Reduce & Manage Business Risk with OSINT. Neotas is an Enhanced Due Diligence Platform that leverages AI to join the dots between Corporate Records, Adverse Media and Open Source Intelligence (OSINT). Learn about OSINT Tools, Techniques & Frameworks.
Simplified Due Diligence (SDD) represents a streamlined approach to due diligence, specifically designed for customers presenting a low risk of money laundering or terrorist financing. It simplifies the verification process, making it efficient for both businesses and low-risk clientsâ.
In this article we will explore:
The meaning of simplified Due Diligence (SDD).
The difference between SDD, CDD and EDD.
Factors compliance teams should consider to select the due diligence process
Steps Involved in the SDD Process
Who Qualifies for Simplified Due Diligence?
When is Simplified Due Diligence needed?
How to implement simplified due diligence?
Simplified Due Diligence (SDD) Meaning
Simplified Due Diligence (SDD) is a streamlined approach to customer identity verification designed for use in contexts where the risk of money laundering, tax evasion, criminal or terrorist financing, and other financial crimes is considered minimal. As the most basic tier within the Customer Due Diligence (CDD) framework, SDD facilitates a less intrusive vetting process, thereby reducing the burden on both financial institutions and customers deemed to present a low risk.
Simplified Due Diligence (SDD) is a basic identity check for customers considered to have a very low risk of involvement in money laundering, terrorist financing, or other financial crimes. It is specifically designed for situations where the threat of such illegal activities is minimal.
SDD is predicated on the principle of proportionality, whereby the depth and breadth of due diligence measures are aligned with the assessed level of risk. In cases where potential threats of financial impropriety are low, SDD offers an efficient means to fulfil regulatory obligations without the extensive checks characteristic of more comprehensive due diligence procedures. This efficiency is particularly crucial in maintaining the balance between rigorous anti-money laundering (AML) controls and the facilitation of smooth financial transactions for low-risk clients.
The applicability of SDD is determined through a preliminary risk assessment, which considers factors such as the nature of the customer’s business activities, geographical location, and the transparency of their financial transactions. Customers who qualify for SDD typically include those with a clear and straightforward financial profile, for whom extensive verification processes would not proportionately enhance risk management.
It is important to note that SDD is not a one-size-fits-all solution but a component of a tiered due diligence strategy. It stands at the entry-level, preceding Standard Due Diligence (SDD), which applies to low and medium-risk customers, and Enhanced Due Diligence (EDD), reserved for individuals or entities presenting a high risk. This tiered approach ensures that financial institutions can efficiently allocate resources, focusing more intensive investigations on higher-risk profiles while streamlining the process for those less likely to be involved in financial crimes.
Simplified Due Diligence serves as a pragmatic and proportional tool within the broader regulatory framework, aimed at fostering an efficient yet secure financial environment. By judiciously applying SDD, financial institutions can uphold their commitment to preventing financial crimes while ensuring a seamless customer experience for those posing minimal risk.
Simplified Due Diligence (SDD) involves a more straightforward approach to collecting information than more rigorous due diligence levels. However, SDD still adheres to the four essential elements of Customer Due Diligence (CDD) as specified by the Financial Action Task Force (FATF), the international body combating financial crime.
These critical components are:
Identifying and verifying the customer’s identity,
Identifying and verifying the identity of beneficial owners,
Understanding the intended purpose and nature of the business relationship,
To better understand the workings of simplified due diligence, it’s useful to compare it with standard customer due diligence and enhanced due diligence processes.
Customer Due Diligence (CDD) is an essential process within the financial sector, ensuring institutions understand the risks posed by their clients. This process operates on a continuum, tailored to the level of risk an individual or transaction presents.
Simplified Due Diligence (SDD) is the first level, tailored for low-risk cases. It involves basic checks with a focus on preventing money laundering and terrorism risks.
Moving up the ladder, we have Standard Customer Due Diligence (CDD), which is suitable for average risks. Here, comprehensive checks ensure financial integrity.
Finally, Enhanced Due Diligence (EDD) comes into play for high-risk scenarios. It involves thorough investigations and a broader focus on risk mitigation, including money laundering and terrorism financing.
Each tier is designed to mitigate risks effectively, from money laundering to terrorist financing, ensuring financial integrity.
