The simplified due diligence measures. If an organization concludes that, based on its risk assessment, the commercial connection or transaction provides a minimal risk of money laundering/terrorist funding, it may use simplified due diligence (or SDD). It is crucial to emphasize, however, that SDD measures do not imply any due diligence. The organization will need to keep a database of client information for operational needs. The SDD measures allowed have been challenged in certain Mutual Evaluations, notably those related to EU member states.
Simplified Due Diligence Measures
Customers must be subject to the entire range of CDD measures, including the necessity to identify the beneficial owner, as a general rule. However, there are situations when the danger of money laundering or terrorist funding is reduced, such as when information about a customer’s name and beneficial owner is publicly known or when proper checks and controls are in place elsewhere in national systems. In such cases, it may be fair for a government to allow its financial institutions to use simpler or reduced CDD methods for identifying and confirming the customer’s and beneficial owner’s identities.
Examples of customers where simplified or reduced CDD measures could apply are:
- a financial institution regulated/ supervised by the Central Bank;
- a Non-Bank Finance Company (NBFC) regulated/ supervised by Securities and Exchange Commission SEC;
- a government entity, public administrations or enterprises; and
- an entity listed on any stock exchange;
- financial institutions, where they are subject to requirements to combat money laundering and terrorist financing consistent with the FATF Recommendations and are supervised for compliance with those controls;
- public companies that are subject to regulatory disclosure requirements.
- government administrations or enterprises.
Generally, the SDD is conducted when risk is negligible or low for a customer, and financial crime risk such as money laundering is also negligible. The only identification is performed in this type of due diligence, and verification is not required. Consequently, the Interpretive Notes to Recommendation 10 of the FATF Recommendations clarify the requirements in the following terms.
The simplified measures should be commensurate with the lower risk factors (for example, the simplified measures could relate only to customer acceptance measures or to aspects of ongoing monitoring). Examples of possible measures are:
- Verifying the identity of the customer and the beneficial owner after the establishment of the business relationship (for example, if account transactions rise above a defined monetary threshold);
- Reducing the frequency of customer identification updates;
- Reducing the degree of ongoing monitoring and scrutinizing transactions based on a reasonable monetary threshold;
- Not collecting specific information or carrying out specific measures to understand the purpose and intended nature of the business relationship, but inferring the purpose and nature from the type of transaction or business relationship established.
Simplified due diligence is the initial level of due diligence performed on a customer (individual or legal entity). Generally, there is less risk associated with this type of customer. This type of due diligence is also performed when the product offered by an organization does not pertain to any significant risk.
For example, only SDD is required if an organization is dealing with any reputed company with proper governance, a public figure, or a listed or regulated entity. Companies such as Amazon and Nike are globally recognized, and these are reserved as low-risk customers. Hence, an organization can rely on the brand value of its customer as well.
Having a lower money laundering and terrorist financing risk for identification and verification purposes does not automatically mean that the same customer is at lower risk for all types of CDD measures, in particular for ongoing monitoring of transactions.
Simplified or reduced CDD measures could also apply to the beneficial owners of pooled accounts held by designated non-financial businesses or professions, provided that those businesses or professions are subject to requirements to combat money laundering and terrorist financing consistent with the FATF Recommendations and are subject to effective systems for monitoring and ensuring their compliance with those requirements.
Simplified CDD measures can be applied in cases where there is a demonstrated low money laundering and terrorist financing risk, but this should in no case amount to an exemption from, or absence of, CDD. Financial institutions may apply simplified CDD measures on an assessment of money laundering and terrorist financing risks and other risk factors, for example, types of customer or country. Different levels of control will be designed and implemented according to the different categories of risks identified.
Simplified due diligence is a term used in the 2007 Regulations to mean that a business is not required to apply the standard customer due diligence measures outlined in Regulation 7 if it has reasonable grounds to believe that a client falls into the relevant categories.
Businesses that are permitted to use the simplified due diligence exemptions but believe there is a higher risk of money laundering in a specific case should use their standard or enhanced due diligence processes.