Compliance & third party risk management

Frequently asked questions

Navigate the world of compliance and third party risk management with a deep understanding of key terminologies and acronymns. Start your journey here.





Know your customer

What is KYC?

KYC stands for know your customer, or know your client, both terms are frequently used and are interchangeable. KYC is a process that organizations – particularly regulated organizations – use to verify the identity of customers.

Part of a risk assessment and anti-financial crime strategy, the aim of KYC is for organizations to understand whom they are doing business with and the risks of doing business with them. A KYC process involves collecting and verifying information about a customer, such as name, address, date of birth, and government-issued identification.

Organizations perform KYC for several reasons. First, it helps to establish trust with legitimate customers. Second, it is a regulatory requirement in many jurisdictions and failure to comply can result in fines and reputational damage. Third, KYC helps protect an organization from involvement in financial crime, such as money laundering, terrorist financing, and fraud, by identifying high-risk customers, so they can make decisions with confidence about what to do next. 








Know your business

What is KYB?

KYB stands for Know Your Business. It is a process that organizations use to verify the identity of business or corporate customers and understand the nature of their operations.

Organizations perform KYB to comply with regulatory requirements, such as anti-money laundering (AML) and counter-terrorist financing (CTF) laws. KYB processes help build a picture of risk about a business and verify its legitimacy i.e., likelihood it is involved in illegal activities such as money laundering, terrorist financing, or fraud. KYB also helps establish whether a business is sanctioned or sanctioned by extension.

A KYB process involves collecting information about a business, such as its legal name, registered address, ownership structure, and financial information. This data is then verified through various sources, such as government databases, credit bureaus, and public records. Organizations analyze KYB data to build a risk profile and assess whether it’s consistent with their overall risk appetite before onboarding a client or as part of ongoing monitoring. 


Customer due diligence

What is CDD?

Customer Due Diligence (CDD) is a process that financial institutions and other regulated entities use to identify, verify, and assess risks associated with their customers. some organizations use CDD interchangeably with KYC or consider KYC to be part of CDD.

The goal of CDD is to prevent financial crimes such as money laundering, terrorist financing, and fraud by knowing who the customers are, what their business is, and how they operate. CDD is a critical component of an organization's anti-money laundering (AML) and counter-terrorism financing (CTF) programs.

Organizations perform CDD for several reasons. Firstly, they need to comply with regulatory requirements. Governments around the world have implemented AML and CTF laws and regulations that require financial institutions to perform CDD. Secondly, CDD helps organizations identify high-risk customers, enabling them to apply enhanced due diligence measures and make decisions with confidence about working with a customer. Thirdly, CDD helps organizations protect their reputation by ensuring they aren’t unwittingly facilitating criminal activity.



Enhanced due diligence

What is EDD?


Enhanced Due Diligence (EDD) is a process of thorough investigation on a customer or third-party provider before entering into a financial relationship or transaction. It can also be used to describe the process of performing reviews, and investigations of transactions or payments.

EDD in a KYC context is a comprehensive, in-depth process that involves a higher level of scrutiny and analysis of risk-related information. The objective of EDD is to identify potential risks associated with a customer or third-party, such as the likelihood of involvement in money laundering, terrorist financing, or other criminal activities.

Organizations perform EDD to comply with regulatory requirements, mitigate risks, and protect themselves from financial and reputational losses. EDD is mandatory for high-risk customers or business entities, such as politically exposed persons (PEPs), individuals or entities from high-risk jurisdictions, or customers with complex ownership structures.


Businessman smiling

EDD can involve collecting and verifying information, such as source of funds, business activities, beneficial ownership, and political affiliations. Various techniques, such as background checks, site visits, and interviews are also used, and ongoing monitoring is carried out to detect suspicious activity.

By performing EDD, organizations better understand the risks associated with individuals, corporate customers, or third-party suppliers to make informed decisions before entering into a financial relationship or transaction.




Perpetual KYC

What is pKYC?

Perpetual KYC or pKYC is a process of monitoring risk associated with an individual customer, corporate customer, or third party all the time, rather than at a snapshot in time. This is because materially significant counterparty risk can change quickly and frequently.

Traditionally, KYC risk monitoring used periodic reviews. While there were variations, typically periodic reviews took place on a 1-,3-, and 5-year cadence depending on the customer or supplier’s risk profile and whether they were deemed low, medium, or high-risk. Perpetual KYC looks for risk-related changes to profiles in near real time, it is a trigger-based process for beginning enhanced due diligence. The ongoing KYC review process is managed by exception, rather than by the calendar.

Automated workflows integrated with robust data sources check for materially significant changes and risk events that raise flags to compliance teams and trigger investigations.



Get in touch

Request a demo

We would love to show you what Moody's can do! Get a demo or alternatively, keep reading to discover more about how Moody's can help you.