How a financial service provider manages a customer relationship – and the risks involved – depends on the services it provides, which can change over time as client needs change. CDD programs must capture these changes in the relationship so that as a customer moves from simply using basic banking services to receiving financial advice and using brokerage services, for example, a CDD program will capture and flag these changes to ensure that the proper controls, limits, and approvals are always in place.
Ongoing Monitoring
A key element of CDD is regular monitoring. This ensures that changes in a customer’s CDD profile are captured early, whether from internal data sources or from third-party sources, such as news feeds, government or regulatory announcements, or company announcements. Ongoing CDD (OCCD) performs an essential role within CDD programs. It captures the process where customer records and documentation are reviewed regularly to identify changes in a customer’s personal or professional situation that might create CDD issues.
For reference, these are the critical requirements of regulators in the US, with the CDD rule, the UK, the EU and also Australia, for example.
A CDD Checklist
What steps are involved in delivering CDD?
Customer Identification and Verification
Customer verification is central to CDD and typically involves checking identification documents, such as passports. Some customers may also need to meet Enhanced Due Diligence (EDD) requirements, which typically means ensuring that an individual is not on a sanctions list, clarifying whether they are listed as a Politically Exposed Person (PEP), or confirming whether they are subject to adverse media coverage, have a criminal history, or appear on a company’s watchlist, for example.
Risk Assessment
One focus of CDD is risk management, ensuring that individual customer risks do not evolve into regulatory or reputational risks for the business. Risk management is subjective and depends on the context. Senior managers need accurate and up-to-date information about issues to make timely decisions about any customer relationship developments they need to address.
Transaction Monitoring
Transaction monitoring is an essential element of CDD requirements. Suspicious transactions, or transactions that fall outside the normal parameters of the approved relationship, need to be flagged and addressed promptly, with full transparency, for auditors and regulators to assess as needed.
Periodic Review of Customer Information.
Alongside ongoing CDD, institutions need to re-confirm the customer information they have on file. This may mean engaging directly with customers or their representatives to ensure the information is accurate or reviewing it against publicly available information.
Client Due Diligence: The Challenges
While a well-managed CDD program offers significant potential, there are, however, challenges that must be negotiated to achieve a successful outcome.
Constrained Resources, Time & Budget
CDD programs must compete with other programs for budget, expertise, and resources. Having a technology platform to hand that is easy to set up, deploy, use, and maintain is a critical success factor in effective CDD programs.
The Need for Accurate and Up-to-date Information
CDD programs involve regularly checking customer information to provide the assurance an institution needs. This demands a centralized data store of crucial information—customer records, third-party documentation, transaction records, and much more—that employees and applications can use. It also needs seamless access to internal and external data sources to maintain an accurate and functional data set.
Customer Satisfaction Issues
Ideally, the significantly increased volume of customer checks on transactions will not impact the customer experience. However, there will be situations where engaging directly with the customer is necessary to confirm their details and circumstances.
The ideal platform will minimize these incidents by ensuring that the information held about customers is accurate and up-to-date, while making it easy for staff and customers to check and amend records quickly and easily.
Implementing EDD
Enhanced Due Diligence (EDD) customer checks for specific customers may be necessary. These additional checks need to be handled quickly but sensitively if the quality of customer service is to be maintained. The ideal is for CDD and EDD checks to use the same platforms for speed, efficiency, and consistency.
Integrating KYC, EDD & CDD
While institutions have gotten to grips with KYC, CDD presents a similar but different challenge. While KYC is often a one-off exercise, CDD (and EDD) is a continuous process, with checks made on a much more regular basis and regular updates as needed from the customer. This means that KYC and CDD information must reference each other and be consistent, even if they do not necessarily contain identical data sets.
Best Practices for Implementing Effective CDD
These requirements are challenging, with the scope to increase costs and degrade customer service unless you adopt a systematic approach that helps overcome them. Here are some steps you can take to reduce the likelihood of serious issues emerging from your CDD program:
Leverage Automation
The repetitive nature of CDD lends itself very well to automation, covering data access and management, workflow approval processes, alerting, automated reporting, and systems integration, for example. In addition to enhancing staff productivity, automation reduces the scope for operational risk issues and is key to providing the foundations for implementing a flexible solution that can scale to meet the business's needs.
Consolidate your CDD Data
Having a consolidated data set covering all your CDD, OCCD, and EDD efforts allows compliance teams to have a consistent program across the business. It allows you to have a common set of definitions, approval processes, documentation, and standards that drive efficiency savings and ensure accuracy. It also provides a holistic perspective of CDD compliance across the business.
Embed CDD into Your BAU
Embedding CDD into your BAU processes allows you to effectively and efficiently maintain compliance alongside your other sales and relationship management processes. Include automatic checks in your product and service provisioning processes so that your CDD compliance checks can be carried out in the background without slowing customer transactions.
Embed CDD into Your Product Development Process
Ensure that your CDD obligations feature in product development processes. Embed compliance checks at an early stage in development, rather than having to (expensively) re-engineer a product or service later in its development life.
The Solution: A SaaS-based Client Due Diligence Platform
CDD is an important issue that financial institutions of all sizes need to master, which challenges many organizations. That said, its requirements lend themselves to automation, leveraging SaaS-based capabilities that allow for efficient and effective data capture and management, workflow automation, alerting, management reporting, and data analytics. These capabilities create significant efficiency savings, allowing the business to grow at the pace it desires. They also reduce the operational risks involved in running a critical compliance program, which can potentially create regulatory and reputational risks should a key issue be missed.
Learn more about how OnBoard can help you efficiently and cost-effectively deliver robust compliance for your CDD and EDD requirements.
