Skip to content


The Keystone of Financial Integrity and Compliance

A Deep Dive into Customer Due Diligence (CDD) Policy for Financial Institutions

In the realm of financial compliance, a robust Customer Due Diligence (CDD) policy is not just a regulatory requirement but a critical safeguard against the perils of money laundering and terrorist financing. Financial institutions must enact and enforce comprehensive CDD policies to thoroughly know their customers and mitigate potential integrity risks.

Why is a CDD Policy Essential?

Regulators and supervisory authorities expect institutions to develop CDD policies, procedures, and measures based on a thorough risk analysis. These policies must delineate clear processes for preventing relationships with customers who may pose integrity risks, including risks associated with third parties such as vendors and outsourcing partners.

The Process of Risk Analysis

A mandated element of the CDD framework is conducting and maintaining an up-to-date risk assessment related to money laundering and terrorism financing. This involves analyzing inherent risks associated with customer types, products, services, transactions, delivery channels, and geographical locations.

The assessment extends to evaluating the effectiveness of control measures in place, identifying any shortcomings, and determining necessary additional measures. This risk assessment forms the foundation for the institution's policy procedures and must be tailored to the unique context of each institution.

Maintaining and Updating CDD Policy

Your CDD policy must be current and reflective of the organization's size and nature. Compliance software like Ruler offers a comprehensive view of both current and future norms, facilitating timely policy adjustments. Institutions are obligated to regularly review and update their policies, especially following any update in risk assessment.

Documentation and Approval of CDD Policy

It's crucial for institutions to document their CDD policy in a manner that allows for subsequent review by supervisory bodies. The Dutch Central Bank (DNB) emphasizes systematic and consistent decision-making and documentation, making the policy and any deviations from it transparent and assessable.

Learn More About CDD

For more insights into Anti Money Laundering (AML) and the Wwft, consider enrolling in our training courses offered through The Ministry of Compliance. Our experts are also at your disposal to assist in developing CDD policies and procedures.


1. What is a CDD policy?

A CDD policy is a set of guidelines and procedures that financial institutions follow to identify and verify their clients' identities, assess and monitor risk, and prevent money laundering and terrorism financing.

2. Why is a CDD policy crucial for financial institutions?

A CDD policy is essential for detecting and mitigating risks associated with financial crimes, ensuring regulatory compliance, and upholding the integrity of the financial system.

3. How often should a CDD policy be reviewed and updated?

A CDD policy should be reviewed and updated regularly, especially when there are changes in the risk profile of the business or updates to regulatory requirements.

4. Who is responsible for the approval of a CDD policy?

The approval of a CDD policy typically lies with the board of directors or the senior management of a financial institution. They are responsible for ensuring that the policy meets regulatory standards and adequately manages risk.

5. Can CDD policies differ between institutions? Yes, CDD policies can differ based on the size, complexity, and risk exposure of the institution. It's important for each institution to tailor its CDD policy to its specific risk profile and business model.