Rahman Ravelli
Rahman Ravelli Solicitors Logo
Rapid Response Team: 0800 559 3500
Switchboard: +44 (0)203 947 1539

About Us Expertise PEOPLE International Legal Articles News Events Contact Us toggle button for phone toggle button for search
Rapid Response Team: 0800 559 3500
Switchboard: +44 (0)203 947 1539
search
Rapid Response Team: 0800 559 3500
Switchboard: +44 (0)203 947 1539
search

Simplified Due Diligence Explained

Author: Azizur Rahman  1 July 2024
8 min read

Simplified due diligence is a form of due diligence that is carried out by some businesses for a variety of reasons. It is different to the standard level of due diligence and to enhanced due diligence.

This article explains what simplified due diligence is, how it is carried out and the benefits and risks associated with it. It also compares it to other forms of due diligence.

What is due diligence?

Businesses use due diligence to assess and reduce the risks involved with a particular transaction or with a current or potential business relationship, whether corporate or personal. Due diligence protects companies from the risks of criminal activity.

What type of businesses need to carry out due diligence?

The requirement to carry out due diligence in a business relationship can be advisable / discretionary or mandatory (meaning it is required by law). Some businesses are more at risk of criminal activity such as corruption, fraud or money laundering.

While there are issues with measuring the extent of money laundering - because it is a hidden crime that is not always detected - it is estimated that about £10 billion is laundered each year in the UK.[1] Other measurements suggest that the UK and its dependent territories account for 40% of the world’s money laundering.

In the last 25 years, the UK has passed anti-money laundering legislation.[2] This legislation, in differing ways, places responsibilities on appointed persons within businesses, senior managers and the company itself to identify, stop and potentially report money laundering.

Under the Money Laundering Regulations, businesses in what is called the regulated sector - which includes banks and other financial institutions, estate agents and casinos - are required to identify and disclose suspicious transactions to the National Crime Authority.

What is Simplified Due Diligence (SDD)?

Due diligence can be a time-consuming and costly activity for businesses. In transactions or business relationships where the risks of money laundering (or other types of criminal activity) are low, it is an excessive or even unnecessary burden. In such situations, companies may instead use Simplified Due Diligence (SDD).

SDD allows businesses to save time and resources while still ensuring they properly assess risks. It is important that businesses know when it is appropriate to use SDD and when it is necessary to take a more in-depth approach such as Enhanced Due Diligence (EDD).

When can SDD be used?

SDD should only be deployed in situations where the business has assessed that it has a low risk of crimes such as fraud or corruption.

It may be suitable to be applied by a business to a customer who:

  • Is employed or has regular income from a known source.
  • Has had a relationship with the business for a long time.
  • Is represented by someone whose appointment is subject to court approval or ratification (such as an executor).
  • Is a government entity or a publicly-known company.
  • Is regulated by an authority, such as the UK’s Financial Conduct Authority.

Or when:

  • The amount involved in a transaction is small.
  • The product or service that is the subject of a deal has a low risk of money laundering.
  • Businesses are advised to assess which representatives, vendors, customers or trading partners are low risk and which are high risk.
  • The above factors, however, do not guarantee that such situations will not be used for criminal activity.

What are high-risk and low-risk customers in due diligence?

As due diligence is about a business assessing the risks associated with a particular transaction or business relationship, a part of this is the assessment of personal relationships.

To assist with this, businesses are advised to devise methods for identifying high-risk customers. This is an essential part of due diligence, as very often it is the customer that brings the risk to the deal or business relationship.

It can be important, therefore, to identify high-risk customers in order to:

  • Reduce fraud: High-risk users may be looking to involve a business in transactions in order to carry out one or more types of fraud.
  • Ensure legal compliance: In some business sectors, companies are under a legal obligation to show they have done everything possible to prevent crime. For example, banks and other companies in the regulated sector have a duty to identify and report possible examples of money laundering.

The exact nature of a high-risk customer may vary, depending on the business sector. But some common types of high-risk individual or company include:

  • Politically exposed persons (PEPs): People who have held public positions in a country are considered high-risk (along with their relatives and close associates) due to their potential influence and possible vulnerability to corruption.
  • Those who have been linked to financial crimes such as fraud, embezzlement or money laundering.
  • Cash-intensive businesses: Businesses that tend to deal in cash transactions, such as casinos or money service businesses, are regarded as being at risk of involvement in money laundering.
  • Businesses that conduct transactions without direct customer interaction: The likes of online marketplaces and cryptocurrency exchanges are considered high-risk due to the lack of customer identification and problems tracking the movement of funds.
  • Businesses in countries that are subject to sanctions, have high levels of corruption or are linked to terrorism.
  • Private banking clients whose complicated financial arrangements may conceal illegal activity or connections to others involved in such activity.
  • Unexplained and / or complex business relationships that do not appear to have any clear purpose or obvious beneficiary.

What processes are involved in simplified due diligence?

SDD is a simplified approach to due diligence that can save businesses time, resources and effort.

SDD should only be used when the risks are low and it is vitally important to approach SDD using a risk methodology in order to determine applicable risks.

The business must compile data about the individual or transaction before any informed judgement can be made about any risks that may exist. This can be done in a number of stepped stages:

  1. Determining eligibility for SDD: The first stage is to assess whether the transaction or business relationship is suitable to be subject to simplified due diligence. The type of customer or transaction, the amount (or amounts) of money involved, and the degree of risk associated with the activity all help determine applicability.
  2. Basic information collection: If a business determines that it is appropriate to use SDD, it is then necessary to collect basic information about the customer or transaction; such as names, addresses and contact details and applicable financial information and documents.
  3. Verifying identity: There may be situations where it is necessary to verify the identity of the customer. This could be done in various ways, such as requesting identification documents or conducting a formal background check.
  4. Checking sanctions lists: It is important that the business reviews applicable sanctions, PEP or debarment lists to see whether the person or business that may play a role in a transaction is named on any of them.
  5. Documenting: The SDD process should be documented, with the business keeping records of information collected, any identity verification carried out, sanctions checks and any other data that is thought to be relevant. This will ensure the business can present the best case to relevant authorities if needs be. It may also be legally necessary to maintain good records for companies that are in the regulated sector and subject to the Money Laundering Regulations.

