KYC/CDD in Practice (Risk-Based Approach: RDD / ADD / EDD)

Duration 2 days – 14 hrs

 

Overview

 

This hands-on course helps participants apply Customer Due Diligence (CDD) correctly in real operations using a risk-based approach. It focuses on practical customer risk profiling, deciding when RDD (Reduced), ADD (Additional), or EDD (Enhanced) due diligence is appropriate, and documenting decisions in a way that stands up to QA, audit, and regulatory review. Participants also learn how to handle transactors / non-account customers (walk-ins, OTC, remittance, cash-in/out, one-time transactions) under risk-based CDD and monitoring.

 

Objectives

 

• Explain and apply the risk-based approach to CDD across onboarding, servicing, and transactions.
• Perform customer risk profiling using standard risk factors (customer type, geography, product/service, channel, behavior).
• Distinguish RDD vs ADD vs EDD and apply the correct level based on defined triggers.
• Identify common EDD triggers (e.g., high-risk customer types, PEP indicators, unusual patterns, high-risk geographies/channels, complex ownership structures, adverse information).
• Execute CDD/EDD documentation: what evidence is needed, how to write a defensible rationale, and how to record approvals/exceptions.
• Handle transactors/non-account customers with appropriate identification, threshold-based checks (where applicable), escalation, and record-keeping.
• Reduce rework by applying quality standards for completeness, consistency, and audit trail.

 

Audience

 

• KYC analysts / onboarding teams / account maintenance
• Branch/ops staff handling customer updates and transactions
• Customer support teams supporting onboarding or verification
• Compliance / QA reviewers who validate KYC files
• Team leads/supervisors for KYC operations

 

Pre- requisites 

• Basic understanding of AML/KYC concepts (or completion of AML/CTF Fundamentals)

• Familiarity with your organization’s onboarding/transaction processes is helpful (not required)

 

Course Content

 

Day 1 — Risk-based CDD foundations and profiling

 

Module 1: Risk-Based CDD essentials 

• What “risk-based” means in day-to-day operations
• CDD lifecycle: onboarding → ongoing monitoring → periodic review → event-driven review
• Roles and handoffs (frontline, ops, compliance, QA)

Exercise: CDD lifecycle mapping for your process

 

Module 2: Customer risk profiling workshop 

• Risk factors and how to score/weight them:
  • Customer type (individual, corporate, NGO, etc.)
  • Product/service risk
  • Delivery channel risk (digital/agent/branch)
  • Geography risk
  • Behavior risk
• Risk rating outcomes and what it changes (CDD depth, approvals, review frequency)

Workshop: Risk-rate 5 customer profiles + justify the rating

 

Module 3: RDD vs ADD vs EDD decisioning 

• Clear definitions and operating rules
• What typically qualifies for:
  • RDD: lower-risk profile + stable patterns + clean signals
  • ADD: gaps needing additional info before proceeding
  • EDD: higher inherent risk or high-risk triggers
• Building a decision tree your team can follow

Deliverable: RDD/ADD/EDD decision matrix template

 

Module 4: EDD triggers deep dive 

• Common EDD triggers and how to evidence each one:
  • High-risk customer type / industry
  • PEP indicators (and PEP-related risk handling)
  • Unusual behavior vs stated profile
  • Complex/opaque ownership structure
  • High-risk geography / corridor / channel
  • Negative news/adverse info signals
• Escalation rules and approvals

Exercise: “Trigger or not?” scenario drill

 

Day 2 — Documentation mastery and transactors/non-account customers

 

Module 5: Documentation that survives QA/Audit (

• What “defensible” documentation looks like:
  • Evidence checklist (IDs, business docs, BO, source of funds/wealth as applicable)
  • Consistency checks (names, addresses, nature of business, purpose)
  • Capturing rationale: why this risk rating and why this CDD level
• Handling exceptions: expired IDs, missing docs, alternative evidence, temporary controls
• Common findings and how to prevent them

Workshop: Fix a “bad KYC file” and rewrite the rationale

 

Module 6: Beneficial Ownership basics (for CDD practice) 

• Identifying BO and control persons (practical approach)
• Ownership structure red flags (layering, nominees, shell entities)
• Documentation pack and verification steps

Workshop: BO identification from 2 sample org charts

 

Module 7: Transactors / Non-account customers 

• Who are transactors and why they matter
• Practical handling model:
  • Identification and minimum data capture
  • Threshold-based and risk-based checks (where applicable)
  • When to escalate / refuse / delay / request more info
  • Record keeping and watchlist screening considerations
• Patterns: structuring/smurfing, mule behavior, rapid cash-in/cash-out

Scenario lab: Walk-in transactions and edge cases

 

Module 8: Operating controls and QA framework 

• Maker-checker controls and approvals
• KYC QA scoring (completeness, accuracy, rationale, evidence)
• KPIs for KYC ops: rework rate, turnaround time, defect density
• Continuous improvement: top root causes and quick fixes