The table below summarises the key differences between SDD, CDD, and EDD:
Aspect
Simplified Due Diligence (SDD)
Standard Due Diligence (CDD)
Enhanced Due Diligence (EDD)
Customer Type
Low-risk entities
Broad spectrum of customers
High-risk or high-net-worth customers
Identification & Verification
Fewer documents, use of public information
Detailed verification process
Extensive verification from various sources
Beneficial Ownership
Basic identification without further verification
Thorough examination of ownership structure
In-depth investigation, including intelligence reports on UBOs
Politically Exposed Person (PEP) Screening
Limited measures for PEP determination
Standard PEP checks
Intensive screening against PEP and sanctions lists
Relatives and Close Associate (RCA) Checks
Not applicable
Not typically required
Mandatory for customers with PEP status
Source of Funds (SOF) and Source of Wealth (SOW) Checks
Not applicable
Not standard but may be conducted based on risk
Mandatory verification to ensure legitimacy
Adverse Media Screening
Basic adverse media searches to confirm low-risk status
More comprehensive screening
Intensive screening for any negative news
Sanctions Screening
Screening against lists to ensure compliance
Standard sanctions and watchlist screening
Rigorous screening, including ongoing monitoring
Ongoing Monitoring
Risk-based monitoring of account activity
Regular monitoring to detect changes in risk profile
Intensive and continuous scrutiny of account activity and risk
Effective CDD is underpinned by a blend of expertise and technology, requiring financial institutions to remain agile as risk profiles and regulatory landscapes evolve. While SDD offers a less resource-intensive approach, it’s crucial that systems are in place to dynamically update customer profiles, ensuring that the level of due diligence applied remains appropriate to the risk presented.
Factors compliance teams should consider to select the due diligence process
When determining the appropriate level of due diligence, particularly Simplified Due Diligence (SDD) the following shall be assessed:
Customer Type: The nature of the customer plays a significant role. Low-risk customer types are more likely candidates for SDD.
Jurisdiction: The location or jurisdiction in which the customer operates can impact the risk level. Some jurisdictions may pose higher risks than others.
Occupation: The customer’s occupation or industry matters. Certain industries may inherently have lower or higher risks.
Products and Services Offered: The specific products or services offered by the customer can influence the risk assessment. Some products or services may be associated with higher risks.
Account Type: The type of account being opened or the financial service being provided is a critical factor. Different accounts may carry different levels of risk.
Ownership Structure: Understanding the ownership structure of the customer can provide insights into potential risks. Complex ownership structures may warrant more thorough due diligence.
By evaluating these factors comprehensively, compliance teams can make informed decisions regarding the application of Simplified Due Diligence (SDD) and ensure that the appropriate level of due diligence aligns with the risk profile of the customer or entity.
What are the Steps Involved in the SDD Process?
The Simplified Due Diligence (SDD) process, applied in low-risk scenarios within the financial sector, involves a series of streamlined steps designed to ascertain the identity and assess the risk profile of customers, without the exhaustive checks required for higher risk categories. Here is an overview of the key steps involved in the SDD process:
Initial Risk Assessment:
The process begins with an initial assessment to determine whether a customer or transaction qualifies as low-risk. This assessment is based on predefined criteria such as the type of customer, nature of transactions, business relationship, and geographical location.
Collection of Basic Identity Information:
Basic information to establish the customer’s identity is collected. This typically includes name, date of birth, address, and national identification number. For corporate entities, this may involve gathering information on the nature of the business, registration details, and principal owners.
Verification of Identity:
The collected information is then verified using reliable, independent sources. This could include checking against public databases, electoral registers, or other publicly accessible records. The verification process in SDD is less exhaustive compared to Standard or Enhanced Due Diligence.
Assessment of Beneficial Ownership:
For corporate clients, a basic understanding of the ownership structure is obtained to identify the beneficial owners. Unlike in Enhanced Due Diligence (EDD), there is no requirement for in-depth verification of the owners’ identities unless there is a change in risk perception.
Purpose and Intended Nature of the Business Relationship:
A clear understanding of the purpose and intended nature of the business relationship is established to ensure it aligns with what would be expected from someone with a low-risk profile.
Conducting PEP Screening (If Applicable):
While SDD may limit the extent of Politically Exposed Persons (PEP) screening, a basic check is often conducted to ensure the customer does not hold a prominent public function that could elevate their risk profile.
