Back to Training

Customer Due Diligence (CDD)

Customer identification, verification, and ongoing due diligence requirements

Customer Due Diligence (CDD)

Customer Due Diligence is the process of identifying and verifying your customers to understand who they are, what they do, and the source of their funds. CDD must be completed before providing designated services.

When to Conduct CDD

  • Before providing a designated service
  • If you suspect money laundering or terrorism financing
  • If you have doubts about previously obtained customer identification
  • Periodically for ongoing customer relationships

Individual Customer Identification

For individuals, you must collect and verify: full name, date of birth, and residential address. Verification requires reliable and independent documents, such as a driver licence, passport, or government-issued ID card.

Company Customer Identification

For companies, you must verify: full company name, registered office address, principal place of business, ACN or ARBN (if applicable), and the company type. Use ASIC searches, certificates of registration, or other official documents.

Beneficial Ownership

You must identify and verify beneficial owners — the natural persons who ultimately own or control the customer. For companies, this means individuals who own 25% or more, or who exercise control. Beneficial ownership is where criminals often hide.

Acceptable Verification Documents (Individuals)

  • Australian driver licence with photo
  • Australian passport (current or expired within last 2 years)
  • Foreign passport with Australian visa
  • National ID card issued by a foreign government
  • Birth certificate + Medicare card + rates notice (combined)

Enhanced CDD for High-Risk Customers

Enhanced Due Diligence is required for politically exposed persons (PEPs), customers from high-risk countries, complex corporate structures, or unusual transaction patterns. This may include additional identity documents, source of wealth verification, and more frequent monitoring.

Red Flags Requiring Enhanced CDD

  • Customer is a politically exposed person (PEP)
  • Customer is from a high-risk or sanctioned jurisdiction
  • Unusual transaction patterns or structuring
  • Reluctance to provide information or documents
  • Complex ownership structures with no clear purpose
  • Source of funds unclear or inconsistent with customer profile

Ongoing Monitoring

CDD is not a one-off exercise. You must conduct ongoing monitoring to ensure customer information remains current and to detect unusual or suspicious activity. Review customer information periodically and when circumstances change.

When to Refuse Service

You can and should refuse to provide services if: the customer refuses to provide required identification, you cannot verify their identity, you suspect money laundering or terrorism financing, or the customer asks you to do something illegal (like not reporting a transaction).

Ready to Test Your Knowledge?

Complete the quiz to earn your certificate. You need at least 80% to pass.

Take Quiz