Want to know the difference between CDD & EDD? Customer due diligence & enhanced due diligence are tiers of know your customer (KYC). Click here to know more about EDD vs CDD!
Mahatma Gandhi said, “The customer is the most important visitor on our premises. He is not dependent on us”. This is still so relevant and true in the modern context. What this also means in the modern world, as we re-verify the customer’s identity post KYC, is how equally important the overall customer experience remains. Remember “he is not dependent on us”. If he finds that the identity re-verification on another FinTech or Crypto app is smoother, he will prefer that. Also CDD (customer due diligence) or EDD (extended due diligence) unlike KYC is an ongoing continuous process of re-verification of the identity. One way to make the identity verification process seamless and smooth is to offer two distinct ways CDD (customer due diligence) vs EDD (extended due diligence) to accommodate customers. Let us now look at the difference between CDD and EDD.
Conduct only CDD and not EDD in cases where you want the induction process to go faster. If you detect the risk of fraud, use EDD for the customer. Now that we know that EDD is an additional security measure, let us look at the differences between the two. In CDD, the customer’s identity is verified against government-verified data. Provided documents are scanned with OCR and face recognition checks are run on customer images or selfies. In a simplified version of CDD, even these biometric checks may not be run.
Stepping up from CDD, EDD provides a more secure onboarding for the customer but sacrifices a bit on the experience. EDD involves further checks such as those for AML (anti-money laundering), and also whether the customer belongs to a sanctioned or a country at a high-risk for fraud.
Michael Volkov in a guest blog outlines the following factors to consider when conducting EDD for a business:
EDD is called for in high-risk scenarios. A customer is considered to be at high risk depending on profession and political exposure. These checks also depend on the regulations in place in the country and for the industry that the organization belongs to.
For instance, anti-money laundering laws in certain countries mark any country belonging to a list of high-risk third countries as one needing EDD. Another instance of EDD being effective is in a country which has been sanctioned recently. All Fintech companies must be careful when dealing with organizations belonging to these countries.
There is another possibility when it comes to EDD regulations. Sometimes they may “vary on a case to case basis” as suggested by FinCEN in the US. There may be a spectrum of risks and due diligence measures will vary.
In order to implement EDD for a specific customer or business, an organization will undertake a process of risk scoring. In this process, several risk factors are looked at and a score is assigned to each and a cumulative score is arrived at. These risk factors could be based on customer or geography.
Some of the customer-focused risk factors are political exposure and how cash intensive the business is. Some geography-focused risk factors are
Once the risk factors have been identified, then begins the actual process of EDD:
Both global and local regulation makes CDD and EDD a necessity. Apart from reducing the possibility of activities such as money laundering and terrorism, CDD and EDD also ensure that FinTech organizations are protected against possible losses or liabilities. CDD and EDD also helps protect the customer as well, as his/her reputation with the particular company remains unaffected.
FinTech companies run the risk of loan frauds, cyber crime, and money laundering among other threats. The CDD and EDD processes serve as an armor against these possibilities.
Everybody wants a customer with a high net worth. But such customers come with a high risk because of the number of high-value transactions they have to execute. To verify the legitimacy of such a business, you will need EDD and not CDD. But do not overuse EDD as this may stress the customer and cause them to look for a better solution. Always look at the use case before deciding which is better - CDD or EDD.
Looking for a video KYC service that accommodates your CDD and EDD policies. HyperVerge, an RBI and GDPR-compliant and ISO-certified identity verification solutions provider is the answer. With advanced NIST-ranked and iBeta for liveness certified face recognition solutions and equally capable AI-driven OCR solutions, HyperVerge must be your go-to partner for onboarding customers at scale.
What is the difference between KYC and CDD?
KYC is the initial step of getting to know your customer, that of creating a profile for a customer on your platform after identification and verification. CDD is the process of reverification of such information over a period of time, repeated in some cases.
What is the difference between KYC and AML?
AML is a framework that helps track and disrupt any money laundering activities. It can be built into KYC. KYC is a set of routines for identifying and getting to know your customer better during the process of onboarding on any business platform.
What are the CDD requirements according to FinCEN?
There are four key requirements for CDD. Written policies and procedures must be maintained that:
Should CDD be updated on a specific schedule?
No, there is no specific schedule to update the CDD or EDD information of a customer or business but any suspicious activity must be reported and customer risk profiles must be maintained.
Which is the latest EU directive against money laundering?
The Fifth AML Directive (EU) 2018/843 of the European parliament is the latest amendment that prevents the use of financial system for terrorist financing and money laundering activities.
