What Is Simplified Due Diligence

Simplified Due Diligence (SDD) is the basic level of Customer Due Diligence (CDD) streamlined to assess and manage risks associated with low-risk customer profiles. It includes conducting basic checks and verification to ensure Anti-Money Laundering and Counter Financing of Terrorism Financing (AML/CFT) compliance. This article discusses the meaning and methodology of conducting CDD, the role of Know Your Customer (KYC) while conducting SDD, the timing, benefits, risks associated with, and best practices of implementing SDD measures in a Regulated Entity.

Customer Due Diligence (CDD)

CDD is the process Regulated Entities carry out to collect and verify customer information to prevent Money Laundering, Terrorism Financing, and Proliferation Financing (ML/TF and PF) activities. It is mandatory to conduct CDD under regulatory requirements in all AML-compliant jurisdictions across the globe.

Purpose of CDD

The purpose of conducting CDD is to assess potential risks associated with a customer, including the following:

• Verify and confirm customer identity and maintain their KYC records.
• Evaluate risks associated with every customer on basis of factors like nature of business, transaction patterns, and geographic factors.
• Continuously monitor customer transactions and their profiles to spot suspicious activity that may indicate a potential ML/TF and PF threat

KYC

KYC is a crucial step of the CDD process. It helps to confirm the legitimacy and authenticity of the information provided by the customers. This helps Regulated Entities to prevent identity theft and fraud. It involves comparing information provided by the customers with information available from external databases as part of background check. KYC enables Regulated Entities to decide whether to onboard a customer or not.

Risk Assessment

Once a customer’s identity is verified, Regulated Entities can proceed with risk assessment. Risk assessment involves evaluating risk level associated with a customer.

A customer is assessed on the basis of numerous factors like nature of business, place of business, the ownership structure of his business, sources of funds, whether he is a Politically Exposed Person (PEP), whether their name appears in any of the sanctions lists, etc. This assessment helps to categorise customers into different risk levels (low, medium, high). On the basis of that, further due diligence measures are applied (Standard Due Diligence or Enhanced Due Diligence).

Ongoing Monitoring

Ongoing monitoring involves keeping customer profiles up to date and observing customers’ transactions. This includes assessing both historical and current transactions and analysing their behaviour in terms of withdrawals, deposits, or transfers.

Ongoing monitoring can help promptly detect suspicious activities that may be indicative of ML/TF and PF activities. Prompt detection can help flag suspicious transactions for further investigation. Timely detection and reporting can save businesses from the harmful effects of ML/TF and PF.

Role of KYC in Simplified Due Diligence

KYC is a crucial component of the CDD procedure. KYC involves gathering customer information, including personal details, contact details, residential status, and details as to the nature and purpose of business relationship.

KYC for SDD involves collecting data on customers (legal entities and natural persons, including beneficial owners of legal entities) with less strict requirements, as the customers covered under SDD are categorised as low-risk.

In SDD, KYC involves less scrutiny, allowing businesses to streamline the AML compliance process while still fulfilling the regulatory requirements.

What is Simplified Due Diligence?

SDD is a risk-based approach to CDD. It allows businesses to meet regulatory requirements while applying less stringent actions for low-risk customers. SDD is what that name suggests: simplified and streamlined.

In terms of intensity of investigation, SDD precedes Standard Due Diligence and Enhanced Due Diligence processes. However, under SDD, businesses still need to perform the following actions as recommended by the Financial Action Task Force (FATF):

• Customer identification and verification
• Identification and verification of Ultimate Beneficial Owners (UBOs) of legal entity customer
• Periodic KYC refresh, ongoing monitoring, and transaction monitoring

Regulatory Framework for Simplified Due Diligence

The regulatory framework governing the SDD process may differ slightly from one jurisdiction to another. The FATF, a global AML watchdog though not a regulatory body, gives out recommendations for AML compliance. Out of 40 Recommendations issued by the FATF, Recommendation 10 emphasises CDD, which also includes SDD.

• As existing and public data are used for SDD, it is important for businesses to ensure that the data source is dependable.
• It is mandatory to identify UBO and understand ownership structure.
• No customer should be onboarded before conducting adequate due diligence.
• Running checks for Relatives and Close Associates (RCA), Source of Funds (SOF), and Source of Wealth (SOW) are not applicable to SDD matters.
• Implementing ongoing monitoring is mandatory to detect any changes in customer behaviour or risk profile.

Also, the identification of lower-risk situations should be consistent with the National Risk Assessment conducted by respective jurisdictions.

When Can You Perform Simplified Due Diligence?

As per Recommendation 10 of the FATF 40 recommendations, SDD should be undertaken when:

• The customer poses low ML/TF and PF risks
• When the customer itself is a Financial Institution or a Designated Non-Financial Business or profession (DNFBP) subject to AML compliance
• When a customer is a listed public company; listing means listed on a stock exchange and subject to regulatory compliance and disclosure requirements
• When a customer is a government or public company or an administrative body
• When the customer intends to transact for a life insurance product where the premium is low (annual premium of less than USD/EUR 1,000 or a single premium of less than USD/EUR 2,500)
• Employee pension or superannuation scheme and assignment not permissible under laws
• Financial instruments designed for financial inclusion of weaker sections
• Countries identified by reliable sources such as mutual evaluation reports are the ones with strong AML/CFT systems.
• Countries identified as low on the corruption and crime index by reliable bodies

Benefits of Simplified Due Diligence

SDD offers significant benefits like cost effectiveness, time-saving, and customer satisfaction. It also offers the following benefits:

• Easy Customer Onboarding– Simplified due diligence does not involve a detailed investigation of customer information. Therefore, the process becomes straightforward, leading to easy and smooth onboarding and increased operational efficiency.
• Reduced AML Compliance Burden– Under simplified due diligence process, there is no requirement of extensive documentation and screenings for every customer or transaction. Only essential and basic information is collected. As the risk level associated is low, there are less stringent compliance requirements.
• Adoption of Risk-Based Approach (RBA)– SDD is a component of RBA. As lower risk customers are subject to less stringent regulations, the resources can optimally be allocated to high-risk customers, transactions, or areas. Moreover, low-risk customers are continuously monitored and reviewed, as risk level could change over time, or a customer might exploit simplified controls.

