Customer due diligence is required, and this includes the following elements.

1. Identifying the customer
2. Making a list of all beneficial owners
3. Recognising the customer's ownership and control structure
4. Dealers or issuers of travellers' cheques
5. Knowing the objective and planned nature of the business relationship or occasional transaction and gathering information on it
6. Utilising documents, data, or other information collected from a reputable and independent source to verify the identification of the customer and all beneficial owners in a risk-based manner
7. Using a risk-based method to check the customer's and the beneficial owners' sources of wealth
8. Using a risk-based method to check the customer's and the beneficial owners' sources of wealth
9. Identifying the political exposure of the consumer or its beneficial owner
10. Carrying out continual observation
11. Recording all activities conducted in accordance with due diligence procedures

If the obliged party engages in the following acts, the aforementioned actions must be taken.

1. Creates a commercial connection
2. Carries out a transaction every now and then totalling at least 15,000 euros, whether the transaction is completed in a single operation or a series of connected transactions
3. People who trade goods may occasionally conduct cash transactions of 10,000 euros or more, whether they are completed in a single operation or a series of linked activities
4. Suspicions of terrorism financing, money laundering, or nuclear proliferation
5. Questions the validity of documents, data, or information that have already been gathered for the sake of identification or verification
6. Constitutes a transfer of more than 1,000 euros in value
7. Occasionally engages in transactions involving virtual assets with a value of at least 1,000 euros, whether the transaction is completed in a single operation or a series of linked operations that are connected

Customers who are politically exposed persons (PEPs) demand further due diligence from the obliged entity than those who are not PEPs, including:

1. Obtain top management's consent before beginning or maintaining a business engagement with that person
2. Take the necessary steps to determine the wealth and funding sources engaged in the business partnership or sporadic transaction
3. Enhance continual relationship monitoring wherever the commercial relationship is established

Keeping records required for:

1. Documents and data collected during client due diligence, for a period of 5 years following the completion of a single transaction or the termination of the business relationship.
2. Supporting documentation and 5 years' worth of transactional records:
   1. From the date the transaction is completed if the records pertain to a specific transaction
   2. From the day the business relationship terminates, for all other records

Establishing and upholding suitable and risk-sensitive policies, controls, and processes regarding:

1. Customer due diligence procedures and ongoing supervision
2. Reporting
3. Recordkeeping
4. Internal regulation
5. Appointing a compliance officer
6. Employer evaluation