What Customer Due Diligence means, the four pillars of the FinCEN CDD Rule, and how CDD applies to business verification.
Customer Due Diligence (CDD) is the standard process of gathering and verifying information about customers to assess and manage anti-money laundering (AML) risk. For business customers, CDD drives KYB requirements.
CDD sits between Simplified Due Diligence (SDD) for low-risk relationships and Enhanced Due Diligence (EDD) for high-risk cases—implementing the risk-based approach mandated by FATF.
The 2016 FinCEN rule requires covered institutions to:
1. Customer Identification: Identify and verify customer identity
2. Beneficial Ownership: Identify and verify UBOs of legal entity customers
3. Understanding the Relationship: Understand the nature and purpose of the relationship
4. Ongoing Monitoring: Conduct ongoing monitoring and update customer information
The beneficial ownership requirement was groundbreaking—before the CDD Rule, there was no explicit federal mandate to identify the individuals behind business customers.
When the customer is a business, CDD encompasses:
Customer Identification Program (CIP) establishes the baseline: verify that customers are who they claim to be. CDD builds on this with deeper understanding of customers and their risk profiles.
See Customer Due Diligence for a complete framework.