Print Article

The Five STEPS to keeping CDD TIGHT


A good friend of Comsure's uses TIGHT [an acronym] as a CDD control. I have taken his TIGHT rules and amended them to be more expansive for all enhanced risk clients.

Managing the risk by keeping it TIGHT

  • "Understanding the network of an enhanced risk client [e.g. PEP] is like peeling the layers of an onion.
  • A business needs to understand every layer to understand its overall risk.
  • But armed with the acronym TIGHT, companies [and the compliance teams] can monitor and remediate enhanced risk clients,
The Five STEPS to keeping it TIGHT

First, a business needs to identify the 'T' – TYPE

  1. The type of client and the ER [enhanced risk triggers] – ER clients [ERCs] include
  • PEPs and their family and associates
  • Complex legal persons
  • A Person connected to higher risk countries
  • A person who is representing another [your ultimate client] who you never meet

2. So, companies need to employ identification using a well-regarded and detailed database such as ACURIS.

ACURIS IS Comsure preferred data provider -

3. Also, ask questions. Do we know enough – have we asked and verified?

  • Adverse media surrounding them?
  • How did they get to their position?
  • How did they earn so much money?
  • And what is their source of funds?

4. Always Go Further.

  • Always Be Curious in your due diligence efforts where ERCs are concerned.
  • Your risk-based approach determined the nth degree of CDD/EDD

Next is the 'I' – the Industry

  1. The Industry that the ERC has earned their money in, together with any family and business associates linked to it.
  2. Look for higher risk sectors such as
  • Hydrocarbons,
  • Mining,
  • Construction,
  • Water Resources,
  • Healthcare,
  • Armaments,
  • Telecoms,
  • Railways,
  • Road construction etc.

3. Global corruption prosecution cases tell us these industries carry the highest risk.

Then there is the 'G' – Geography

  1. Geography and jurisdictional awareness.
  2. Most of the Pandora PEPs accused and investigated for corruption and money laundering are from highly corrupt countries.
  3. So you need to pay attention to ERCs in countries in the lower quartile of the Transparency International list of
  • The Perception of Corruption (PCI) countries.

The 'H' in our acronym stands for History.

  1. So, has the ERC, or the introducer or family member, had any previous allegations against them?
  2. Have there been
  • Any public compliance failures at the companies used in the Transaction or connected with the ERC?
  • Any previous wrongdoings or internal controls issues?

3. Is their lawyer

  • Under investigation by the Solicitors Regulatory Authority, or
  • Have they represented anyone prosecuted for financial crimes such as tax evasion or money laundering?

4. These are some of the many red flags, albeit not all red flags

And finally, the 'T' stands for Transaction.

  1. What are the details of the Transaction?
  2. And who are the parties detailed as part of the Transaction –
  • The beneficiaries, trustees, advisors, lawyers, and
  • Last but by no means least, the agents

Read Robs thoughts