Perform CDD measures before entering into business relationships with customers to detect potential bad actors early in the process. Creating barriers to prevent financial criminals from accessing accounts on your system helps avoid questionable activities before they can even begin.
How? Ascertain the identity and location of the potential customer, and gain a good understanding of their business activities. This can be as simple as Ondato verification their name and address. However, with increases in online fraud, collecting more information or running additional identity checks might also be advisable. Some information sources that can help the identity process include:
- Date of birth
- Telephone number
- National ID number
- Identity documents
- Mobile network data
- Live video
- Third-party account verification
Business and other legal entity customers also require verification to ensure the legitimacy of the business and that the account holders have the proper authority to act on behalf of the business. The business verification process examines information like:
- Business registration number
- Company name
- Operational status
- Key management personnel
- Date of incorporation
Why? You have to first decide whether a client or customer fits your established risk profile, before entering into a business relationship with them. You can only do this by undertaking the appropriate CDD measures. This ensures that identity theft and any potential forgeries can be detected and dealt with early.
Step 2: Assess third-party information sources
Strengthen your processes when vetting third parties.
How? You may rely on third parties — from banks, to lawyers, to auditors — to help you perform due diligence, however it’s important to choose these third parties wisely because the ultimate responsibility for CDD measures remains with you, not the third party.
Why? Sometimes, the only way to get the information required for CDD is through a trusted third party, so it’s important to ensure that their standards and best practices are aligned with your business. At the end of the day, you are liable and will be fined or penalized for non-compliance.
Systematically thinking about your business relationships, the potential exposures they could incur, what steps you need to implement, and then how you can operationalize and review those procedures makes good business sense — and helps ensure proper compliance.