Business will have to identify customers by collecting a minimum amount of information.   The amount of information to collect will depend whether the due diligence process for the customer is simplified, standard or enhanced.   Having sufficient information about a customer or a prospective customer, and making use of that information, is the most effective weapon against facilitating the proceeds of crime.  In addition it provides protection against fraud, enables suspicious activities to be recognised and protects against reputational and financial risks.

After a customer has provided information on their identity, the information needs to be verified from reliable and independent sources.  Though Regulations and Codes of Practice will confirm appropriate verification sources, verifying an individual's name and date of birth is likely to be satisfied by relying on a passport or a combinaton of a birth certificate and drivers licence.   Verification of a corporate customer is likely to be satisfied by relying on a certificate of incorporation and audited financial accounts.

The Act requires the nature and purpose of the customer’s relationship to be recorded and retained.  The nature and purpose may include detail such as business activity of a corporate entity,  expected volume / value of transactions, geographic locations of customers / transactions and balance sheet asset value.  This information will assist to build a customer profile and should lessen human resourcing requirements by reducing "red flag" alerts.