Implementation efforts related to the Customer Due Diligence (CDD) Rule

Start adding items to your reading lists:
Save this item to:
This item has been saved to your reading list.


May 11, 2018 is the compliance deadline for the Financial Crimes Enforcement Network's (FinCEN), Customer Due Diligence Rule (CDD Rule). Financial institutions (FIs) have been undertaking massive implementation projects in order to meet the deadline. These efforts include enhancing information technology (IT) systems to better collect, store, and manage customer information, developing customer risk profiles to perform ongoing monitoring, and communicating the requirements and impact of the new rule to senior management and Board of the Directors (the Board) to properly allocate resources. 

With the deadline approaching, PwC is sharing the results of our recently concluded benchmarking study covering 50 FIs of varying size and geographic scope regarding their implementation plans related to the CDD Rule. As a result of this analysis, we found that while the industry has taken significant steps to comply with the CDD Rule ahead of the compliance deadline, questions still remain due to the lack of supplemental guidance from regulatory authorities. Nevertheless, as part of the study, we identified several takeaways and industry leading practices that will assist FIs in making informed decisions on imminent compliance requirements.


CDD Rule deadline

Key takeaways

PwC's study identified some immediate steps that financial institutions should take. 

  1. Assessing the overall AML and sanctions program to address the requirements of the CDD Rule 
  2. Migrating existing CDD data into a searchable, readily accessible IT platform(s) 
  3. Ensuring that IT systems provide the required fields to capture UBO information 
  4. Enhancing customer risk rating methodologies and AML and sanctions risk assessments to incorporate risks associated with UBO information 
  5. Conveying the impact of the CDD Rule to senior management and the Board of Directors, identifying risks, costs, and plans to address identified gaps 
  6. Updating AML policies and procedures, particularly areas including suspicious activity reporting, information sharing pursuant to USA PATRIOT Act Section 314(b), and requests for information (RFI) processes.


Background on the CDD Rule

On May 11, 2016, FinCEN promulgated a final rule under the Bank Secrecy Act (BSA) that clarifies and strengthens existing customer due diligence (CDD) requirements and adds a new mandate regarding the identification and verification of the ultimate beneficial owners (UBOs) of certain legal entity customers (the CDD Rule). The final rule is intended to help financial institutions (FIs) that conduct business in the U.S. avoid illicit transactions by providing greater insight into their customers’ identities and business relationships. FinCEN released its final rule following several years of debate and outreach with the industry and other regulators, and undertook this process as regulators in the U.S. and abroad have been increasing their focus on conforming their anti-money laundering (AML) regimes to international standards and closing loopholes that subject their financial systems to potential abuse.


Contact us

Jeff Lavine

Global Financial Crimes Leader, PwC US

John Sabatini

Risk and Regulatory Leader, PwC US

Vasilios Chrisos

Financial Crimes Unit, AML Leader, PwC US

Follow us