CDD & OnboardingInformational

What is the difference between simplified, standard, and enhanced CDD?

Updated 23 May 2026

Quick answer

Simplified CDD applies to low-risk clients and requires minimal verification. Standard CDD is the default — verify identity using reliable, independent documents or electronic sources. Enhanced CDD applies to high-risk clients and requires deeper verification including source of funds and wealth, plus senior management approval.

Australia's AML/CTF framework takes a risk-based approach to customer due diligence. This means the level of scrutiny applied to a client should be proportionate to the ML/TF risk they present — you are not required to treat every client the same.

Simplified CDD

Simplified CDD applies where you have determined, based on your risk assessment, that a client presents a genuinely low ML/TF risk. In these circumstances, you may collect less information and verify it less rigorously than standard CDD.

Examples of clients that mayqualify for simplified CDD (depending on your firm's risk assessment):

  • Listed public companies on the ASX or equivalent exchanges
  • Regulated Australian financial institutions
  • Australian Government bodies

You must document why you assessed the client as low risk. Simplified CDD is not a shortcut for ignoring CDD — it is a calibrated reduction based on documented reasoning.

Standard CDD

Standard CDD is the default level of verification applied to all clients who do not qualify for simplified treatment and have not been identified as high risk. For individuals, this typically means:

  • Collecting full name, date of birth, and residential address
  • Verifying identity against at least one reliable, independent source — typically a government-issued photo ID (passport or driver's licence)
  • Checking the verified details against the Document Verification Service (DVS) where possible

For companies and trusts, standard CDD requires identifying key officers and beneficial owners and verifying at least some of them.

Enhanced CDD

Enhanced due diligence is required for clients assessed as high risk. It goes beyond identity verification to understand the source and legitimacy of the client's funds. EDD requires:

  • All steps of standard CDD, plus:
  • Verified source of funds (where is the money in this specific transaction coming from?)
  • Source of wealth (how did the client accumulate their overall net worth?)
  • Senior management approval to onboard or continue the relationship
  • More frequent ongoing monitoring

Clients that typically trigger EDD include PEPs, clients from high-risk jurisdictions, and those with complex ownership structures.

Documenting your CDD level decision

Whatever CDD level you apply, you must document why you made that assessment. If AUSTRAC reviews your files, they will expect to see evidence of a deliberate, reasoned decision — not CDD that was selected at random or defaulted to 'simplified' without justification.

How ClearAML helps

ClearAML assigns a CDD risk level to each client based on your firm's risk parameters, automatically selects the appropriate verification workflow, and documents the reasoning — so the decision is recorded and auditable from day one.

Automate risk-based CDD with ClearAML →

Related questions

CDD & Onboarding

How do I conduct enhanced due diligence on a high-risk client?

CDD & Onboarding

How do I identify and verify the beneficial owner of a trust?

CDD & Onboarding

How do I onboard a client remotely while still meeting CDD requirements?