Ongoing due diligence (further – ODD) refers to the continuous process of monitoring and evaluating a customer’s profile and activities after the initial onboarding. This is crucial to ensure compliance with Anti-Money Laundering (AML) laws, Counter-Terrorism Financing (CTF) regulations, and Know Your Customer (KYC) requirements. Goals of ongoing due diligence are :
- To mitigate risks: Continuously monitor customer transactions for signs of suspicious activity, fraud, or illegal behavior, ensuring that any potential threats are identified and addressed early.
- Compliance Assurance: Ensure that we stay in compliance with evolving regulatory frameworks and legal requirements, including AML, KYC, and CTF regulations.
- Maintain Customer Profile Accuracy: Update customer data and profiles as necessary, based on new information or changes in their business or financial activity, to ensure ongoing risk assessment is based on the most current and accurate information.
- Implement Enhanced Due Diligence (EDD): For higher-risk customers or transactions, perform more in-depth scrutiny and reporting to ensure compliance with the financial institution’s risk management protocols.
- Maintain a Trustworthy Relationship: Build and sustain trust with customers and regulators by demonstrating proactive efforts to prevent financial crimes and ensure transparency in financial activities.
By leveraging APIs to manage this ongoing due diligence process, BaaS partners help streamline compliance and risk management activities, providing robust and scalable solutions for their customers.
Prerequisites
To perform ODD, a personal customer should be already onboarded via our onboarding API.
ID status for such customer should be approved. There is no need to re-do IDV if it’s still valid, but if a document is expired, then this will be requested during ODD process as well.
Monitoring
In order to receive information about incoming ODD date, at phase 1 ConnectPay will share a list of customers that ODD time is coming this year.
At phase 2, there will be separate webhook event to subscribe and track.
Data collection
Based on separate risk scores, ConnectPay maintains 3 different timelines for customers:
- Each 1 year for higher risk customers;
- Each 2 years for medium risk customers;
- Each 3 years for low risk customers.
There are cases when ODD can be triggered by risk-related events as well.
Notification about ODD is prepared 60 days until ODD date – to properly prepare communication for customers and start data collection.
Data is collected via new endpoint Personal ODD Application API.
In a table below we provide parameter descriptions and constraints that we modified in format in comparison to initial Personal Onboarding API v1. We would like to note that Personal Onboarding version 2 is already available and will have same fields as ODD application :
| Parameter Name | Is mandatory? | Description | Type | Constraint | Additional comment |
|---|---|---|---|---|---|
account.connectionToLithuania | Yes | Defines connection to Lithuania | Array of strings | WorkOwnRealEstateHaveCompanyInLtStudyingInLtResidencePermitSpouseIsLtCitizenTaxRefundsStateBenefitsHaveCounterpartiesLocatedInLtEuroAccount | values changed to PascalCase |
account.purposesOfAccount.[] | Yes | Defines the purposes of the accountMultiselect | String | SalaryIndividualOrSoleTraderIncomePersonalOrHouseholdExpensesForeignTransactionsVirtualCurrencyOrGamblingRelatedTransactionsInvestmentTransactionsOrLoanPaymentsOther | if value is not from the defined list, it should be added as Other values changed to PascalCase |
account.sourceOfIncome | Yes | Select | String | EmploymentOrIndividualBusinessIncome | if value is not from the defined list, it should be added as Other values changed to PascalCase |
