Risk-based Customer Due Diligence

in the context of policies on anti-money laundering and combating the financing of terrorism (AML/CFT), advancing financial inclusion poses special challenges. Regulation must protect the integrity of financial systems and, at the same time, put the least burden on outreach to poor people and the unbanked. Achieving this balance requires a risk-based system of customer due diligence (CDD). Particularly where official identity systems lack universal coverage, imposing strict CDD requirements on the opening and use of accounts may exclude potential customers—whether due to lack of ID or to increased costs. Allowing simplified procedures in lower-risk settings helps ease entry to the formal financial system for the unbanked, which in turn serves AML/CFT goals.

This Technical Note from CGAP outlines the main risk-based approaches to CDD, provides examples from regulatory systems across the globe, and weighs the pros and cons of each approach. It begins with a brief discussion of the dynamic context for this analysis. It then discusses three prevailing regulatory options for CDD and its simplification: (i) a principles based approach, (ii) a single low-risk threshold, and (iii) a framework of multiple risk tiers. Each approach embodies a method of determining what scenarios and financial offerings constitute reduced risk and what processes of simplified due diligence (SDD) might be acceptable for a given level of risk.