Customer Due Diligence (CDD)

The Customer Due Diligence (CDD) Rule is a regulation issued by the Financial Crimes Enforcement Network (FinCEN) that enhances the ability of financial institutions to detect and prevent money laundering, terrorist financing, and other financial crimes.

According to FinCEN, the CDD Rule requires covered financial institutions to identify and verify the identities of the beneficial owners of legal entity customers at the time new accounts are opened. A beneficial owner is defined as an individual who owns 25% or more of a legal entity or exercises significant control over it.

To comply, institutions must develop and implement written policies and procedures that are designed to:

  1. Identify and verify the identity of customers;
  2. Identify and verify the identity of the beneficial owners of legal entities opening accounts;
  3. Understand the nature and purpose of the customer relationship to develop a customer risk profile;
  4. Conduct ongoing monitoring to identify and report suspicious transactions, and update customer information as needed.

These requirements form the cornerstone of risk-based anti-money laundering (AML) and Know Your Customer (KYC) programs.

About Customer Due Diligence (CDD)

What are the 3 levels of customer due diligence?

There are three recognized levels of customer due diligence:

  • Simplified Due Diligence (SDD):
  • Applied in low-risk situations, such as dealing with government entities or publicly listed companies. Fewer identity verification steps are required, and the process is less invasive.
  • Standard Due Diligence (CDD):
  • Used for most customers, this involves verifying a customer’s identity, assessing the purpose of the account, and establishing an appropriate risk profile.
  • Enhanced Due Diligence (EDD):
  • Reserved for high-risk clients or transactions—such as politically exposed persons (PEPs), offshore entities, or clients from high-risk jurisdictions. This level requires deeper background checks, additional documentation, and ongoing monitoring.

What is the difference between KYC and CDD?

KYC (Know Your Customer) is the broader framework that governs how businesses verify customer identities and assess risk. CDD is a core component of KYC, specifically focusing on verifying identities, understanding customer behavior, and monitoring for unusual activity.

In other words, KYC is the goal; CDD is one of the tools used to achieve it.

What is a CDD check?

A CDD check refers to the process of collecting and verifying customer information to meet regulatory obligations. This typically includes:

  • Validating identity documents (e.g. passport, ID card)
  • Verifying beneficial ownership for business accounts
  • Understanding the source of funds and business purpose
  • Assessing risk and categorizing the customer accordingly

CDD checks are ongoing—meaning customers may be reviewed periodically, especially if their behavior changes or risk factors increase.

Secure verifications for every industry

We provide templated identity verification workflows for common industries and can further design tailored workflows for your specific business.