Risks Associated with Simplified Due Diligence

While simplified due diligence offers benefits like increased operational efficiency and reduced compliance burdens, it also poses certain risks:

• Misuse– SDD could be misused if it is applied without appropriate risk assessment. A customer might be categorised as low-risk without proper scrutiny, which increases the chances of ML/TF and PF. Moreover, there is a chance that a low-risk customer will misuse simplified controls.
• Compliance Lapses Around Transaction Monitoring– Even low-risk customers can evolve and engage in illegal financial activities, leading to increased risk over a period of time. Without effective transaction monitoring, regulated entities could fail in detecting and reporting suspicious activities. This is a compliance lapse.
• Regulatory Fines and Penalties — If Regulated Entities fail to conduct sufficient due diligence, incorrectly categorise customers, or do not appropriately monitor transactions, they could face regulatory fines and penalties.

Best Practices for Implementing Simplified Due Diligence

Best practices for implementing SDD are those in alignment with the AML compliance process. This includes:

1. AML/CFT Policies and Procedures:

• AML/CFT policies and procedures should be designed in a manner that clearly outlines the SDD measures and aims to improve operational efficiency
• Developing SDD framework that aligns regulatory requirements
• Regularly reviewing and updating AML/CFT policies to incorporate changes that can mitigate emerging risks and adapt to evolving regulations

2. Strong Controls:

• As SDD involves basic screening of customer information, it is important to implement strong controls to correctly categorise a customer as high-risk, medium-risk, or low-risk.
• When SDD does not seem adequate, it should be escalated to the AML Compliance Officer or Money Laundering Reporting Officer (MLRO) for investigations under the appropriate ML/TF and PF risk category.
• Conduct post-implementation tests and reviews to assess the effectiveness of SDD measures, as ML/TF and PF risks tend to evolve over time.

3. Employee Training:

• Providing training to employees regarding various due diligence processes, explaining the importance of risk-based SDD
• Keeping employees updated on evolving regulatory requirements, emerging risks, and industry trends
• Encouraging the culture of compliance and accountability during employee training so that employees understand their obligation to combat financial crimes

4. AML Software:

• Investing in good AML software will reduce the manual burden of carrying out an SDD process. A good AML software will perform long, manual processes by automating repetitive manual tasks such as risk scoring, customer profiling, and transaction monitoring.
• Regularly assessing the efficiency of AML software to ensure alignment with regulatory requirements and business needs.

5. Collaboration with Regulatory Authorities:

• Collaborating with regulatory authorities to demonstrate commitment to compliance and transparency
• It also allows businesses to stay informed about regulatory changes and industry trends and helps enhance SDD processes

The Role of AML Software in Performing Simplified Due Diligence

It is obvious that SDD is simple and less time-consuming. However, it can be burdensome to manually collect documents, verify identity, do PEP and sanctions screening, check adverse media resources, or gather data from public databases. Automating the SDD process can make it standardised, fast, and hassle-free.

AML software can bring down the error rate, as it has a consistent way of working. It can extract all information from various databases, build a report for each customer or transaction, reduce processing time, to name a few.

1. Data Processing and Data Extraction:

• AML software uses intelligent data processing to extract customer information from various documents, such as national IDs, passports, bills, etc.
• AML software uses algorithms to extract data from various sources and provides real-time insights into customer behaviour and transaction patterns.

2. Streamlined Operations:

• Through AML software, repetitive tasks like data entry, verification, and monitoring are streamlined.
• It helps reduce operational costs and accelerate the customer onboarding process for low-risk customers.

3. KYC Automation:

• AML software integrates KYC operations to automate CDD process, which can be configured for SDD compliance.
• It enables quick and accurate verification and assessment of customer risk profiles, allows seamless scanning, ensures authenticity, and eliminates errors.

4. Enhanced Decision Making:

• AML software applies Artificial Intelligence (AI) and Machine Learning (ML) algorithms to analyse large amounts of data and detect red flags and suspicious behaviour.
• This enables businesses to flag high-risk customers or transactions for further investigation and reporting.
• This also helps in devising parameters to identify low-risk customers that shall be subject to SDD and less frequent scrutiny.

5. Risk-Based Approach:

• AML software follows RBA to SDD and accordingly adjusts the level of due diligence based on potential ML/TF and PF risks associated.
• It categorises the level of ML/TF and PF risks into low, medium, and high, facilitating businesses to allocate their resources in an optimum manner.

AML software offers innovative solutions by enhancing the efficiency and accuracy of SDD compliance procedures.

Conclusion

SDD is a practical approach to the CDD process, helping businesses to navigate regulatory requirements while efficiently managing risks associated with low ML/TF and PF risk customers and transactions.

Amidst increasing financial crimes and intensified scrutiny, SDD emphasises on simple and risk-based assessments while meeting the regulatory requirements. When due diligence is leveraged through innovative technology, it empowers businesses to meet AML compliance requirements with confidence and agility.

As the global financial system becomes more sophisticated, SDD justifies ones carrying low-risk and enables businesses to strike a balance between compliance and operational efficiency.