Sample Preview

You are viewing a preview of the Proximo Comply staff training content. Completion tracking, certificates, and AUSTRAC audit reports are available inside the platform — not on this website.

Get Platform Access →
AUSTRAC Tranche 2
Module 02 of 4 · Proximo Comply Staff Training

Customer Due Diligence — Knowing Your Client

How to identify and verify clients, assess ML/TF risk, apply enhanced due diligence for high-risk relationships, and maintain compliant CDD records throughout the client relationship.

25 min · 4 sections · 1 knowledge check
Module Progress
0%
Section 01

What Is Customer Due Diligence?

Customer due diligence (CDD) is the process of identifying and verifying a client's identity, understanding the nature and purpose of the business relationship, and assessing the money laundering and terrorism financing (ML/TF) risk that client presents to your firm. CDD is not a one-time check at onboarding — it is an ongoing obligation throughout the client relationship.

Under AUSTRAC's Tranche 2 framework, every reporting entity must apply CDD before commencing a designated service and maintain that CDD on an ongoing basis. The standard of CDD required is proportionate to risk: Standard CDD for lower-risk clients, Enhanced Due Diligence (EDD) for higher-risk clients.

The Three Elements of CDD

1. Identification — collecting identifying information about the client (name, date of birth, address for individuals; registered name, ABN, registered office for entities).

2. Verification — confirming the identifying information using reliable, independent sources (e.g. government-issued photo ID, ASIC company search, trust deed).

3. Risk assessment — assessing the ML/TF risk the client presents based on their identity, the nature of the services sought, the source of funds, and any risk factors identified during onboarding.

Section 02

Identifying and Verifying Different Client Types

The identification and verification requirements differ based on the type of client. Your firm's AML/CTF programme will specify the exact procedures — what follows is the general framework.

  • Individuals — collect full name, date of birth, and residential address. Verify using a government-issued photo ID (passport, driver's licence) or a combination of documents. For remote clients, electronic verification through an approved service is acceptable.
  • Australian companies — collect registered name, ACN/ABN, registered office address, and the names of beneficial owners (those who ultimately own or control 25% or more). Verify against ASIC records. Beneficial owner identity must also be verified.
  • Trusts — collect the name of the trust, the trustee(s), and the beneficiaries (or class of beneficiaries). Obtain and review the trust deed. Verify trustee identity as you would for an individual or company. Identify and verify the settlor if the trust was recently established.
  • Partnerships — collect the partnership name and the names of all partners. Verify partner identities individually.
  • Foreign entities — apply additional scrutiny. Obtain equivalent verification to what an Australian entity would require, plus consider the jurisdiction risk and whether the entity structure is consistent with its stated purpose.
Beneficial Ownership

Identifying beneficial owners — the natural persons who ultimately own or control a client entity — is one of the most important and commonly missed elements of CDD. Complex structures (trusts held by companies, which are in turn held by other trusts) may require significant investigation. If you cannot identify the beneficial owner, escalate to your Compliance Officer before proceeding.

Section 03

Enhanced Due Diligence — High-Risk Clients

Certain clients and situations require Enhanced Due Diligence (EDD) — a more thorough level of scrutiny that goes beyond standard identification and verification. EDD is mandatory for:

  • Politically Exposed Persons (PEPs) — individuals who hold, or have held in the past 4 years, a prominent public position domestically or internationally. This includes heads of state, senior government officials, senior judicial or military figures, and senior executives of state-owned enterprises — and their immediate family members and close associates.
  • High-risk jurisdiction clients — clients from jurisdictions identified by FATF as having strategic AML/CTF deficiencies (currently including Iran, North Korea, Myanmar, and others on the FATF grey and black lists).
  • Non-face-to-face clients — where CDD is conducted without the client being physically present, additional verification steps are required.
  • Correspondent relationships — relationships with other reporting entities or financial institutions that process transactions on behalf of their own clients.
  • Complex or unusual structures — clients using structures (multiple trusts, offshore companies, nominee arrangements) where the purpose is unclear or the beneficial ownership difficult to establish.

EDD requires: senior management approval before commencing the relationship, a documented risk assessment, enhanced source of funds and source of wealth verification, and more frequent ongoing monitoring.

Section 04

Ongoing CDD — Keeping Client Information Current

CDD is not a one-time exercise. Your obligations continue throughout the client relationship. Ongoing CDD means:

  • Reviewing client information periodically and updating it when it changes
  • Monitoring transactions and instructions for consistency with the client's known profile and the nature of the services provided
  • Re-assessing risk when client circumstances change (new beneficial owners, change of address to a high-risk jurisdiction, new types of transactions)
  • Applying enhanced monitoring to high-risk clients
When to Re-Verify

You must update client CDD when: the client's risk rating changes; a transaction or instruction is inconsistent with the established client profile; you have doubts about previously provided information; a period of inactivity is followed by new instructions; or your firm's programme requires periodic re-verification (typically every 2 years for standard CDD, annually for EDD clients).

Knowledge Check — Module 02

Your firm is onboarding a new client — an Australian company — to handle the sale of a business. The company is 100% owned by a trust, and the trust's beneficiary is another company registered in the British Virgin Islands. What should you do?

✓ Section Complete — Well Done

You've completed the Customer Due Diligence module. Inside Proximo Comply, completion is tracked per staff member and time-stamped against your firm's AUSTRAC enrolment. Continue to the next preview module, or get platform access to start tracked training for your team.

Continue Preview →
Next Module
Red Flags & Suspicious Matter Reporting
Continue →