account.requestedProducts[] | No | List of defined CP products | String | RailsSwift | values changed to PascalCase |
account.monthlyGrossTurnover | Yes | Expected account turnover of a client | String | 0_1000 | values changed to PascalCase |
account.intendedCountriesToTransactWith | Yes | Country list from where and to where funds will be sent | Array of string | Min length 2 Max length 2 Not null Not digits Not characters: ~!@#$%^*()_+={}[]\|:;",<>/? | Enum: "LT" "AF" "AL" "DZ" "AS" "AD" "AO" "AI" "AQ" "AG" "AR" "AM" "AW" "AU" "AT" "AZ" "BS" "BH" "BD" "BB" "BY" "BE" "BZ" "BJ" "BM" "BT" "BO" "BA" "BW" "BV" "BR" "IO" "BN" "BG" "BF" "BI" "KH" "CM" "CA" "CV" "KY" "CF" "TD" "CL" "CN" "CX" "CC" "CO" "KM" "CK" "CR" "CI" "HR" "CU" "CY" "CZ" "DK" "DJ" "DM" "DO" "TL" "EC" "EG" "SV" "GQ" "ER" "EE" "ET" "FK" "FO" "FJ" "FI" "FR" "GF" "PF" "TF" "GA" "GM" "GE" "DE" "GH" "GI" "GR" "GL" "GD" "GP" "GU" "GT" "GN" "GW" "GY" "HT" "HM" "HN" "HK" "HU" "IS" "IN" "ID" "IR" "IQ" "IE" "IL" "IT" "JM" "JP" "JO" "KZ" "KE" "KI" "KW" "KG" "LA" "LV" "LB" "LS" "LR" "LY" "LI" "LU" "MO" "MG" "MW" "MY" "MV" "ML" "MT" "MH" "MQ" "MR" "MU" "YT" "MX" "MC" "MN" "MS" "MA" "MZ" "MM" "NA" "NR" "NP" "NL" "AN" "NC" "NZ" "NI" "NE" "NG" "NU" "NF" "MP" "NO" "OM" "PK" "PW" "PA" "PG" "PY" "PE" "PH" "PN" "PL" "PT" "PR" "QA" "RE" "RO" "RU" "RW" "KN" "LC" "VC" "WS" "SM" "ST" "SA" "SN" "SC" "SL" "SG" "SK" "SI" "SB" "SO" "ZA" "GS" "ES" "LK" "SH" "PM" "SD" "SR" "SJ" "SZ" "SE" "CH" "SY" "TW" "TJ" "TH" "TG" "TK" "TO" "TT" "TN" "TR" "TM" "TC" "TV" "UG" "UA" "AE" "GB" "US" "UM" "UY" "UZ" "VU" "VA" "VE" "VN" "VG" "VI" "WF" "EH" "YE" "YU" "ZM" "ZW" "AX" "BQ" "CG" "CD" "CW" "GG" "IM" "KP" "KR" "MK" "FM" "MD" "ME" "PS" "BL" "MF" "RS" "SX" "SS" "TZ" "KS" "JE" "FX" |
account.occupation | Yes | Job or profession, referring to the work they do to receive funds for a living | string | Employee | if value is not from the defined list, it should be added as Other |
account.occupationAdditionalDetails.company | No | Customer’s workplace name | string | Min length 3 Max length 100 Not null | Conditional mandatory if Employee selected in account.occupation |
account.occupationAdditionalDetails.position | No | Customer’s position at their workplace | string | Min length 3 Max length 100 Not null | Conditional mandatory if Employee selected in account.occupation |
account.occupation.AdditionalDetails.Other | No | Customer’s occupation | string | Min length 3 Max length 100 Not null | Conditional mandatory if Other selected in account.occupation |
merchant.paymentMethod | No | How the payments are made:CardPIS | array of String | Card Pis | values changed to PascalCase |
Note! Same as personal application v2, ODD application will have x-connectpay-requestid as Response header instead of X-Request-ID.
To receive status of ODD application, same GET Application Status API can be used.
To receive webhook notification, also same Events are used – Application Webhooks.
Possible personal application statuses
| Status | Description |
|---|---|
| APPLICATION_CAPTURED | This message informs you that your application is in compliance review and that additional checks are required. Not all applications receive this status, and it stays in this status until a live person evaluates it. |
| COMPLIANCE_REVIEW | Informs that the application is in manual check. |
| APPLICATION_APPROVED | Informs that the application was approved and next ODD date calculated. |
| APPLICATION_DECLINED | Informs that application was declined. This status is always initiated manually from ConnectPay side. Before declining an application, a live person evaluates it, contacts partner if any additional supporting documents are required and only if further services cannot be provided, such case leads to customer termination. |