On 26 June 2015, Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (Directive (EU) 2015/849) entered into force. This Directive aims, inter alia, to bring European Union legislation in line with the International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation that the FATF, an international AML/CFT standard setter, adopted in 2012.

In line with the FATF's standards, Directive (EU) 2015/849 puts the risk-based approach at the centre of European Union's AML/CFT regime. It recognises that the risk of ML/TF can vary and that Member States, competent authorities and obliged entities have to take steps to identify and assess that risk with a view to deciding how best to manage it.

For obliged entities, CDD is central to this process, for both risk assessment and risk management purposes. CDD means:

• identifying the customer and verifying the customer's identity on the basis of documents, data or information obtained from a reliable and independent source;

• identifying the customer's beneficial owner and taking reasonable measures to verify their identity so that the obliged entity is satisfied that it knows who the beneficial owner is;

• assessing and, as appropriate, obtaining information on the purpose and intended nature of the business relationship; and