According to the Insurance Information Institute, fraud complaints increased to a total number of over 5.7 millions in 2021. Almost 30% of all fraud reports involved opening a new credit card account. More than 24% of the fraud complaints reported identity theft in various industries.
These numbers showcase the importance for organizations to complete the Customer Due Diligence (CDD) process thoroughly. But inevitably, there is a serious threat of credit card fraud, identity fraud, and other document fraud with fraudsters becoming more sophisticated than ever.
One of the ways financial institutions combat these kinds of fraud is by conducting proper Customer Due Diligence. This important process is performed before onboarding new clients and is required by any business that is covered by the Anti-money Laundering (AML) regulations.
To make your CDD process more secure and efficient, several Intelligent Document Processing (IDP) solutions have been developed. IDP solutions are able to conduct automated data extraction, document verification, fraud detection, and data masking, which help you to save time and money.
With this blog, we want to clarify what Customer Due Diligence is, why it is important and how IDP software can improve the CDD process.
What is Customer Due Diligence?
Customer Due Diligence is a series of background checks and other screening on your customer to help you verify your customer’s identity and assess their risk profiles. By law, CDD is a required procedure for all financial institutions before onboarding new customers.
Customer Due Diligence is a big part of the Financial Action Task Force’s Anti-money Laundering (AML) directives. It is intended to support banks and other financial institutes to prevent financial crime like identity fraud, money laundering and terrorist financing.
The process involves analyzing information from different sources, such as the customer, public and private data sources as well as sanctions lists. The information organizations collect largely depends on the risk profile of the customer (more on this further down below).
In general, though, standard Customer Due Diligence requires the following information:
- Information about the identity of customers (name, address, photograph of an official identity document)
- An overview of every entity that your customers do business with
- An overview of customer activities and the markets they operate in
To paint the whole picture, it is important to mention that there are different types of Customer Due Diligence:
- Standard Customer Due Diligence (explained above)
- Simplified Customer Due Diligence → For customers that are deemed low-risk, simplified CDD can be performed. This means that a reduced amount of information about the customer is required, the frequency of monitoring is lower, and verification of the customer may be delayed until a good relationship with the customer is established.
- Enhanced Due Diligence → Enhanced Due Diligence (EDD) is usually conducted when the customer is deemed high-risk. Here you can think of a customer dealing with people or entities in high-risk countries or conducting unusually large transactions.
With this information in the back of our minds, we should take a closer look at the importance of CDD and which consequences that could follow when CDD is not taken seriously.
Why is CDD important?
Fraudsters are becoming more sophisticated by making use of deep fake engineering and graphics processing. These circumstances force financial institutes to see the importance of proper CDD processes.
Additional to that, the following reasons may clarify why CDD should be taken seriously:
- Reputational risk → Money Laundering incidents put a financial institution’s reputation at risk and may cause these institutes to suffer from a decrease in trust.
- Customer experience → To make sure that you comply with regulations, it is advisable to have several touchpoints with the customer to gather and verify information. If these touchpoints are not provided, customers quickly feel unsafe. On top of that, slow and sloppy onboarding leads to a loss of potential customers. So, a thorough CDD process pays off in the long run.
- Heavy compliance fines → In 2021, the total amount of fines for financial institutions that had a lack of compliance and CDD was $2.7 billion.
Shocking, right? To give you a more comprehensive picture of the topic, and help you prevent the above-mentioned consequences, we would like to go into more detail about how CDD is used in banking. Next to that, we will discuss which regulations should be followed accordingly.
Customer Due Diligence in Banking
Customer Due Diligence in the banking industry is the series of steps taken to assess and identify a customer to satisfy compliance measures and prevent financial crime.
In banking, a standard Customer Due Diligence process is conducted to collect and verify customer data throughout the duration of the business-customer relationship. An effective CDD process in banking looks like this:
- Collecting customer information → The bank collects the customer’s information to verify their identity. Think of information such as a customer’s full name, address, email address, phone number, government-issued ID, photo identification, and so on.
- Gather business information (in case the customer is a business) → Here, the bank collects information about the business model, beneficial ownership, source of funds and more.
