• August 31, 2021

Your Guide to Ongoing Customer Due Diligence (OCDD)

Your Guide to Ongoing Customer Due Diligence (OCDD)

Your Guide to Ongoing Customer Due Diligence (OCDD) 1080 606 Data Zoo

Global regulatory bodies are making Customer Due Diligence (CDD) an ongoing process for reporting entities to operate legally. CDD is a risk-based process for assessing customers’ risk profiles and verifying their identity by involving a number of regulatory obligations. AUSTRAC, Australia’s financial watchdog, has explicitly prohibited reporting entities from providing a designated service if customer identification procedures cannot be performed.

In recent years, CDD is evolving to a proactive process with more regular verifications and risk profiling. An Ongoing Customer Due Diligence (OCDD) helps you identify, mitigate and manage money laundering and terrorism financing (ML/TF) risk. This includes developing and documenting an Enhanced Customer Due Diligence (ECDD) program and a transaction monitoring program. 

Your AML/CTF program must include OCDD structure and controls to decide whether the additional customer and beneficial owner information should be collected and verified on an ongoing basis. OCDD includes ensuring that your customer’s information is updated and processes for transaction monitoring and the ECDD program are planned. 

According to AUSTRAC:
Your Transaction Monitoring Program Must:
  • Define the processes you follow to identify suspicious customer transactions
  • Document appropriate risk-based systems and controls that capture all necessary sources of customer and transaction data or information
  • Set out systems and controls that trigger alerts for further review
  • Implement processes to consistently review and manage the internal escalation and investigation of alerts
  • Prioritise alerts according to the level of risk
  • Document processes to consistently manage the reporting of potentially suspicious matters
  • Detail sufficient assurance processes to review the management of alerts
  • Continually monitor transactions at all levels, not just, for example, by branch or venue level
  • Document processes with sufficient specificity to enable them to be consistently applied
  • Document and audit any automated transaction monitoring processes
Your Enhanced Customer Due Diligence (ECDD) Program Must:
  • Define the types of customers, designated services, channels and jurisdictions that you consider to be a high or greater level of risk, and ensure procedures allow for consistent implementation of ECDD processes
  • Specifically identify who is responsible for carrying out ECDD
  • Establish controls for consistently applying ECDD to ensure its operation, monitoring and internal reporting

OCDD and ongoing monitoring go hand in hand to identify risk patterns across customers and mitigate and manage that risk at a business level. You must be proactive and monitor your customers throughout your entire relationship with them.

Example: Ongoing Customer Due Diligence in Action

As a result of a recently updated risk assessment, BusinessCO identifies transactions by certain customers involving a $5,000 threshold of physical cash as posing a higher risk. Prior to this updated risk assessment, only transactions of this nature above $8,000 were considered to be of higher risk. Three months later, a periodic audit of BusinessCO’s transaction monitoring program reveals that it is designed to trigger alerts for transactions in physical cash of $8,000 or more; however, no triggers were in place that aligned with the updated risk assessment for transactions between $5,000 and $8,000.

BusinessCO acts swiftly to rectify the oversight and ensure it aligns with its risk profile. BusinessCO also undertakes a back capture to identify all transactions in physical cash that fall within the $5,000 to $8,000 bracket and, in so doing, identifies the activities of one customer that, upon review, raises suspicion and is referred for ECDD. ECDD indicates that this customer may be evading tax payments by undertaking cash-in-hand jobs, and a suspicious matter report is provided to AUSTRAC. Following the initial referral, the customer was subject to increased monitoring to ensure any suspicious activity was detected and reported to AUSTRAC.

Author Sara Singh Tak, Data Zoo Marketing Specialist


About Data Zoo

Our industry-leading KYC remediation solution is built with features to make ongoing customer due diligence easy. Experience unparalleled match rates through our unique data cleansing tool. Configure your matching logic and data processing workflow to meet different obligations. Verify over 100 records per second, with your file returned in 72 hours.

© AUSTRAC for the Commonwealth of Australia 2019

Want to learn more about our products?

    Contact Us

    Simply fill out the form below, and a team member will get back to you shortly.

      Book a Meeting

      Conferences are an opportunity to learn from experts, contribute to a global conversation, and grow your personal network. Meet us at our next conference.

        Join our Newsletter

        We'll keep you up to date with Data Zoo news. No spams here.

        Privacy Preferences

        When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

        Click to enable/disable Google Analytics tracking code.
        Click to enable/disable Google Fonts.
        Click to enable/disable Google Maps.
        Click to enable/disable video embeds.

        Our website uses cookies, mainly from 3rd party services. Define your Privacy Preferences and/or agree to our use of cookies.