From CompliNEWS | Financial Service Intelligence Watch
Guidance note: Differences between sanctions screening and customer due diligence (CDD)
Sanctions screening and customer due diligence (CDD) are essential elements of compliance with the Financial Intelligence Centre Act (FICA) in South Africa. While both processes play a vital role in combating financial crime, such as money laundering and terrorism financing, their objectives and methods differ significantly. This guidance note provides an overview of these differences to help accountable institutions understand and implement these processes effectively.
1. Purpose and Objective
Sanctions Screening:
The main goal of sanctions screening is to ensure that financial institutions do not transact with individuals, entities, countries, or sectors listed on international or local sanctions lists. These lists include:
- United Nations Security Council sanctions lists,
- European Union sanctions lists,
- South African government sanctions, and
- Other international sources, such as the US Office of Foreign Assets Control (OFAC).
Sanctions screening is designed to prevent prohibited transactions by checking all parties against sanctions lists in real time, particularly during high-risk transactions.
Customer Due Diligence (CDD):
The aim of CDD is to gather and verify detailed information about a customer to assess their risk level and detect possible links to illegal activities. CDD forms part of the broader Know Your Customer (KYC) process and focuses on obtaining a complete understanding of the customer, including:
- Their identity,
- Ownership structure,
- Source of funds,
- Business activities, and
- Any potential risks they pose.
While sanctions screening is specific to sanctions lists, CDD provides a more holistic view of a customer’s profile and risk factors.
2. Timing of Implementation
Sanctions Screening:
Sanctions screening is a continuous process conducted at multiple stages:
- During onboarding,
- At periodic intervals as part of ongoing monitoring, and
- In real-time during transaction processing.
Its purpose is to ensure that no transactions involve sanctioned parties or entities, with many institutions employing automated tools to facilitate this.
CDD:
CDD is typically conducted during the initial onboarding process to establish a customer’s profile and risk level. It may also be updated periodically or triggered by changes in the customer’s behaviour, financial activity, or business profile. For example, unusual transaction patterns or negative media coverage may require additional scrutiny and updates to the customer’s risk assessment.
3. Scope of Activities
Sanctions Screening:
Sanctions screening has a narrow focus. It is limited to detecting whether a person, entity, or transaction is listed on sanctions lists or falls under sectoral sanctions. The process is not concerned with broader customer activities unless there is a direct link to sanctions-related entities.
CDD:
CDD takes a much broader approach. It involves verifying a customer’s identity, understanding their business operations, examining the source of their funds, and monitoring transaction patterns for inconsistencies or red flags. This comprehensive process helps institutions build a full picture of their customer’s risk profile.
4. Outcomes and Actions
Sanctions Screening:
When a match is identified during sanctions screening:
- The financial institution must immediately block the transaction or freeze the customer’s assets, as applicable.
- The institution is required to report the match to the Financial Intelligence Centre (FIC).
- Additional remedial actions, such as making an account dormant, may be necessary.
- Sanctions screening requires immediate action to prevent any breaches of financial sanctions.
CDD:
The outcome of CDD is the classification of a customer as low, medium, or high risk. High-risk customers may require enhanced due diligence (EDD), including more frequent monitoring and stricter controls. If suspicious activity is detected, the institution must file a Suspicious Transaction Report (STR) or Suspicious Activity Report (SAR) with the FIC. Unlike sanctions screening, CDD provides a foundation for ongoing risk management throughout the customer relationship.
Sanctions screening and CDD are both crucial to ensuring compliance with FICA and other financial crime regulations. While sanctions screening is narrowly focused on preventing transactions with sanctioned parties, CDD provides a broader analysis of a customer’s risk profile and financial activities. Understanding these distinctions enables financial institutions to implement both processes effectively, ensuring robust compliance with financial crime regulations.
Practical Examples
Sanctions Screening Example:
A South African financial institution is onboarding a new corporate client that wishes to open a business account. During the onboarding process, the institution conducts sanctions screening using an automated system linked to global and local sanctions databases.
The system flags the corporate client because one of its shareholders, holding 35% of the shares, appears on a United Nations Security Council sanctions list. As required by law, the institution:
- Halts the onboarding process immediately.
- Blocks any attempted transactions.
- Files a report with the Financial Intelligence Centre (FIC) detailing the match.
- The institution must not proceed with onboarding the client, as dealing with sanctioned individuals or entities is strictly prohibited.
Customer Due Diligence (CDD) Example:
A financial institution is onboarding a high-net-worth individual (HNWI) as a new private banking client. During the CDD process, the following steps are taken:
- Identity Verification – The client’s identity is verified using a certified ID copy and proof of residence.
- Source of Funds – The institution requests documentation to verify the source of the client’s wealth, such as salary slips, audited financial statements, and proof of inheritance.
- Adverse Media Screening – A search reveals no negative media coverage or allegations of financial misconduct against the client.
- Ownership Verification – The client is identified as a 50% shareholder in a private company. The institution conducts further due diligence on the company to confirm its legitimacy.
Based on this information, the client is classified as medium risk due to their high wealth and complex ownership structure. Enhanced due diligence (EDD) is applied, including periodic reviews of their account activities to identify any suspicious transactions.
Combined Scenario:
An existing client conducts a series of unusually large transactions, transferring funds to multiple recipients in high-risk jurisdictions. These transactions trigger the institution’s real-time sanctions screening tool, which detects that one of the recipients is linked to a blacklisted entity on the EU sanctions list.
Simultaneously, the CDD process is revisited to assess the client’s activities and risk profile. The institution discovers inconsistencies in the client’s source of funds and business operations that were not evident during onboarding.
Actions taken include:
- Blocking the flagged transaction.
- Filing a Suspicious Transaction Report (STR) with the FIC regarding the blacklisted recipient.
- Reclassifying the client as high risk and applying enhanced monitoring measures.
These examples highlight how sanctions screening and CDD complement each other in ensuring compliance and mitigating financial crime risks.