Skip to content
FonteumThe Graph

By use case

Exclusion & monitoring (self-serve)Free roster screen — no accountExclusion & sanctions screeningCredentialing & provider-data enrichmentAudit evidence & defensible programsProvider data for AI / RAGM&A & network diligence

By buyer

Compliance & riskJournalists & newsroomsDevelopers & AI teams

By industry

HealthcareProviders & facilitiesSanctionsOFAC / EU / UK / UN / OIG / SAMFederal contractingSAM · USASpending · FAPIIS

The capability layer

APIREST + bulk accessFor AI agentsModel Context Protocol serverFHIR R4 APIBulk exportAudit packSigned report artifacts; source facts remain separately citedReconciliationSource-vs-source diffsAI answers with sourcesHow records link upHistoryRetained versions for named sources

The differentiator

Coverage & sourcesThe catalogFreshnessMethodologyCare CompareFacility qualityAI answers, comparedBrowse all datasets →
Research

The dev on-ramp

DocsAPI referenceConnect your AI agent (MCP)One-paste installFHIR sandboxLive API surfaceQuickstartStatusChangelogSDKs & integrations
Pricing
Sign inFree roster screen →Get a signed certificate →

Solutions

Exclusion & monitoring (self-serve)Exclusion & sanctions screeningCredentialing & provider-data enrichmentAudit evidence & defensible programsProvider data for AI / RAGM&A & network diligenceCompliance & riskJournalists & newsroomsDevelopers & AI teamsHealthcareSanctionsFederal contracting

Platform

APIFor AI agentsFHIR R4 APIBulk exportAudit packReconciliationAI answers with sourcesHow records link upHistory

Data

Coverage & sourcesFreshnessMethodologyCare CompareAI answers, comparedBrowse all datasets →
Research

Developers

DocsAPI referenceConnect your AI agent (MCP)FHIR sandboxQuickstartStatusChangelogSDKs & integrations
Pricing
Sign inFree roster screen →Get a signed certificate →
  1. Fonteum
  2. /
  3. Glossary
  4. /
  5. Due Diligence
Fonteum Data GlossaryRegulatory

What is customer due diligence (CDD)?

Customer due diligence (CDD) is the process financial institutions use to understand a customer's identity, beneficial ownership, and the purpose of the relationship, and to monitor activity on an ongoing basis. It is an evidence workflow rather than a one-time search: strong programs document sources, dates, limitations, and the reasoning used to clear or escalate a record.

Full name: Third-Party and KYC Due Diligence

Short explanation

In a third-party or KYC context, due diligence means collecting and assessing enough information to understand the counterparty, the purpose of the relationship, ownership and control, sanctions or exclusion exposure, and changes over time. It is an evidence workflow, not a one-time search. Strong programs preserve sources, dates, limitations, and the reasoning used to clear or escalate a record.

Related use case: Exclusion & sanctions screening

Last updated: 2026-07-11Reviewed by: Fonteum data standards desk — Source-provenance editorial review. Definitions checked against primary federal sources.

How it’s used

  • KYC programs: financial institutions use customer due diligence to understand customer identity, beneficial ownership, relationship purpose, and monitoring needs.
  • Vendor screening: procurement and compliance teams check sanctions, exclusions, corporate registries, and ownership records before and during a relationship.
  • Fonteum supports due diligence by preserving source, date, limitation, and identity-resolution context for each public-record fact it displays.

Frequently asked questions

What does due diligence mean in KYC?
It means collecting and assessing information about a customer, ownership, relationship purpose, and ongoing activity so a firm can understand and monitor the relationship.
What is third-party due diligence?
Third-party due diligence is the process of checking vendors, contractors, suppliers, or partners against public records and internal requirements before and during a business relationship.
Is due diligence a one-time lookup?
No. It usually includes onboarding checks, documented decisions, periodic refreshes, and event-driven follow-up when a source record changes.

