Enhanced Customer Due Diligence

By

 Enhanced Due Diligence (EDD) is an advanced risk assessment process that involves gathering and analyzing information about high-risk customers or business relationships to identify and mitigate potential financial crimes, such as money laundering and terrorist financing. It  is a set of additional measures that financial institutions have to implement to check and monitor high-risk customers and unusual transactions for potential money laundering activities.

FATF Recommendation 5 is a set of measures to help countries criminalize terrorist financing. It also provides guidance on how to meet the legal requirements of the International Convention for the Suppression of the Financing of Terrorism.


FATF Recommendation 5


Financial institutions should not keep anonymous accounts or accounts in obviously fictitious
names.
Financial institutions should undertake customer due diligence measures, including identifying
and verifying the identity of their customers, when:
  • Establishing business relations;
  • Carrying out occasional transactions: (i) above the applicable designated threshold; or (ii)
  • that are wire transfers in the circumstances covered by the Interpretative Note to Special
  • Recommendation VII;
  • There is a suspicion of money laundering or terrorist financing; or
  • The financial institution has doubts about the veracity or adequacy of previously obtained customer identification data.

The Customer Due Diligence (CDD)

The customer due diligence (CDD) measures to be taken are as follows:

a) Identifying the customer and verifying that customer’s identity using reliable, independent source documents, data or information.

b) Identifying the beneficial owner, and taking reasonable measures to verify the identity of the beneficial owner such that the financial institution is satisfied that it knows who the beneficial owner is. For legal persons and arrangements this should include financial institutions taking reasonable measures to understand the ownership and control structure of the customer.

c) Obtaining information on the purpose and intended nature of the business relationship.

d) Conducting ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of that relationship to ensure that the transactions being conducted are consistent with the institution’s knowledge of the customer, their business and risk profile, including, where necessary, the source of funds. 



Financial institutions should apply each of the CDD measures under (a) to (d) above, but may determine the extent of such measures on a risk sensitive basis depending on the type of customer, business relationship or transaction. The measures that are taken should be consistent with any guidelines issued by competent authorities. For higher risk categories, financial institutions should perform enhanced due diligence. In certain circumstances, where there are low risks, countries may decide that financial institutions can apply reduced or simplified measures.

All members of Financial Action Task Force (FATF)  must implement customer due diligence(CDD)  requirements as part of their domestic AML/CFT legislation – as stated in Recommendation 10 of the FATF’s 40  Recommendations. 


In addition, FATF’s Recommendation 19 states that EDD measures should be carried out on “business relationships and transactions with natural and legal persons, and financial institutions, from countries for which this is called for by the FATF.” Institutions should implement AML/KYC and all CDD measures  for new business relationships, occasional transactions if there is a suspicion of money laundering or terrorism financing, or unreliable documentation. Monitoring should be ongoing rather than a one-off obligation.



RBI, India on EDD


Master Direction - Know Your Customer (KYC) Direction, 2016 (Updated as on November 06, 2024)

 

14 e ) The ultimate responsibility for customer due diligence and undertaking enhanced due diligence measures, as applicable, will be with the RE.

37. The extent of monitoring shall be aligned with the risk category of the customer.

a.       A system of periodic review of risk categorisation of accounts, with such periodicity being at least once in six months, and the need for applying enhanced due diligence measures shall be put in place.

Part VI - Enhanced and Simplified Due Diligence Procedure

A. Enhanced Due Diligence

40. 118Enhanced Due Diligence (EDD) for non-face-to-face customer onboarding (other than customer onboarding in terms of paragraph 17): Non-face-to-face onboarding facilitates the REs to establish relationship with the customer without meeting the customer physically or through V-CIP. Such non-face-to-face modes for the purpose of this paragraph includes use of digital channels such as CKYCR, DigiLocker, equivalent e-document, etc., and non-digital modes such as obtaining copy of OVD certified by additional certifying authorities as allowed for NRIs and PIOs.

