What Is Enhanced Due Diligence (EDD)?

Enhanced Due Diligence (EDD) is a more in-depth process used by financial institutions to ensure their customers are not involved in illegal activities like money laundering or financing terrorism. Unlike standard checks, EDD requires a thorough investigation into a customer’s background, including verifying multiple identification documents, understanding who really owns the assets, and continuously monitoring their transactions. This extra layer of scrutiny helps institutions manage the risks associated with high-risk customers.

The process of EDD is guided by the Financial Action Task Force (FATF), a global authority that sets the standards for combating money laundering and terrorism financing. The FATF outlines which types of businesses and individuals should undergo this rigorous process, making sure that financial institutions take the necessary steps to comply with international regulations and protect their reputation.

When Is Enhanced Due Diligence Required?

An EDD check is much more involved, costly, and time-consuming than a customer due diligence check. Thus, a risk-based approach is best, where banks, fintechs and other related organizations can decide whether to trigger EDD checks after the customer has been assessed by a digital footprinting solution.

The triggering flags associated with EDD are part of the government mandate and are sometimes distinct from what we associate with run-of-the-mill fraudsters. For example, Enhanced due diligence AML legislation dictates that the following are subject:

• Politically Exposed Persons (PEPs): individuals who are in prominent positions visible to the public, remaining transparent for the sake of public trust
• Special Interest Persons (SIPs): individuals who have previously been, or are currently, linked to financial crimes
• clients from countries that have been sanctioned or embargoed
• individuals who have been sanctioned or embargoed themselves
• customers who are caught up in negative media coverage
• customers whose transactions are apparently unusual or seemingly economically useless
• clients from countries on the Financial Action Task Force’s greylist or blacklist, or countries designated as high-risk
• particularly wealthy clients
• clients whose transactions are unnecessarily complex and lend themselves to obfuscating a beneficial owner, including correspondence banking where the client is never physically present

As cybercrime is a constantly evolving landscape, these metrics evolve as well. While legislators take into account the damage excess customer friction can bring to profits, these changes can often be difficult for companies to navigate. 

Why is EDD Important?

Enhanced Due Diligence (EDD) is crucial for high-risk applicants, enabling them to access financial products that would otherwise be out of reach. Non-compliance with EDD can result in severe penalties and reputational damage for financial institutions. However, strong EDD practices enhance a company’s reputation, especially in the fintech and ecommerce sectors where customer trust is vital.

How Does Enhanced Due Diligence Compliance Work?

When a customer meets one or several of the required metrics, it is up to a company’s KYC compliance team to decide how best to deliver a reasonable assurance to regulators that this client was legit, as part of the enhanced due diligence process.

To approach this level of reasonability, the entire EDD process must be documented carefully and, from the client, the team will surely require:

• Verify Multiple Identification Documents: Ensure all necessary identification documents are thoroughly verified, which may require in-person submission.
• Identify the Ultimate Beneficial Owner: Determine the true owner behind a business, especially in cases involving complex or opaque corporate structures.
• Conduct a Comprehensive Asset Audit: Perform a detailed audit of the beneficial owner’s assets, comparing their reported assets and cash flow with actual figures to spot any suspicious inconsistencies.
• Implement Ongoing Account Monitoring: Develop a plan for continuous monitoring of the client’s accounts to ensure ongoing compliance with regulations.

Enhanced Due Diligence Vs Customer Due Diligence

EDD is an extension of Customer Due Diligence (CDD), which itself is the foundation of the Know Your Customer (KYC) mandates. Where the principles of CDD are applied to every customer, EDD is a step of CDD that is reserved for specific cases with a higher potential to be dangerous or damaging.

In cases where the likelihood of terrorist funding or money laundering is apparently low, as in cases of low-value accounts, SDD (Simplified Due Diligence) can be applied, which asks for less identifying information than CDD or EDD.

Enhanced Due Diligence in AML

Under CDD regulations, firms must retain records of all collected information, such as identification documents and business records, for a minimum of five years. These records should be easily accessible to respond to regulatory requests and to allow authorities to trace individual transactions, including specific details like transaction amounts and currency types.

When CDD measures indicate possible criminal activity, firms are obligated to promptly file a suspicious activity report (SAR) with their jurisdiction’s financial intelligence unit (FIU). Although regulatory requirements vary, it’s crucial for firms to stay informed about the specific rules in their operational areas.