LogoAI Finance Tools
  • Search
  • Collection
  • Category
  • Tag
  • Blog
  • Glossary
  • Pricing
  • Submit
LogoAI Finance Tools
  1. Home
  2. /
  3. Glossary
  4. /
  5. CDD (Customer Due Diligence)

CDD (Customer Due Diligence)

Process of verifying customer identity and assessing risk before and during a financial relationship.

Audit & CompliancePayments Infrastructure

FAQs

What documents are typically collected in standard CDD?

For individual customers, standard CDD typically collects: government-issued photo ID (passport, driver's license), proof of address (utility bill, bank statement within 3 months), and sometimes additional verification for high-value accounts (source of wealth/funds documentation). For business entities, CDD collects: certificate of incorporation or formation, articles of incorporation/operating agreement, corporate resolution authorizing the relationship, beneficial ownership certification for 25%+ owners, government-issued ID for each beneficial owner, and a description of the business purpose and anticipated transaction activity. Document requirements vary by jurisdiction and institution risk appetite.

What is perpetual KYC (pKYC) and how does it differ from periodic review?

Traditional KYC refresh involves scheduled periodic reviews (annual for high-risk customers, every 2–3 years for standard risk, every 5+ years for lower risk) where the institution updates customer information regardless of whether anything has changed. Perpetual KYC (pKYC) is an event-driven approach that monitors customers continuously and triggers reviews only when meaningful changes occur—ownership changes, adverse media hits, new sanctions designations, significant transaction pattern changes, or customer-provided updates. pKYC is more efficient (resources focus on customers with actual changes), more timely (a new sanctions designation triggers immediate review rather than waiting for the annual cycle), and increasingly required by regulators seeking more dynamic risk management.

What triggers a CDD review for an existing customer?

CDD reviews for existing customers are triggered by: periodic review schedules based on risk tier, material changes in customer information (name, address, ownership changes), unusual transaction activity inconsistent with the established risk profile, adverse media or watchlist hits in ongoing screening, customer-initiated requests (adding new products or significantly increasing transaction volumes), escalations from transaction monitoring alerts, and regulatory examination findings. Proactive monitoring of adverse media and automated re-screening when watchlists update allows institutions to identify need for review events between scheduled reviews, maintaining current customer risk assessments.

Related Terms

EDD (Enhanced Due Diligence)

More intensive customer due diligence applied to higher-risk customers, including PEPs and high-risk jurisdictions.

Beneficial Ownership

Identification of natural persons who ultimately own or control a legal entity above a defined ownership threshold.

SAR (Suspicious Activity Report)

Confidential report filed by financial institutions with FinCEN when they detect potentially illegal activity.

FATF Guidelines

International standards from the Financial Action Task Force setting AML and counter-terrorism financing requirements.

← Back to glossary
LogoAI Finance Tools

The directory of AI-powered finance tools for founders, freelancers, and finance teams.

Product
  • Search
  • Collection
  • Category
  • Tag
Resources
  • Blog
  • Glossary
  • Methodology
  • Pricing
  • Submit
Company
  • About Us
  • Privacy Policy
  • Terms of Service
  • Sitemap
Copyright © 2026 All Rights Reserved.

Customer Due Diligence (CDD) is the process by which financial institutions identify and verify the identity of their customers, understand the nature and purpose of customer relationships, and assess the money laundering and terrorist financing risk those customers present. CDD is the foundation of AML compliance programs and is required by FinCEN's CDD Rule (effective 2018), FATF Recommendations, and national AML legislation worldwide.

CDD encompasses four core elements: customer identification and verification (collecting government-issued ID, verifying against watchlists); beneficial ownership identification (for legal entity customers—identifying natural persons with 25%+ ownership or control); understanding the nature and purpose of the relationship (what business does the customer conduct, why do they need this product); and ongoing monitoring (reviewing transactions for consistency with the expected risk profile, updating CDD when circumstances change).

Three CDD tiers apply based on assessed risk: Simplified Due Diligence (SDD) for demonstrably lower-risk customers (listed public companies, government agencies, where extensive documentation is unnecessary); Standard CDD for typical customers; and Enhanced Due Diligence (EDD) for higher-risk customers (PEPs, high-risk geographies, complex ownership structures, unusual transaction patterns).

CDD failure is among the most common regulatory violations in financial services. Banks have paid billions in fines for CDD deficiencies: inadequate KYC documentation, failure to identify beneficial owners, insufficient understanding of customer business purpose, and inadequate ongoing monitoring.

Modern CDD programs use digital onboarding workflows, ID verification APIs (scanning passports, driver's licenses), sanctions screening APIs, and CRM/KYC platforms to automate much of the data collection and initial screening, with human review reserved for complex cases and EDD situations.