identify the customer unless the identity of that customer is known to, and has been verified by, the relevant person;

verify the customer's identity unless the customer's identity has already been verified by the relevant person; and

assess, and where appropriate obtain information on, the purpose and intended nature of the business relationship or occasional transaction.

identify the beneficial owner;

take reasonable measures to verify the identity of the beneficial owner so that the relevant person is satisfied that it knows who the beneficial owner is; and

if the beneficial owner is a legal person, trust, company, foundation or similar legal arrangement take reasonable measures to understand the ownership and control structure of that legal person, trust, company, foundation or similar legal arrangement.

has not succeeded in doing so, or

is not satisfied that the individual identified is in fact the beneficial owner.

keep records in writing of all the actions it has taken to identify the beneficial owner of the body corporate;

referred to in sub-paragraph (a) and delivered to the registrar of companies (within the meaning of section 1060(3) of the Companies Act 2006 (the registrar)) under any enactment; or

contained in required particulars in relation to eligible Scottish partnerships delivered to the registrar of companies under regulation 19 of the Scottish Partnerships (Register of People with Significant Control) Regulations 2017 M4.

verify that A is authorised to act on the customer's behalf;

identify A; and

verify A's identity on the basis of documents or information in either case obtained from a reliable source which is independent of both A and the customer.

scrutiny of transactions undertaken throughout the course of the relationship (including, where necessary, the source of funds) to ensure that the transactions are consistent with the relevant person's knowledge of the customer, the customer's business and risk profile;

undertaking reviews of existing records and keeping the documents or information obtained for the purpose of applying customer due diligence measures up-to-date.

may differ from case to case.

the purpose of an account, transaction or business relationship;

the level of assets to be deposited by a customer or the size of the transactions undertaken by the customer;

the regularity and duration of the business relationship.

a relevant person has taken customer due diligence measures in relation to a customer;

identified by the risk assessment carried out by the relevant person under regulation 18(1);

identified by its supervisory authority and in information made available to the relevant person under regulations 17(9) and 47.

except in paragraph (10), “verify” means verify on the basis of documents or information in either case obtained from a reliable source which is independent of the person whose identity is being verified;

documents issued or made available by an official body are to be regarded as being independent of a person even if they are provided or made available to the relevant person by or on behalf of that person.

it is obtained by means of an electronic identification process, including by using electronic identification means or by using a trust service (within the meanings of those terms in Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23rd July 2014 on electronic identification and trust services for electronic transactions in the internal market M9); and

that process is secure from fraud and misuse and capable of providing F5assurance that the person claiming a particular identity is in fact the person with that identity, to a degree that is necessary for effectively managing and mitigating any risks of money laundering and terrorist financing.