Ongoing Monitoring:
Accounts under SDD are subject to ongoing monitoring, albeit at a frequency and depth that reflect their low-risk nature. This involves keeping an eye on transactions and any significant changes in the customer’s status or business activities that might affect their risk classification.
Record-Keeping:
Financial institutions are required to keep records of the SDD measures applied, including the information obtained during the identity verification process and the rationale for classifying a customer as low-risk.
It’s important to note that while SDD involves fewer and less detailed checks, financial institutions must remain vigilant for any indications that a customer’s risk level may have changed, necessitating a reevaluation and potentially more rigorous due diligence measures.
Who Qualifies for Simplified Due Diligence?
While initial identity checks and verification are standard for all new customers, only a subset will meet the criteria for Simplified Due Diligence (SDD) based on their low risk for money laundering (ML) and terrorist financing (TF).
Regulated Entities: Organizations accountable to community institutions, with established checks and balances, ensuring transparent operations and financial dealings.
Public Authorities: Bodies with publicly disclosed identities and transparent accounting practices, reducing the opacity that often accompanies financial crimes.
Specific Financial Products: Providers of certain insurance policies, electronic money products, or pensions, where the nature of the product limits the risk of ML/TF.
However, the applicability of SDD can vary significantly across jurisdictions. For instance, the Fourth Anti-Money Laundering Directive (4AMLD) in the EU mandates that firms must not rely on predefined lists of low-risk customers for automatic SDD application. Instead, they must actively assess and justify the low-risk status of each customer before applying SDD measures.
These variations highlight the importance of understanding and adhering to local regulatory frameworks when implementing SDD. Financial institutions must not only identify customers eligible for SDD but also maintain a robust process for continually assessing and documenting the risk profiles of their customers, ensuring compliance with evolving legal standards and practices.
When is Simplified Due Diligence Needed?
It is designed for situations where the risk of money laundering or terrorist financing is assessed as low. This streamlined process allows for a more efficient verification and monitoring of clients, thereby optimising resource allocation within compliance departments.
SDD becomes necessary under several specific circumstances:
Establishing Business Relationships: When a financial institution initiates a new business relationship, it must assess the risk profile of the prospective client. If this risk is deemed low, based on predefined criteria such as the nature of the business, geographical location, and the transparency of transactions, SDD may be applied.
Low-Risk Transactions: Transactions that fall below a certain threshold, which is often defined by regulatory bodies, may qualify for SDD. These are typically low-value transactions that do not exhibit characteristics commonly associated with money laundering or terrorist financing.
Regulated Entities: Entities that are already subject to regulatory oversight and compliance checks, such as banks and other financial institutions within the European Union that adhere to Anti-Money Laundering Directives (AMLDs), may qualify for SDD. This is because their regulated status provides a certain level of assurance regarding their risk profiles.
Public Bodies and Authorities: Public authorities or state-owned enterprises, known for their transparency and lower risk profiles due to public accountability and regulatory oversight, are often eligible for SDD.
Low-Risk Financial Products: Certain financial products, like specific insurance policies, pensions, or electronic money products that have limitations on their use or withdrawal, might qualify for SDD due to their inherent lower risk of being used for money laundering or terrorist financing.
Customer Risk Profile Changes: If ongoing monitoring reveals that a customer’s risk profile has decreased and is now considered low risk, SDD procedures might be applied moving forward.
It is imperative to note that the applicability and criteria for SDD can vary significantly across jurisdictions. Financial institutions must navigate a complex landscape of international, regional, and local regulations that dictate when SDD can be employed. For example, the Fourth Anti-Money Laundering Directive (4AMLD) in the EU stipulates that financial institutions must actively demonstrate the low risk of their customers to apply SDD, moving away from a pre-defined list of eligible entities and individuals.
Moreover, the adoption of SDD must be accompanied by rigorous documentation and justification processes to ensure compliance with regulatory standards. Financial institutions must maintain records of the rationale behind deeming a customer or transaction as low risk and applying SDD. This includes documenting the customer’s business activities, source of funds, and any other relevant information that supports the low-risk assessment.
Its application is guided by a thorough assessment of risk, underpinned by a deep understanding of the customer and the nature of the business relationship. As regulatory landscapes evolve, so too must the strategies employed by financial institutions to implement SDD effectively, always ensuring that the measures taken are proportionate to the risks identified.
How to implement simplified due diligence?
