Skip to content
English - Australia
More support
Contact us
  • There are no suggestions because the search field is empty.

What if someone else has done the CDD on my client?

You can rely on another business's Customer Due Diligence (CDD) work, but only if you have a formal agreement with them to share CDD information. You're still legally responsible for compliance, so you need to verify the CDD was done properly and kept current. easyAML makes this sharing process simple and compliant.

The Rules on Third-Party CDD

You CAN rely on CDD done by another entity if:

  • You have a written agreement allowing CDD sharing
  • The other entity is also subject to AML/CTF obligations
  • Their CDD meets the same standards you'd be required to meet
  • The information is current and relevant
  • You verify they actually completed adequate CDD

You CANNOT:

  • Just assume someone else has done it
  • Rely on informal arrangements
  • Use outdated CDD without re-verification
  • Shift your legal liability to the other party

Your Legal Responsibility Doesn't Transfer

Critical point: Even when relying on another entity's CDD, YOU remain legally responsible for compliance.

If their CDD was inadequate or outdated, AUSTRAC holds YOU accountable for not verifying this. You can't blame the other party for your non-compliance.

Example: A lawyer completes CDD on a client buying property. The real estate agent can rely on this CDD if they have an agreement with the lawyer - but the agent is still responsible for ensuring it's adequate.

What You Need to Verify

Before relying on someone else's CDD:

  1. Confirm they completed it - Don't just take their word
  2. Check it's current - CDD should be recent and reflect current circumstances
  3. Verify it's adequate - Does it meet the standards you'd be required to meet?
  4. Assess ongoing risk - Has anything changed since they did the CDD?
  5. Document everything - Record what you relied on and why

When to Re-Verify

You should conduct fresh CDD (not rely on others) when:

  • Significant time has passed since original verification
  • The client's circumstances have changed
  • The transaction is higher risk than the original relationship
  • You can't verify the quality of the original CDD
  • You don't have a proper sharing agreement

How easyAML Handles CDD Sharing

easyAML's platform enables compliant CDD sharing between entities:

  • Formal agreements - Establish proper sharing arrangements
  • Permission-based - Client controls who can access their CDD
  • Audit trail - Track who relied on whose CDD and when
  • Current information - See when CDD was last updated
  • Easy verification - Confirm adequacy before relying on it

Example: A client verified by their accountant in easyAML can grant permission for their lawyer to access that CDD, eliminating duplicate verification while maintaining compliance.

Third-party CDD reliance can save time and reduce customer friction, but only when done properly. You need a formal agreement, you must verify the CDD is adequate and current, and you remain legally responsible for compliance.

Without proper agreements and verification, you're better off conducting your own CDD from scratch.

What To Do Next

  1. Use easyAML's sharing features - Enable compliant CDD sharing with permission controls
  2. Always verify - Check the CDD is adequate before relying on it
  3. Document your reliance - Keep records of what you relied on and why
  4. When in doubt, re-verify - Fresh CDD is always safer than questionable reliance

Remember: Relying on someone else's CDD can be efficient, but your legal responsibility for compliance never transfers to another party.