Following EDD measures shall be undertaken by REs for non-face-to-face customer onboarding (other than customer onboarding in terms of paragraph 17):

a) In case RE has introduced the process of V-CIP, the same shall be provided as the first option to the customer for remote onboarding. It is reiterated that processes complying with prescribed standards and procedures for V-CIP shall be treated on par with face-to-face CIP for the purpose of this Master Direction.

b) In order to prevent frauds, alternate mobile numbers shall not be linked post CDD with such accounts for transaction OTP, transaction updates, etc. Transactions shall be permitted only from the mobile number used for account opening. RE shall have a Board approved policy delineating a robust process of due diligence for dealing with requests for change of registered mobile number.

c) Apart from obtaining the current address proof, RE shall verify the current address through positive confirmation before allowing operations in the account. Positive confirmation may be carried out by means such as address verification letter, contact point verification, deliverables, etc.

d) RE shall obtain PAN from the customer and the PAN shall be verified from the verification facility of the issuing authority.

e) First transaction in such accounts shall be a credit from existing KYC-complied bank account of the customer.

f) Such customers shall be categorized as high-risk customers and accounts opened in non-face to face mode shall be subjected to enhanced monitoring until the identity of the customer is verified in face-to-face manner or through V-CIP.

41. 119Accounts of Politically Exposed Persons (PEPs)

A. REs shall have the option of establishing a relationship with PEPs (whether as customer or beneficial owner) provided that, apart from performing normal customer due diligence:

a.       REs have in place appropriate risk management systems to determine whether the customer or the beneficial owner is a PEP;

b.      Reasonable measures are taken by the REs for establishing the source of funds / wealth;

c.       the approval to open an account for a PEP shall be obtained from the senior management;

d.      all such accounts are subjected to enhanced monitoring on an on-going basis;

e.       in the event of an existing customer or the beneficial owner of an existing account subsequently becoming a PEP, senior management’s approval is obtained to continue the business relationship;

B. These instructions shall also be applicable to family members or close associates of PEPs.

120Explanation: For the purpose of this paragraph, “Politically Exposed Persons” (PEPs) are individuals who are or have been entrusted with prominent public functions by a foreign country, including the Heads of States/Governments, senior politicians, senior government or judicial or military officers, senior executives of state-owned corporations and important political party officials.

54. Jurisdictions that do not or insufficiently apply the FATF Recommendations

(a) 135FATF Statements circulated by Reserve Bank of India from time to time, and publicly available information, for identifying countries, which do not or insufficiently apply the FATF Recommendations, shall be considered. REs shall apply enhanced due diligence measures, which are effective and proportionate to the risks, to business relationships and transactions with natural and legal persons (including financial institutions) from countries for which this is called for by the FATF.

56. 139CDD Procedure and sharing KYC information with Central KYC Records Registry (CKYCR)

(j) 141For the purpose of establishing an account-based relationship, updation/ periodic updation or for verification of identity of a customer, the RE shall seek the KYC Identifier from the customer or retrieve the KYC Identifier, if available, from the CKYCR and proceed to obtain KYC records online by using such KYC Identifier and shall not require a customer to submit the same KYC records or information or any other additional identification documents or details, unless–

        i.            there is a change in the information of the customer as existing in the records of CKYCR; or

     ii.            the KYC record or information retrieved is incomplete or is not as per the current applicable KYC norms; or

    iii.            142the validity period of downloaded documents has lapsed; or

  iv.            the RE considers it necessary in order to verify the identity or address (including current address) of the customer, or to perform enhanced due diligence or to build an appropriate risk profile of the customer.

General

When conducting Enhanced Due Diligence for high-risk customers, certain requirements need to be fulfilled to ensure a thorough assessment. These requirements may include:
  • Obtaining additional identification documents and verifying their authenticity.
  • Performing in-depth background checks on the individuals associated with the customer or entity.
  • Reviewing the source of funds and conducting transaction monitoring for suspicious activities.
  • Assessing the customer's reputation and industry standing through media searches, regulatory databases, and other reliable sources of information.
  • Engaging in ongoing monitoring and periodic reviews to stay updated on any changes or potential risks.
Enhanced Due Diligence (EDD) is a critical process in the financial industry, especially when dealing with high-risk customers who may pose a greater threat of money laundering, fraud, or other illicit activities. By going beyond standard customer due diligence procedures, EDD helps financial institutions better understand the nature of their customers' transactions and assess the associated risks more effectively.


Conclusion

Board approved policy is at the centre of decision making on CDD. The CDD   is undertaken on five dimensions : Customer, Transactions, Country, Products and Channels of Delivery. 