Implementing Simplified Due Diligence (SDD) effectively within your business requires a nuanced approach, particularly with the integration of flexible identity verification solutions that can adapt the Customer Due Diligence (CDD) process to the assessed risk levels. SDD is reserved for low-risk scenarios, offering a less intensive method to gather and verify customer information compared to standard or enhanced due diligence processes.
For effective implementation, your business should consider the following steps:
Obtaining Identifying Information: Initiate the customer identification process (CIP) as part of the onboarding procedure, ensuring that the collected data is accurate to mitigate risks associated with false identities.
Determining the Level of Due Diligence: After verifying the customer’s identity, assess the appropriate level of due diligence required based on various factors such as customer type, occupation, ownership structure, and the offered products or services.
Proceeding With the Chosen Type of Due Diligence: If a customer is identified as low-risk, proceed with a simplified and less detailed identity verification process. This might involve using public information or fewer documents for verification purposes.
Conducting Ongoing Monitoring: Even after the customer has been onboarded, it’s essential to continuously monitor their activities to ensure they remain low-risk. Any suspicious activity may warrant a transition to more rigorous due diligence measuresââ.
To streamline the SDD process and make it scalable, leveraging automation and advanced technology like artificial intelligence is advisable. Automation can facilitate rapid processing of customer data, including facial recognition for biometric verification, automated risk assessment, and real-time transaction monitoring, enhancing both efficiency and customer satisfaction while ensuring regulatory complianceââ.
Implementing SDD requires a strategic blend of understanding regulatory frameworks, assessing customer risk profiles accurately, and employing technology to automate and simplify the process. By adopting these practices, businesses can ensure compliance with AML regulations without compromising on operational efficiency or customer experience.
About Neotas Due Diligence
Neotas Platform covers 600Bn+ archived web pages, 1.8Bn+ court records, 198M+ corporate records, global social media platforms, and 40,000+ Media sources from over 100 countries to help you build a comprehensive picture of the team. Itâs a world-first, searching beyond Google. Neotasâ diligence uncovers illicit activities, reducing financial and reputational risk.
đ€ What is Simplified Due Diligence: understand SDD vs CDD vs EDD, who needs SDD, checklist, & the steps involved in Simplified Due Diligence process. Neotas UK.
Neotas Enhanced Due Diligence covers 600Bn+ Archived web pages, 1.8Bn+ court records, 198M+ Corporate records, Global Social Media platforms, and more than 40,000 Media sources from over 100 countries to help you screen & manage risks.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking âAccept Allâ, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
AWSALBTG
7 days
AWS Application Load Balancer Cookie.
Load Balancing Cookie: Used to encode information about the selected target group.
AWSALBTGCORS
7 days
AWS Classic Load Balancer Cookie: Used to map the session to the instance. This cookie is identical to the original ELB cookie except for the attribute &SameSite=None;
cookielawinfo-checkbox-advertisement
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent
1 year
Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
debug
never
Cookie used to debug code and website issues
shown
session
Session cookie to control number of times a pop up is shown.
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Cookie
Duration
Description
__cf_bm
30 minutes
This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
AnalyticsSyncHistory
1 month
Used to store information about the time a sync took place with the lms_analytics cookie
bcookie
2 years
LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie
2 years
LinkedIn sets this cookie to store performed actions on the website.
lang
session
LinkedIn sets this cookie to remember a user's language setting.
lidc
1 day
LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory
1 month
LinkedIn sets this cookie for LinkedIn Ads ID syncing.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Cookie
Duration
Description
li_gc
2 years
Used to store consent of guests regarding the use of cookies for non-essential purposes
rl_anonymous_id
1 year
Generates an unique anonymous Id to identify a user and attach to a subsequent event.
rl_user_id
1 year
to store a unique user ID for the purpose of Marketing/Tracking
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_107495977_1
1 minute
Set by Google to distinguish users.
_gat_UA-107495977-1
1 minute
A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au
3 months
Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
attribution_user_id
1 year
This cookie is set by Typeform for usage statistics and is used in context with the website's pop-up questionnaires and messengering.
CONSENT
2 years
YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Cookie
Duration
Description
_fbp
3 months
This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr
3 months
Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE
1 year 24 days
Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie
15 minutes
The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE
5 months 27 days
A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC
session
YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices
never
YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id
never
YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId
never
This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests
never
This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.