Industry

What is simplified due diligence (SDD)?

Simplified due diligence is a low-friction identity verification process applied to customers who have a low risk of money laundering. Learn more.

Wave icon showing network waves
Last updated:
5/31/2024
Read time:
Share this post
Copied
Table of contents
⚡ Key takeaways
  • Simplified due diligence is only meant to be used when there is a low risk of money laundering, tax evasion, criminal or terrorist financing, and other financial crimes. 
  • Customer due diligence can be best thought of as existing on a sliding scale. How much risk an individual or transaction presents will determine which level of due diligence they must pass.

For financial institutions, customer due diligence (CDD) is an important part of establishing a Know Your Customer (KYC) program. It’s through the due diligence process that you assess the risk of each customer looking to open an account or leverage your services. Without this assessment, it’s possible for bad actors to slip through and conduct illegal activities — from money laundering to tax evasion, the financing of terrorism, and other forms of fraud.

But there are some situations where the full CDD process may not be required. In such cases, businesses can leverage a simplified form of due diligence (SDD) that accounts for a lower level of customer risk.

Below, we define simplified due diligence, compare it against both CDD and EDD (enhanced due diligence), and offer sample scenarios for when it can be leveraged. We also outline the key requirements involved in the SDD process so you will be better informed as you look to establish or adjust your own due diligence practices. 

What is simplified due diligence (SDD)?

Simplified due diligence (SDD) is exactly what it sounds like: A simplified, more streamlined form of due diligence that financial institutions, law firms, and other industries can leverage when the risk of money laundering, terrorist financing, and other financial crimes is deemed to be low. Because of this, simplified due diligence can often be accomplished with fewer checks, leading to a quicker CDD process compared to the standard playbook. 

To better understand how simplified due diligence works, it can be helpful to consider it alongside standard due diligence and enhanced due diligence.

SDD vs CDD vs EDD

Customer due diligence can be best thought of as existing on a sliding scale. How much risk an individual or transaction presents will determine which level of due diligence they must pass. Those deemed to carry less risk may be subject to simplified due diligence; those deemed to carry average risk will be subject to standard due diligence; and those deemed to carry more risk will be subject to enhanced due diligence.

Customer due diligence

Let’s start with customer due diligence. This is the standard level of due diligence that financial institutions are required to complete. When a customer or transaction carries an average level of risk, they will be subject to this baseline level of due diligence.

In order to comply with CDD requirements, financial institutions must:

  • Verify the identity of all customers
  • Identify and verify all ultimate beneficial owners (when doing business with companies)
  • Develop customer risk profiles for all customers 
  • Continuously monitor customer activity and transactions
  • Report suspicious activity if it is detected

Each financial institution is free to determine how they will complete these verifications. That said, it will often include some combination of government-ID verification, document verification, database verification, and additional screenings

Free white paper
See how experts evaluate due diligence solutions

Simplified due diligence

Simplified due diligence still has all of the same basic requirements of standard customer due diligence. But because the individual or transaction has been deemed less risky, the threshold for meeting these requirements is lower. 

When low risk is detected, financial institutions have the flexibility to adjust:

  • When CDD takes place 
  • The quantity and types of information collected for identification and verification
  • The quality or source of information collected for identification and verification
  • The frequency of CDD updates
  • The frequency and intensity of transaction monitoring
  • and more

Note: While institutions are free to establish their own protocols for SDD, it’s important to ensure these decreased measures meet CDD because if you don't, it can result in regulatory enforcement.

Enhanced due diligence

Enhanced due diligence, on the other hand, refers to a more stringent form of CDD that must be carried out when a customer or transaction is deemed to carry a higher-than-standard level of risk — for example, due to political exposure or being located in a high-risk country.

Enhanced due diligence can look different across businesses, even those in the same industry. Often, EDD will include the collection of a larger set of data for verification and may leverage additional verification methods and types of screenings, such as an adverse media report, address lookup, and/or phone and email risk reports.

When is simplified due diligence used?