Related terms

  • Exclusion Screening
  • SAM Exclusion
  • LEIE
  • UEI
  • CAGE Code
  • Entity Resolution
  • Provenance
  • WOSB Certification
  • HUBZone Certification

Explore in Fonteum

How Fonteum sources, resolves, and publishes data tied to this term.

  • Use caseExclusion & sanctions screening
  • Use caseGovernment-contractor data use case
  • PlatformSource provenance model

Authoritative sources

  • FinCEN: CDD Final Rule↗
  • FFIEC BSA/AML Manual: Customer Due Diligence↗
← All glossary terms

What’s on file, by the numbers

Platform snapshot · 2026-07-15

13.4Mproviders & companiesProviders, organizations, owners, and facilities on file
26.2Msource-linked factsSource-linked field facts in the dated platform snapshot
—sources liveCrosswalk-resolved sources with a proved content transition in the preceding 45 days
111sources integratedActive registry rows; integration does not establish a load
13state Medicaid jurisdictionsDistinct states represented in the state-exclusions serving table

Built on the authoritative federal record

The primary sources, named on every page.

These are the federal agencies whose public datasets Fonteum ingests and attributes — the issuing authorities, not customers or partners. Every figure on the site links back to one of them.

  • CMS
  • HHS-OIG
  • HRSA
  • FDA
  • NLM
  • NUCC
  • Census
  • BLS
  • BEA

See the full source registry, with license and refresh cadence for each →

Reproducible by design

Published figures name their source and date.

Source and date

Published research identifies its government file and observation date. Source-file SHA-256 coverage is disclosed separately; facts do not currently link deterministically to signatures.

Reproducible SQL

Each study ships the exact query behind its figures, run against the same dated copy of the federal file we used. Re-run it yourself.

Daily observations

The platform records table row counts daily. Those observations detect local drift; they do not imply that an upstream publisher released or Fonteum ingested new data that day.

Named medical review

Reviewed by Jennifer Montecillo, MD, medical reviewer. Non-practicing medical reviewer.

Read the full provenance and attestation methodology →

Fonteum
Platform
Platform overviewAPIFor AI agents (MCP)FHIR R4 APIBulk exportAudit packReconciliationAI answers with sourcesHow records link upHistory
Solutions
All solutionsExclusion & sanctions screeningCredentialing & enrichmentAudit evidenceProvider data for AI / RAGUse casesM&A & network diligenceCompliance & riskJournalists & newsroomsDevelopers & AI teams
Data & sources
Coverage & sourcesBrowse all datasetsState Medicaid exclusionsFreshnessMethodologyCare CompareNursing homesRecall recordsSanctions screeningOIG LEIE listOwnershipStaffingDeficienciesSpecial Focus Facilities
Federal contracting
OverviewAwards during active exclusionFederal debarment scorecardProcurement questionsContractor lookup8(a) certification guide
Developers
Developer hubDocsAPI referenceQuickstartStatusChangelogSDKs & integrationsWebhooks
Research & guides
Research hubLearnHow it worksGuidesHealthcare provider dataExclusion & sanctions screeningProvider credentialing dataHealthcare data for AIHospital margin gapProvider access gapsGlossaryComparisonsSourced data vs plain LLM answersCitationsManifestoWhy Fonteum
Company
AboutPressCustomersPricingContactEditorial policyCorrections
Trust & legal
TrustTrust markQualitySecurityPrivacy policyTerms of serviceAPI termsMedical disclaimer

Reviewed by Jennifer Montecillo, MD, medical reviewer. Non-practicing medical reviewer.

© 2026 Fonteum LLC. All rights reserved.

·hello@fonteum.com

A public-records graph that exposes source and observation metadata where supplied.

Fonteum's provenance ledger contained 26.2M source-linked facts on July 12, 2026. All but 14 carried a source-file SHA-256; 0 linked deterministically to a signature. Inspect a supplied snapshot id at fonteum.com/verify · source-mark coverage and limitations.
Request access→