AML/CFTR 4.2.1 What is customer due diligence?

(1) Customer due diligence (or CDD), in relation to a customer of a firm, is all of the following measures:
(a) identifying the customer;
(b) verifying the customer's identity using reliable, independent source documents, data or information;
(c) establishing whether the customer is acting on behalf of another person (in particular whether the customer is acting as a trustee);
(d) obtaining information about the sources of the customer's wealth and funds;
(e) obtaining information about the purpose and intended nature of the business relationship.
Note For paragraphs (d) and (e), see generally Part 4.6 (Customer identification documentation). For the extent and detail of the information to be obtained, see rule 4.6.3 (Risks associated with the economic activity — general), rule 4.6.4 (2) (Risks associated with the economic activity — source of wealth and funds) and rule 4.6.5 (2) (Risks associated with the economic activity — purpose and intended nature of business relationship).
(2) If the customer is acting on behalf of another person (A), CDD also includes:
(a) verifying that the customer is authorised to act on behalf of A;
(b) identifying A; and
(c) verifying A's identity using reliable, independent source documents, data or information.
(3) If the customer is a legal person or legal arrangement, CDD also includes:
(a) verifying that any person (B) purporting to act on behalf of the customer is authorised to act on behalf of the customer;
(b) identifying B;
(c) verifying B's identity using reliable, independent source documents, data or information;
(d) verifying the legal status of the customer;
(e) taking reasonable measures, on a risk-sensitive basis:
(i) to understand the customer's ownership and control structure; and
(ii) to establish the individuals who ultimately own or control the customer, including the individuals who exercise ultimate effective control over the customer; and
(f) establishing whether B is a beneficial owner.
(4) If the customer is a legal person or legal arrangement, and a person purporting to act on behalf of the customer is not a beneficial owner of the customer, CDD also includes:
(a) identifying the beneficial owner; and
(b) verifying the beneficial owner's identity using reliable, independent source documents, data or information.
(5) For subrule (3) (e) (ii), examples of the measures required include:
(a) if the customer is a company — identifying the individuals with a controlling interest and the individuals who comprise the mind and management of the customer; and

Note See rule 4.6.8 (Customer identification documentation — corporations).
(b) if the customer is a legal arrangement — identifying the parties to the arrangement, including the person exercising effective control over the arrangement.

Note See rule 4.3.9 (Extent of CDD — legal persons and arrangements) and rule 4.6.11 (Customer identification documentation — legal arrangements).
Derived by QFCRA RM/2019-8 (as from 1st February 2020)