Regulated entities use the risk-based approach to identify and assess the potential money laundering and terrorist financing risks associated with a financial transaction or customer relationship. CDD is a critical aspect of the anti-money laundering and terrorist financing regime as it helps understand and mitigate the risks posed by a business relationship. The extent of CDD is determined by the risks associated with a business relationship.
What is a risk assessment:
Understanding the risks associated with your customer means to perform a risk assessment before onboarding of the client that considers factors such as:
1. Customer risk:
- The customer’s or the customer’s beneficial owner’s business or professional activity.
- The customer’s and the customer’s beneficial owner’s reputation.
- The customer’s and the customer’s beneficial owner’s nature and behavior, including whether this could point to increased risk.
2. Geographical or country risk:
- The jurisdictions in which the customer or the beneficial owner is based or is resident,
- The jurisdictions that are the customer’s and beneficial owner’s main places of business,
- The jurisdictions to which the customer and beneficial owner have relevant personal or business links or financial or legal interest.
3. Product, service and transaction risk:
- The level of transparency, or opaqueness, the product, service or transaction affords,
- The complexity of the product, service, or transaction,
- The value or size of the product, service, or transaction.
4. Delivery channel risk factors:
- The extent to which the business relationship is conducted on a non-face-to-face basis and
- Any introducers or intermediaries the firm might use and the nature of their relationship with the firm.
The risk-based approach in CDD
Risk assessment is at the core of the CDD process, as it allows us to identify and assess the money laundering and terrorist financing risks associated with a financial transaction or customer relationship and determine appropriate measures to mitigate those risks.
CDD is a process regulated entities use to identify and assess the potential money laundering and terrorist financing risks associated with a financial transaction or customer relationship. Typically, clients are classified as low, medium, or high risk following a risk assessment. Once the risks have been assessed, the appropriate CDD measures can be applied. The extent of CDD measures is based on the risk classification of the client as follows:
- Simplified Due Diligence (SDD): SDD is a less rigorous form of due diligence applied to low-risk customers and transactions. It typically involves minimal verification of customer identity and a basic assessment of the customer’s business or profession.
- Customer Due Diligence (CDD): CDD is the standard form of due diligence applied to medium-risk customers and transactions where normal rules apply. It typically involves verification of customer identity, including the identification and assessment of beneficial owners, and an assessment of the customer’s business or profession, including the customer’s source of wealth and funds.
- Enhanced Due Diligence (EDD): EDD is the most rigorous form of due diligence applied to high-risk customers and transactions. It typically involves a more extensive verification of customer identity, including the identification and assessment of beneficial owners, and a more comprehensive assessment of the customer’s business or profession, including the customer’s source of wealth and funds, as well as additional measures such as enhanced monitoring of transactions, and obtaining additional information about the customer and its background.
Implementing the risk-based approach in CDD allows a regulated entity to invest its resources and focus its efforts on the highest risk areas of the business and implement less intensive measures in less risky areas. Additionally, this approach can improve the effectiveness of the overall AML program.