Simplified due diligence is only meant to be used when there is a low risk of money laundering, tax evasion, criminal or terrorist financing, and other financial crimes. Scenarios can include, but are not limited to, when:

  • The customer is a government entity
  • The customer is a publicly-known company
  • The customer is known to be regulated by an authoritative body (e.g., the SEC)
  • The transaction amount is low
  • The product or service being applied for or used carries low risk of money laundering
  • The products or services the customer sells carry a low risk of money laundering

Importantly, CDD requirements can vary from jurisdiction to jurisdiction. These requirements may outline specific instances where simplified due diligence is and is not allowed. With this in mind, it’s critical to understand the laws and regulations governing due diligence in all jurisdictions in which your business operates. 

How to implement simplified due diligence

In order to implement simplified due diligence for your business, you’ll need a flexible identity verification solution that allows you to tailor and automate the CDD process based on how much risk is present during the initial assessment. Without this ability, most businesses would find it difficult to offer SDD at scale.

Here at Persona, we’ve answered this need by building progressive risk segmentation into our suite of identity tools. With progressive risk segmentation, you have the power to collect and analyze risk signals in real time to determine whether a customer should experience a simplified, standard, or enhanced due diligence flow.

What exactly each of those processes look like is entirely up to you. You have complete freedom to choose what information you’ll collect, how different risk signals are weighted, and which verification methods you’ll leverage.

Interested in learning more? Start for free or get a demo today.

Published on:
5/31/2023

Frequently asked questions

What are the benefits of simplified due diligence?

The primary benefit of simplified due diligence is that it can lead to a higher rate of conversion. With less friction during the onboarding process, users only have to provide what’s necessary and can speed through.

Additionally, it’s important to note that some verification methods are more costly than others. If simplified due diligence results in these costlier forms of verification being used less often, it can lead to cost savings for the business.

What are the requirements for simplified due diligence?

If a business chooses to pursue simplified due diligence for a given customer or transaction, it must still meet the basic CDD requirements. These include:

  • Verifying the identity of all customers
  • Verifying the identity of all beneficial owners (when doing business with companies)
  • Developing customer risk profiles based on the nature and understanding of customer relationships
  • Continuously monitoring customer activity and transactions

What is a CDD checklist?

A CDD checklist is a document that outlines the steps a company must complete in order to fulfill its due diligence requirements. It typically includes a list of all the information that must be collected from a customer, as well as the types of verifications a customer may be subject to. Because businesses may have different requirements based on the level of risk identified in an initial scan, CDD checklists are often broken into three sections: One for simplified due diligence, one for standard customer due diligence, and one for enhanced due diligence.

What’s the difference between KYC and CDD?

Customer due diligence is one small piece of KYC. In order to fully comply with KYC requirements, businesses must implement a customer identification program (CIP) and ongoing monitoring — in addition to CDD measures and continuous monitoring.

Continue reading

Continue reading

Minimizing referral fraud while growing your online marketplace
Minimizing referral fraud while growing your online marketplace
Industry

Minimizing referral fraud while growing your online marketplace

Learn about common referral fraud schemes and how they can impact your marketplace. Discover strategies for protecting your buyers, sellers, and business.

From fraud to fairness: Leveraging KYC and age verification for online gaming
From fraud to fairness: Leveraging KYC and age verification for online gaming
Industry

From fraud to fairness: Leveraging KYC and age verification for online gaming

KYC can help keep online gamers of all ages safe and reduce fraud. Learn how KYC and age verification can benefit your gaming platform.

How to fight ID fraud in a world of generative AI
How to fight ID fraud in a world of generative AI
Industry

How to fight ID fraud in a world of generative AI

Learn how generative AI is changing the game when it comes to fake IDs and what you should be mindful of when enhancing your fraud strategy.

Know Your Customer (KYC) vs. Customer Due Diligence (CDD): What's the difference?
Industry

Know Your Customer (KYC) vs. Customer Due Diligence (CDD): What's the difference?

Learn what KYC and CDD are, why they're important, how they differ, and more.

Perpetual KYC: The future of customer due diligence
Industry

Perpetual KYC: The future of customer due diligence

Perpetual KYC (pKYC) is one of the best ways to protect customers. Learn what it is, what it looks like, and why it's important.

What is Know Your Customer (KYC) — and why does it matter?
Industry

What is Know Your Customer (KYC) — and why does it matter?

KYC and AML are regulations that require businesses to verify their customers’ identities. Here’s what you need to know.

Ready to get started?

Get in touch or start exploring Persona today.