Member States may permit obliged entities to rely on third parties to meet the customer due diligence requirements laid down in points (a), (b) and (c) of the first subparagraph of Article 13(1) (CDD). However, the ultimate responsibility for meeting those requirements shall remain with the obliged entity which relies on the third party.
Third parties (Article 26)
Member States must prohibit obliged entities from relying on third parties established in high-risk third countries. Member States may exempt branches and majority-owned subsidiaries of obliged entities established in the Union from that prohibition where those branches and majority-owned subsidiaries fully comply with the group-wide policies and procedures in accordance with Article 45 (Article 26(2)).
Obtaining required information from the third party (Article 27)
Specific rules are laid out in Article 27 where an obliged entity is obtaining required information from a third party.