Everything you need to know about customer due diligence (CDD)

A handy guide on customer due diligence (CDD) and how it helps businesses.

Entering into any new business relationship can draw risks that include questions such as: is this individual or company who they say they really are? Therefore, knowing who you’re dealing with is a critical function for any business. In this post, we look at why customer due diligence (CDD) is pivotal for business growth.

First things first: CDD meaning

Simply put, customer due diligence (CDD) ensures that due care and scrutiny are given to the data provided by a customer. The process includes collecting relevant information about a customer and evaluating it for any potential risk for the organization.

An integral part of an enterprise’s Know Your Customer (KYC) process, CDD usually hinges on first identifying the customer and then tracking or monitoring activities relevant to the business. The process also involves a number of regulatory requirements to be completed. As such the procedure is split into two types: simplified due diligence and enhanced due diligence.

In recent years, CDD has become an integral part of security, particularly since businesses are confronted with threat actors, fraudulent activities and money laundering.

How is this done?

If an organization falls under the purview of regulations such as the Money Laundering and Terrorist Financing (Prevention) Act or is looking to enter into a business relationship with another organization or an individual, performing customer due diligence is a critical function to build and maintain the health of the overall business.

Most businesses - not just banks, but also lawyers, accountants, insurance companies and companies operating in the shared economy ecosystem - should ideally carry out proper CDD processes. Here’s a quick take on how it works:

1. Basic screening process to mitigate obvious risks

Building a basic customer verification process removes any obvious risks that the organization may face. This could include asking for a person’s identity details such as their full name, address, date of birth along with government-issued identity documents like their driver’s licence, national ID or a passport.

2. Vet third-party players to secure the process

For some organizations, performing the entire due diligence process for a customer might be cumbersome. To confirm their true identity, enterprises may have to rely on other third-party sources like banks, government databases, lawyers and accountants.

3. Establish the purpose for the business relationship and monitor the data collected

For companies in highly regulated spaces, due diligence will be an integral part of their business plan. However, when collecting and monitoring a customer’s data, it’s important that the organization establishes the purpose for doing so - while ensuring that all legal and compliance requirements are complete.

A sound customer due diligence will ensure that organizations do not end up with hefty fees or face any risk of losing their business’ reputation and integrity.


At Passbase, we enable businesses to enhance their customer verification process without compromising on data privacy or security. With a privacy-centric approach, our system empowers companies seeking to integrate CDD instantly and in a secure manner.

Our aim is to make this technology accessible and privacy driven so that the next generation of innovators can build amazing businesses without compromising individual privacy or security.

Interested in learning more? Book a demo with us!

Get the latest news from Passbase

Passbase © 2023


Passbase is an identity verification solution that makes facial recognition, liveness detection, ID verification and KYC and AML compliance accessible through a suite of flexible developer tools. A zero-knowledge architecture ensures that companies using Passbase can securely verify users from over 190 countries without having to store their data. Built for developers, it can be integrated with just a few lines of code on iOS, Android, and Web.