What are the benefits of SDD?

SDD involves taking a risk-based, stepped approach to be effective.

Where SDD is conducted properly, it brings a range of benefits to those who use it.

These benefits include:

  • Time and cost savings: SDD is a process that can save businesses time, resources and money as it involves carrying out due diligence quickly; relying on less information than other forms of due diligence.
  • Boosting efficiency: The SDD process is cost effective in terms of management time spent on non-profit making activities.
  • Improving the customer experience: SDD can help complete transactions and develop business connections with less dependence on information and documents than is needed in other forms of due diligence.
  • Flexibility: SDD can be tailored to the needs of different businesses and industries while meeting any legal requirements such as, for example, the UK’s Money Laundering Regulations.

Are there any risks associated with SDD?

While there are a number of advantages to simplified due diligence, those that use it need to be aware of the risks.

These include:

  • Money laundering: Simplifying the due diligence procedure can reduce the workload on companies but it can (particularly if it is not done properly) raise the risk of being involved in money laundering.
  • Regulatory non-compliance: If a business uses SDD when a better risk assessment would have pointed towards enhanced due diligence, the business will run the risk of not meeting its threshold legal obligations. If a firm in the regulated sector carries out SDD and this does not meet the legal threshold as set out in the Money Laundering Regulations, the firm and responsible officers of the company could face regulatory penalties or even criminal sanctions.
  • Reputational harm: A company’s inappropriate use of SDD could lead to it being less highly regarded by trading partners or investors. If, for example, a company comes to be seen as a money laundering risk because it has used SDD when a more thorough form of due diligence was needed, it may make partners, vendors and perhaps most importantly investors reluctant to work with the business.
  • Inadequate information: The SDD process may not produce enough information about a potential customer or transaction to properly assess the possible risks, leading to a company committing to a relationship that is riskier than it realises.

Simplified Due Diligence (SDD) vs Customer Due Diligence (CDD)

Simplified due diligence (SDD) is a process that enables businesses to save time and resources while carrying out necessary checks on possible trading partners and transactions and, when necessary, complying with their anti-money laundering obligations. But it is not always the most appropriate approach.

SDD should only be used in situations where there is a low risk of crimes such as bribery, fraud or money laundering. In situations where there is a higher risk, it may be more appropriate to use customer due diligence (CDD). For the situations that are the highest risk, enhanced due diligence (EDD) would be more appropriate.

CDD is viewed as being the standard level of due diligence that financial institutions are required to complete when assessing a customer or transaction that appears to have an average level of risk:

It involves:

  • Verifying the identity of all customers.
  • Identifying and verifying all the ultimate beneficial owners of any transaction.
  • Developing customer risk profiles for all customers.
  • The ongoing monitoring of customer activity and transactions – with any suspicious activity being reported.

CDD differs from SDD in that:

  • It involves verification of all customers and not just some of them.
  • The checks that are carried out are more in-depth and wide-ranging.
  • It is a continuous process.
  • It is a more time-consuming process.

Simplified Due Diligence (SDD) vs Enhanced Due Diligence (EDD)

While CDD is a more thorough process than SDD, enhanced due diligence (EDD) is an even more rigorous diligence process.

Enhanced due diligence has to be carried out when a customer or transaction is deemed to have a higher than average risk level. Where the customer is, or the transaction involves, a politically exposed person (PEP), EDD is required.

How EDD is carried out will vary, depending on the business sector and / or countries, organisations and individuals involved. EDD will involve the collection of more information as part of the verification process than either SDD or CDD, as the potential risk is considered higher.

Conclusion

It is critically important that a business identifies risks. Some companies maintain a risk register which identifies business risk. It is essential that a business conducts appropriate due diligence using skilled compliance professionals or outside counsel.

Carrying out due diligence that is not adequate for the risks involved could be as damaging as carrying out none, both in terms of the possible financial losses and any legal problems that may follow. The UK regimes essentially ask persons in controlled or management positions to implement and review adequate policies and procedures. Failure to do so could result in a barring from the regulated sector, fines or criminal proceedings.

Skilled professionals should thoughtfully map legal and reputational risks to the business and calibrate the extent of each risk. If firms are unsure about how to do this, they must seek advice from those with the relevant expertise and experience.

Rahman Ravelli has lawyers that can provide all the relevant advice and assistance regarding due diligence. Attorneys are available to ensure that companies, organisations and individuals identify and mitigate risks associated with diligence actions.

Sources

  1. https://www.gov.uk/government/news/biggest-ever-crackdown-on-money-mules-in-the-uk
  2. https://www.legislation.gov.uk/uksi/2017/692/contents
Azizur Rahman C 09369

Azizur Rahman

Senior Partner

aziz.rahman@rahmanravelli.co.uk
+44 (0)203 911 9339 vCard

Download Profile PDF

View Profile

Aziz Rahman is Senior Partner at Rahman Ravelli and its founder. His ability to coordinate national, international and multi-agency defences has led to success in some of the most significant corporate crime cases of this century and top rankings in international legal guides. He is recognised worldwide as one of the most capable legal experts regarding top-level, high-value commercial and financial disputes.

Share this page on