Top 5 CDD Mistakes DNFBPs Make — and How to Avoid Them

Customer due diligence (CDD) is a critical part of any DNFBP’s (Designated Non-Financial Businesses and Professions) AML framework. Yet, many firms fall into the same traps — and these can lead to regulatory scrutiny, fines, or worse. Here’s what to watch for and how to get it right.

How to avoid these top 5 mistakes DNFBPs make:

Starting work before CDD is complete
- The mistake: Some firms begin providing services or progressing transactions before verifying client identities and beneficial ownership. This creates significant risk and breaches the regulations.
- How to avoid it: Make it a strict policy: no CDD, no service. Build checks into your workflow so nothing moves forward without completed verification

Accepting expired or inadequate ID documents
- The mistake: Firms sometimes accept expired passports, old utility bills, or poor-quality scans without questioning their validity.
- How to avoid it: Use a checklist for acceptable documents. Train staff to spot invalid or insufficient ID and ensure documents are up to date and legible.

Failing to identify and verify beneficial owners
- The mistake: In complex ownership structures or corporate clients, firms stop at the surface and don’t identify who really controls or owns the entity.
- How to avoid it: Always identify and verify beneficial owners (anyone with 25%+ ownership or control). Document your efforts clearly — if it’s complex, show what you did to resolve it.

Weak source of funds checks
- The mistake: Simply collecting a bank statement or asking where funds came from without assessing whether the explanation makes sense for the client’s profile.
- How to avoid it: Go beyond paperwork. Understand whether the source of funds is consistent with what you know about the client. Record your reasoning.

Poor record-keeping
- The mistake: Incomplete or disorganised records mean you can’t show what checks were done or justify decisions if challenged.
- How to avoid it: Keep clear, organised records of all CDD steps. Make sure records are easily accessible if requested by HMRC.

Final thought

Avoiding these common mistakes is key to strong AML compliance. Good CDD protects your firm and the wider community from being exploited by criminals.

At Reguloop, we help DNFBPs strengthen their CDD processes, review files, and train teams so that compliance is a natural part of your business — not a box-ticking exercise.

Top 5 CDD Mistakes DNFBPs Make — and How to Avoid Them

How to avoid these top 5 mistakes DNFBPs make:

Starting work before CDD is complete

​The mistake: Some firms begin providing services or progressing transactions before verifying client identities and beneficial ownership. This creates significant risk and breaches the regulations.

How to avoid it: Make it a strict policy: no CDD, no service. Build checks into your workflow so nothing moves forward without completed verification

​

Accepting expired or inadequate ID documents

Final thought

How can we help you?

The mistake: Some firms begin providing services or progressing transactions before verifying client identities and beneficial ownership. This creates significant risk and breaches the regulations.