While third-party providers can provide a useful service, both the DIA and FMA are aware of an increasing number of reporting entities taking a view that the third-party provider “just takes care of it all” and that all CDD requirements are then met.
Section 34 of the AML/CFT Act allows a reporting entity to authorise and rely on an agent to conduct CDD procedures on its behalf. An agent is a person that has legal authority to represent another party. If you outsource the above CDD procedures under section 34 to a third-party provider, the provider must be acting as your agent. In these circumstances, you remain responsible for ensuring that the CDD conducted by the third-party provider is undertaken to the level required by the AML/CFT Act.