Apr 25, 2022

What is Due Diligence? Types and its relationship with KYC

  • es
  • fr
  • de
  • pt
What is Due Diligence? Types and its relationship with KYC

The term Due Diligence is used in different ways. Its use and application vary depending on the sector, area, or type of process in which it is implemented.

It is generally used for concepts and situations in which an investigation must be carried out of a natural or legal person prior to a contractual relationship or other types of exchanges. It is important to keep in mind that the identification of the subject (company or individual) on which to carry out the due diligence process is an essential previous step.

Download here for free the complete guide on digital identification.

Due Diligence Meaning: What is Due Diligence in Law?

Due diligence refers to the investigation itself. In this way, we talk about a legal due diligence process, or legal audit, to refer to previous review operation of a person or company in order to evaluate possible risks when establishing an economic relationship with it.

The research focuses on understanding the reality of the company or person and making sure without a doubt that they have not committed or are not committing any crime and that they are not considering committing it. It is a process of information research carried out by one of the agents in a negotiating relationship to assess risks and the situation at the time of the negotiation.

It is a very common process in the field of B2B (Business-to-Business) buying and selling and in the acquisition or merger of companies. In some cases, it is also known as a “purchase audit”.

We could say that the standard definition is “research on a person or company before the signing of a contract or investment“.

Due Diligence in KYC and KYB: What is Customer Due Diligence or Client Due Diligence?

In order to get information about a business or person, the first step is to identify it. In other words, making sure that the person or business is who they say they are. Once the identification has been carried out, relationships of trust can be established, and the due diligence process can be developed.

Due Diligence processes are closely related to the term KYB (Know Your Business). The previous step in a remote and digital due diligence process is the identification of the subject to be investigated. This process of digital identification of a business to confirm that the business is what it should be is known as Know Your Business.

Learn about the Know Your Business (KYB) process here.

Similarly, the KYB process is a variant of the standardised and globally used KYC (Know Your Customer) Process. This time, known as Client Due Diligence or Customer Due Diligence (CDD).

Most companies that want to acquire customers remotely have the legal due diligence obligation to identify their users with reliable and secure identity verification systems. This process has evolved from KYC to eKYC (electronic Know Your Customer), due diligence becoming now digital due diligence, meaning a revolution in contractual relationships between users and companies.

This is widely known in the financial sector, where enhanced operational due diligence is required even for existing clients who were not subject to this procedure. Entities manage risk models used to identify high-risk companies and/or clients.

In any company’s due diligence process directed toward an individual, or also self-employed, the KYC process is the first step to carrying out the investigation.

This results in any financial company having to comply with legal due diligence, financial due diligence, customer due diligence or client due diligence, operational due diligence, and technical due diligence in all their processes.

Find out here how digitisation has reconstructed processes.

Legal Due Diligence and KYC Related Regulations

Like all legal procedures, legal due diligence must comply with all current regulations it is affected by, given the nature of the process. In this sense, the regulations that are involved are:

  • GDPR: General Data Protection Regulation rules the protection of people concerning the treatment of their personal data and its use. Any due diligence process must strictly comply with GDPR due to the treatment of the data of the subject investigated by the company.
  • KYC/AML Compliance Due Diligence: The Fifth Anti-Money Laundering Directive, or 5AMLD, regulates all aspects of actions against money laundering in all kinds of processes, both offline and online. It is a mandatory standard that affects all industries, but especially the financial and banking sectors, developing techniques to prevent fraud and money laundering with ongoing due diligence AML centric.
  • eIDAS: Electronic Identification, Authentication and Trust Services Regulation lays the foundations for the identification of companies and users, granting the seal of trust for qualified companies. It rules all aspects related to electronic signatures and online exchanges.

Download here the complete guide to AML5 and eIDAS regulations for free.

Other Types of Due Diligence Process

The due diligence meaning also translates to almost every department of any company. Regarding this, there are other types of due diligence such as the following.

Operational due diligence

The operational due diligence meaning refers to the iterative process of formulating and testing an investment thesis, with the objective of creating an actionable value creation plan. It unwraps possible opportunities and complements the risk-oriented types of due diligence process, such as financial due diligence, to maximise return. The term operational due diligence can cover financial, legal, operational, commercial, IT, and technical engineering matters. Thus, the operational due diligence process answers three key questions:

  1. Are the operations robust?
  2. What are the operational benefits and their full potential?
  3. What can be expected?

Operational due diligence, like any other due diligence process, should be taken as a continuous process, because it does not stop at the end of the due diligence phase, as iterative, since it is focused on providing actionable insights, and is co-creative, every part of the company should take part on it.

Commercial due diligence

Commercial Due Diligence is the process a company engages to determine a target’s strategic fit and commercial attractiveness. To know how to do commercial due diligence the company needs to focus on:

  • Overarching information about the company.
  • Performing an analysis of the company’s performance.
  • Analysing potential risks and problem areas.
  • Analysing the company’s ability to meet its stakeholders’ goals.

Financial due diligence

While commercial due diligence provides a more complete picture of the company as a business entity, the financial due diligence process focuses on assessing the financial health of a business. In this financial due diligence process, the company’s historical and current financial performance is reviewed exhaustively to establish a forecast and identify any potential risks.

Technical due diligence

This type of due diligence process refers to the performance of technical, environmental, and commercial analysis of real estate assets before their purchase or sale.

Basic Characteristics of any Due Diligence Process in KYC/KYB

Any kind of due diligence process has a series of basic characteristics they must follow for the KYC/KYB obligatory process that standardise and regulate it in the face of good practices in this type of risk analysis methods. KYC due diligence requirements:

  • All information is confidential between both parties and must be treated following the established regulations (RGPD, AML5, eIDAS).
  • In many of the negotiations, it is a mandatory process by legal due diligence. Good faith is always assumed by the information giver.
  • It is recommended that it be done by a third-party agent. A company specialising in due diligence, KYB or KYC processes.
  • It must always have a clear professional objective: to identify the contingencies of the party with whom you are going to negotiate and no other intentions.
  • It must be given in a short period and be recent so that it is reliable and true.

Electronic IDentification, eID, as a recognised Regtech partner, can accompany businesses in their due diligence process of identification and verification as a due diligence company.

Cookies on this website are used to personalize content, offer social media features and analyze traffic. We share information with our social media, advertising and web analytics partners, that can combine it with other information provided to them or that they have collected from the use of their services. Manage, get to know, accept or delete cookies by clicking on "Cookie Settings and Policy" . You accept our "Privacy Policy" by navigating this website.


Please rotate your device to continue discovering the leading eID digital identification solutions