- Assessment and risk profiling → Customers are categorized into different risk levels based on the data found during the screening. Depending on the risk level, the level of Due Diligence is determined, and additional measures might be applied.
- Ongoing monitoring → Every customer is continuously monitored for the duration of the business relationship. Banks keep an eye on transactions, suspicious activities, unusual customer profiles, etc.
Conducting these steps is a delicate matter, as it is important to get this right. As you can imagine, the CDD process is accompanied by a large number of documents that need to be checked and verified.
When performed manually, it is a very time-consuming and error-prone process. This is the reason why more and more banks decide to use an IDP solution like Klippa DocHorizon to extract, verify and, if necessary, detect fraud on documents.
An IDP solution can also help banks comply with Know Your Customer (KYC) and AML rules and regulations and therefore prevent heavy fines. Let’s have a closer look at the regulations that apply to CDD in banking.
CDD regulations for banking
The CDD regulations for banking are summarized in the CDD rule. The CDD rule was enforced by the Financial Crimes Enforcement Network (FinCEN) in 2018. It is designed to ensure financial transparency and to prevent criminals and terrorists from abusing companies to conceal their illegal activities and launder their ill-gotten gains.
Financial institutions that are covered by the CDD rule have to follow the four core requirements:
- Identify and verify the identity of customers
- If a company opens an account, beneficial owners of the company have to be identified and verified
- Understand the nature and purpose of customer relationships to develop customer risk profiles
- Conduct continuous monitoring to identify suspicious transactions and maintain and update customer information
On paper, this process may not seem lengthy, but the CDD procedure requires banks to check a pile of documents, which inevitably slows down the onboarding process. So, how can you accelerate the process while still complying to all necessary regulations?
How can the CDD process be improved with automation?
The simple answer is: with software. But what does this look like?
First of all, as previously mentioned, an Intelligent Document Processing solution is able to identify the presented document. Then, in a matter of seconds, the software accurately extracts and verifies the required data. Finally, the data is stored in the bank’s database.
No manual data entry of important information is required anymore, which drastically reduces the amount of error of data extraction and speeds up the onboarding process immensely.
Taking it a step further
If required, an IDP solution can even go a step further. Before data is stored in the bank’s database, sensitive information can be masked. In case of a data breach, information is then protected from the abuse of fraudsters.
On top of that, the software is able to automatically detect fraudulent documents by, for example, conducting an EXIF analysis.
Even though IDP solutions are already sophisticated software, no technology is 100% accurate. Often, the banking industry requires the highest possible accuracy rate, in which case we advise making use of human-in-the-loop automation. This enables a person to check extracted data for accuracy before it’s stored in the database.
Does this automated CDD approach sound helpful to you? Well, Klippa DocHorizon, KYC software, can perform all of the above and even more. Of course, we think that our solution is best for you, but the decision is up to you. Perhaps, we can convince you with the coming paragraphs.
Using Klippa for your CDD process
Klippa offers a number of services to improve your CDD process. We will ensure the process becomes faster, more secure and reliable.
Klippa DocHorizon
With Klippa DocHorizon, manual data extraction is history. We provide a fast and accurate solution that identifies the presented document, extracts information reliably, and masks sensitive data before it’s stored in your database.
That means, less time needs to be spent on the Customer Due Diligence process, money is saved and turnaround time fastened.
To prevent document fraud, we are able to perform EXIF analysis, handwriting analysis and Copy-Move Forgery Detection (i.e., detect if a part of a document has been moved to a different spot on the document). This enables you to be compliant with the rules and regulations of your industry.
But that’s not where it ends.
Identity verification
Our identity verification solution is equipped with liveness checks to ensure that the customer is physically present and not spoofing the system. On top of that, by reading out the MRZ of an ID document, our IDP solution is able to verify the age, address, and ID of a potential customer.
One of our latest improvements is the NFC ID verification, which makes the CDD process even more customer friendly and secure. Therefore, you don’t need to worry about your customer’s sensitive data ending up in the wrong hands.
At Klippa we value GDPR compliance, which means that during all verification processes no data is stored in our database.
Are you interested in seeing how our IDP solution can automate your CDD process? Plan a demo by using the demo form below, or contact one of our experts if you have further questions.