Enhanced Due Diligence

What Is Enhanced Due Diligence?

Enhanced Due Diligence (EDD) is part of a regulated body of Anti-Money Laundering (AML) legislation that requires financial institutions to take responsibility for the validity of their customers, making sure they aren’t part of explicitly illegal financial activity or funding terrorism. Note that EDD is sometimes called Enhanced Customer Due Diligence (ECDD). The two terms are synonymous.

As the global money laundering and terrorism financing watchdog, it is the Financial Action Task Force (FATF) that defines EDD and the types of companies and individuals that should be subject to it.

How Is Enhanced Due Diligence Different from Customer Due Diligence?

EDD is an extension of Customer Due Diligence (CDD), which itself is the foundation of the Know Your Customer (KYC) mandates. Where the principles of CDD are applied to every customer, EDD is a step of CDD that is reserved for specific cases with a higher potential to be dangerous or damaging.

In cases where the likelihood of terrorist funding or money laundering is apparently low, as in cases of low-value accounts, SDD (Simplified Due Diligence) can be applied, which asks for less identifying information than CDD or EDD.

When Is Enhanced Due Diligence Required?

An EDD check is much more involved, costly, and time-consuming than a CDD check. Thus, a risk-based approach is best, where banks, fintechs and other related organizations can decide whether to trigger EDD checks after the customer has been assessed by fingerprinting software.

The triggering flags associated with EDD are part of the government mandate and are sometimes distinct from what we associate with run-of-the-mill fraudsters. For example, Enhanced due diligence AML legislation dictates that the following are subject:

• Politically Exposed Persons (PEPs): individuals who are in prominent positions visible to the public, remaining transparent for the sake of public trust
• Special Interest Persons (SIPs): individuals who have previously been, or are currently, linked to financial crimes
• clients from countries that have been sanctioned or embargoed
• individuals who have been sanctioned or embargoed themselves
• customers who are caught up in negative media coverage
• customers whose transactions are apparently unusual or seemingly economically useless
• Clients from countries on the Financial Action Task Force’s greylist or blacklist, or countries designated as high-risk
• particularly wealthy clients
• clients whose transactions are unnecessarily complex and lend themselves to obfuscating a beneficial owner, including correspondence banking where the client is never physically present

As cybercrime is a constantly evolving landscape, these metrics evolve as well. While legislators take into account the damage excess customer friction can bring to profits, these changes can often be difficult for companies to navigate. 

What Happens During an Enhanced Due Diligence Check?

When a customer meets one or several of the required metrics, it is up to a company’s KYC compliance team to decide how best to deliver a reasonable assurance to regulators that this client was legit, as part of the enhanced due diligence process.

To approach this level of reasonability, the entire EDD process must be documented carefully and, from the client, the team will surely require:

1. multiple identification documents verified, possibly delivered in-person
2. establishment of the ultimate beneficial owner – the actual entity that stands to make money in a company with a complex or opaque structure
3. a thorough audit of the beneficial owner’s assets, including a comparison of their reported apparent assets and incoming cash flow with their actual assets and sources of wealth, checking for potentially suspicious inconsistencies
4. a design for a plan to monitor the associated accounts moving forward, to make sure the client remains compliant

Why Is EDD Important?

Enhanced Due Diligence can generally be thought of as applicable to the most high-risk applicants. For them, it would be impossible to access financial products without it.

Correspondingly, where non-compliance to normal CDD can lead to incremental losses via fraud over time, failing to comply with EDD regulations can result in much larger risks for the financial organization: larger fines, as well as the knowledge that your organization may have helped finance terrorism – reputationally damaging, to say the least. 

On the other hand, being a financial organization that is known to be EDD-airtight is obviously a boon to the marketplace in general. The fintech and ecommerce industries only become more volatile as the world moves towards full device mobility, and a brand reputation that includes high customer trust stands the best chance at proving itself.

How Does EDD Help Fight Fraud?

As EDD is part of a risk-based KYC process, being EDD compliant goes hand-in-hand with a strong security team that actively discourages financial crime and fraud.

Companies who leverage some sort of fraud-fighting software on inbound customers to measure their risk will inevitably discover potential fraudsters, as well as highlight those customers who need to be passed up to an Enhanced Due Diligence team so they can be scrutinized more closely via manual review.

Related Terms

Related Articles