An Organisation for all
Accountants in Practice

Complying with Customer Due Diligence Requirements

By HMRC

What is customer due diligence?

Customer due diligence means taking steps to identify your customers and checking they are who they say they are. In practice this means obtaining the following from a customer:

  • their name
  • their photograph on an official document which confirms their identity
  • their residential address or date of birth

The best way to do this is to ask for a government issued document like a passport, along with utility bills, bank statements and other official documents. Other sources of customer information include the electoral register and information held by credit reference agencies such as Experian and Equifax.

In situations where it's relevant, you also need to identify the 'beneficial owner'. This may be because someone else is acting on behalf of another person in a particular transaction. Or it may be because you need to establish the ownership structure of a company, partnership or trust.

As a general rule, the beneficial owner is the person who's behind the customer and who owns or controls the customer. Or it's the person on whose behalf a transaction or activity is carried out.

If you have doubts about a customer's identity, you mustn't continue to deal with them until you're sure.

When do you need to apply customer due diligence measures?

You must apply customer due diligence measures:

  • when you establish a business relationship
  • when you carry out an 'occasional transaction' worth 15,000 Euros or more
  • when you suspect money laundering or terrorist financing
  • when you have doubts about a customer's identification information that you obtained previously
  • and when it's necessary for existing customers - for example if their circumstances change

Customer due diligence when you're establishing a business relationship

A business relationship is one that you enter into with a customer where both of you expect that the relationship will be ongoing. It can be a formal or an informal arrangement.

When you establish a new business relationship you need to obtain information on:

  • the purpose of the relationship
  • the intended nature of the relationship - for example where funds will come from, the purpose of transactions, and so on

The type of information that you need to obtain may include:

  • details of your customer's business or employment
  • the source and origin of funds that your customer will be using in the relationship
  • copies of recent and current financial statements
  • details of the relationships between signatories and any underlying beneficial owners
  • the expected level and type of activity that will take place in your relationship

The changing circumstances of your customers

You need to keep up-to-date information on your customers so that you can:

  • amend your risk assessment of a particular customer if their circumstances change
  • carry out further due diligence measures if necessary

Changes of circumstance may include:

  • a big change in the level or type of business activity
  • a change in the ownership structure of a business

When to apply customer due diligence for occasional transactions

You must carry out customer due diligence measures when your business carries out occasional transactions. These are transactions where the value is 15,000 Euros (or the equivalent in sterling) or more, that aren't carried out within an ongoing business relationship. This applies whether it's a single transaction or linked transactions.

Linked transactions are individual transactions of less than 15,000 Euros that have been deliberately broken down into separate, smaller transactions to avoid customer due diligence checks. Your business must have systems in place to detect potentially linked transactions.

Once a potentially linked transaction has been identified, you need to decide if it has been deliberately split. Some issues to consider are:

  • whether a number of transactions have been made by the same customer in a short period of time
  • whether it's possible that a number of customers have carried out transactions on behalf of the same person
  • whether a number of customers have sent money transfers to the same person

In certain circumstances, you also have to carry out customer due diligence measures for occasional transactions that are worth less than 15,000 Euros. For example, you must do this when the nature of a transaction means that there's a higher risk of money laundering.

When to carry out enhanced due diligence

In some situations you must carry out 'enhanced due diligence'. These situations are:

  • When the customer isn't physically present when you carry out identification checks.
  • When you enter into a business relationship with a 'politically exposed person'. Typically, a politically exposed person is an overseas member of parliament, a head of state or government or a government minister. Note that a UK politician isn't a politically exposed person.
  • Any other situation where there's a higher risk of money laundering.

The enhanced due diligence measures for customers who aren't physically present and other higher risk situations are broadly the same and include:

  • obtaining further information to establish the customer's identity
  • applying extra measures to check documents supplied by a credit or financial institution
  • making sure that the first payment is made from an account that was opened with a credit institution in the customer's name
  • finding out where funds have come from and what the purpose of the transaction is (higher risk situations only)

The enhanced due diligence measures when you deal with a politically exposed person are:

  • making sure that only senior management gives approval for a new business relationship
  • taking adequate measures to establish where the person's wealth and the funds involved in the business relationship come from
  • carrying out stricter ongoing monitoring of the business relationship

Published October 2014