The HOLT consultancy blog is where you can read about HOLT consultancy news and CSR activity, DFSA updates including changes to DFSA Rulebooks, DFSA consultation papers, compliance how-to guides and other compliance news and advice. Visit often for updates or sign up to our newsletter. We also post our updates on LinkedIn. Follow us at

Customer Due Diligence and Know Your Customer

Customer Due Diligence and Know Your Customer

Rigorous Know Your Customer and Customer Due Diligence arrangements help to protect a firm's reputation and the integrity of the financial system by reducing the likelihood of regulated firms becoming a vehicle for, or a victim of, financial crime and suffering consequential reputational damage. Inadequacy of KYC and CDD standards can expose a firm to serious business operation and control risks.


The Financial Action Task Force (FATF) recommends basic CDD measures as follows:


  • Identifying the customer and verifying that customer’s identity using reliable, independent source documents, data or information.
  • Identifying the beneficial owner, and taking reasonable measures to verify the identity of the beneficial owner, such that the financial institution is satisfied that it knows who the beneficial owner is. For legal persons and arrangements this should include financial institutions understanding the ownership and control structure of the customer.
  • Understanding and, as appropriate, obtaining information on the purpose and intended nature of the business relationship.
  • Conducting ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of that relationship to ensure that the transactions being conducted are consistent with the institution’s knowledge of the customer, their business and risk profile, including, where necessary, the source of funds.       


Source: The FATF Recommendations


A customer risk assessment is carried out before a firm establishes a business relationship with a customer followed by Customer Due Diligence. The risk assessment evaluates the extent to which that customer exposes it to a range of risks including involvement in money laundering and a risk rating is assigned to that customer. Information required includes:


  • Who is the customer?
  • Who is the beneficial owner?
  • Where is the customer located? Where do they live? Where are their assets located?
  • What is the customer's business?
  • Where is their business (or businesses) located?
  • What is the structure of the business? 
  • Why is the customer looking to establish the business relationship?
  • Which products/services do they require?
  • What is the customer's source of wealth and source of funds?
  • Is the customer a Politically Exposed Person (PEP)?


CDD will be conducted to obtain / verify the information required, appropriate to the risk rating ie Simplified CDD or Enhanced CDD.


For full details of CDD requirements as per the Dubai Financial Services Authority’s Anti-Money Laundering, Counter-Terrorist Financing and Sanctions Module can be found here.


Useful websites include:


If you need Anti-Money Laundering training or require AML manuals please contact us by email at or telephone +971 4 386 6360.