The Risk Based Approach (RBA) needs CDD extent of examination base on the risk posed by the customer to the RE considering the other four dimensions and a customer profile is created initially before starting an account based relationship or a one time transaction as the case may be. CDD may be Simple, Standard or Enhanced, depending on risk perceived by the bank about the prospective/existing customer. 

The profile is reviewed periodically and the risk score is updated. Records are maintained for 5 years from closure of relationship with regard to CDD and risk assessment.



Happy reading,


Those who read this, also read:


1. Risk Based Approach(RBA) in Customer Due Diligence(CDD)-FATF

2. Customer Due Diligence

3. The IBA WGR 2010 - Indicative List of High/Medium Risk Customers, Products and Jurisdictions

4. Customer Research in AML/CFT

Formerly Faculty for Finance & Associate Dean, IBS-Kochi MBA (Banking & Finance – CUSAT);CFA. Accredited Management Teacher from CME of AIMA, Delhi has been in Management Education from 1988. Exposure is in the field of Mutual Funds, Market Research, Project Report preparation & evaluation, Advertising & NGO Activities. This Chief Manager, UTI Asset Management Co Pvt. Ltd(1992-2003), Mumbai. Undergone training in Case Study method of teaching under Mr. Trevor Williams and Mr. Scott M Andrews conducted by the ECCH, UK . Published Books & Book Review, Series of academic articles and maintains a column on MFs under "Fund scan" in Business Manorama since January 2007,Contributes "Portfolio Doctor" column for 'Sampadyam' a wealth mgt publication in Malayalam from manorama group since February 2007, Listed her case studies at asiacase.com.Presented papers in national & international conferences on Mutual Funds. Faculty Member @ ASIET, Kalady from 2010 to June 2019. Dean @ SNGIST, N Paravur, Ernakulam from Sep 2019 -Jan 2021, I continue my efforts to spread the knowledge in area of Finance and contribute to Management Education

Comments

Post a Comment

Popular posts from this blog

National Risk Assessment (NRA): India

By
  India's National Risk Assessment (NRA) is  an ongoing exercise to identify sectors that are vulnerable to money laundering and terrorist financing (ML/TF) .  The NRA is based on recommendations from the Financial Action Task Force (FATF) and helps inform policy-making, resource allocation, and the implementation of effective AML/CFT measures. The NRA also ensures that national strategies address both domestic and international threats. The NRA provides a foundation for informed policy-making, resource allocation, and the implementation of effective AML/CFT measures . It ensures that national strategies are aligned with the specific risk landscape of the country and that they address both domestic and international threats. The subject matter of NRA  was discussed in the Anti-Money Laundering Steering Committee (AMLSC) set up with the approval of Finance Minister, and it was decided to conduct the NRA following the World Bank methodology. The Methodology requi...
Read more

Customer Due Diligence(CDD) : Individuals

By
Image
This post is based on RBI Master Circular dated Feb 25, 2016 updated on Jan 04, 2024  Part I - Customer Due Diligence (CDD) Procedure in case of Individuals For undertaking CDD, REs shall obtain the following from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity: (a)     the Aadhaar number where,   (i) He is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18 of 2016); or (ii) He decides to submit his Aadhaar number voluntarily to a bank or any RE notified under first proviso to sub-section (1) of section 11A of the PML Act; or (aa) the proof of possession of Aadhaar number where offline verification can be carried out; or (ab) the proof of possession of Aa...
Read more

Periodic Updation of Customer Risk Profile

By
1. Preparation of Customer Profile from KYC Data In the initial years of KYC, RBI has been following a handholding approach as can be seen from their circular dated July 2009 and that of Feb 25, 2016 as updated on Jan 04, 2024. RBI requires REs to conduct risk profiling and risk categorization and periodic updation.  Extracts from RBI MD dated July 01, 2009 under Customer Acceptance Policy a)ii) Parameters of risk perception are clearly defined in terms of the nature of business activity , location of customer  and his clients, mode of payments, volume of turnover, social and financial status etc. to enable categorisation of customers into low, medium and high risk (banks may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher; b). Banks should prepare a profile for each new customer based on risk categorisatio...
Read more