Home › Knowledge Hub › Customer Due Diligence (CDD)
Customer Due Diligence (CDD) Explained – 2025 Beginner Guide
Customer Due Diligence (CDD) is one of the core pillars of KYC and AML compliance. Every bank, fintech, and financial institution must perform CDD before onboarding and during the customer relationship.
This beginner-friendly guide explains what CDD is, why it matters, the steps involved, documentation, and how it differs from EDD.
Short answer:
CDD = Identify the customer + verify identity + assess risk + perform basic checks such as PEP, sanctions, and adverse media.
What Is Customer Due Diligence?
Customer Due Diligence (CDD) is the process of collecting and verifying information about a customer to assess their risk level before providing financial services.
CDD ensures:
- The customer is who they claim to be
- The customer is not involved in financial crime
- The customer does not appear on sanctions lists
- The customer does not present a high AML risk
CDD Steps (2025 Standard)
- Collect customer information (KYC documents)
- Verify identity (ID, address, photo ID checks)
- Screen for PEP, sanctions, and adverse media
- Understand customer purpose & business relationship
- Identify UBOs (for corporates)
- Assign a risk rating (low/medium/high)
- Record-keeping & documentation
- Ongoing monitoring during the relationship
Documents Needed for CDD
- Government-issued ID
- Address proof
- Selfie / liveness check (fintech/KYC-remote)
- Business registration documents (for corporates)
- UBO identification documents
- Basic SoF (if large first transaction)
CDD vs EDD – What’s the Difference?
| Feature | CDD | EDD |
|---|---|---|
| Risk level | Low or medium | High risk (PEPs, high-value, adverse media) |
| Checks required | Basic verification | Detailed verification, SoF/SoW, sources, deeper risk checks |
| Monitoring | Standard monitoring | Enhanced ongoing monitoring |
When Is CDD Required?
- New customer onboarding
- Periodic review
- Triggered event (change in name, address, business)
- Large or unusual transactions
- When risk level changes
CDD Red Flags (2025)
- Customer reluctant to provide documents
- Inconsistent information across documents
- Multiple identities or name variations
- Large unexplained first deposit
- Negative news present
- PEP status detected
- Links to sanctions or high-risk jurisdictions
Frequently Asked Questions (FAQ)
Is CDD mandatory?
Yes — CDD is legally required for all regulated institutions.
Is CDD the same as KYC?
No. KYC is identity verification; CDD includes risk assessment and screening.
Does every customer go through CDD?
Yes — all customers undergo basic CDD. High-risk customers undergo EDD.
Want Real-World CDD Training?
Master CDD, EDD, risk classification, sanctions, and financial crime controls inside GO-AKS KYC Certification, G-CAMO, and G-CAMI.
Explore Certifications →Visit the KYC Knowledge Hub 2025
One central hub with 50+ KYC & AML guides, case studies, career paths, and interview resources.
50+
Guides & Resources
100K+
Professionals Trained
180+
Countries
KYC & CDD Basics
- KYC lifecycle & fundamentals
- CDD vs EDD, SoF vs SoW
Sanctions & AML
- Sanctions, PEP & adverse media
- AML risks & red flags
Careers & Interviews
- Career paths & salaries
- Full KYC/AML Q&A banks