Difference Between AML, KYC, and CDD Explained

Last Updated on Feb 18, 2026, 2k Views

Difference Between AML, KYC, and CDD Explained

In the world of financial compliance, AML, KYC, and CDD are closely connected—but they are not the same. Understanding how they differ (and how they work together) is essential for banks, fintech companies, DNFBPs, and other regulated entities.

1️⃣ Anti-Money Laundering (AML)

AML (Anti-Money Laundering) refers to the entire framework of laws, regulations, and procedures designed to prevent criminals from disguising illegally obtained funds as legitimate income.

Key Points:

Broad regulatory and compliance framework
Includes policies, internal controls, monitoring, reporting
Covers ongoing transaction monitoring and suspicious activity reporting
Enforced by national laws and global standards

Example Regulations:

Bank Secrecy Act (USA)
Prevention of Money Laundering Act (India)
Financial Action Task Force global AML standards

👉 AML is the umbrella framework.

2️⃣ Know Your Customer (KYC)

KYC (Know Your Customer) is a process within AML focused on verifying a customer’s identity before establishing a business relationship.

Key Objectives:

Confirm customer identity
Prevent identity fraud
Ensure customers are legitimate

Typical KYC Checks:

Government-issued ID verification
Address proof
PAN / Tax ID validation
Biometric verification (in some jurisdictions)

👉 KYC is about identity verification at onboarding.

3️⃣ Customer Due Diligence (CDD)

CDD (Customer Due Diligence) goes beyond basic identity verification. It assesses the risk level of a customer and evaluates whether their profile matches their financial behavior.

CDD Includes:

Understanding source of funds
Identifying beneficial ownership
Risk profiling (low, medium, high risk)
Ongoing monitoring

CDD is risk-based and may escalate to Enhanced Due Diligence (EDD) for high-risk customers such as:

Politically Exposed Persons (PEPs)
Customers from high-risk jurisdictions
Complex corporate structures

👉 CDD evaluates customer risk and monitors behavior.

🔎 Quick Comparison Table

Aspect	AML	KYC	CDD
Scope	Broad compliance framework	Identity verification process	Risk assessment process
Stage	Ongoing	At onboarding	Onboarding + ongoing
Focus	Prevent money laundering	Verify identity	Assess and manage risk
Includes	Monitoring, reporting, controls	ID & document checks	Risk profiling, source of funds

📌 How They Work Together

Think of it this way:

AML = The complete compliance system
KYC = Confirm who the customer is
CDD = Assess how risky the customer is

Without KYC, you don’t know who the customer is.
Without CDD, you don’t know their risk level.
Without AML, there’s no structured system to prevent financial crime.