Site icon iDenfy

What is Enhanced Due Diligence (EDD)? [With Examples]

In the current business and regulatory environment, companies go beyond mere profit considerations. That’s no surprise, as every year, millions in illicit cash flow go through the financial system undetected. So, despite law enforcement efforts to prevent illicit activities, businesses must go the extra step and actively seek to understand the entities they engage with. 

For companies aiming to mitigate the risks of money laundering and terrorist financing, this involves the identification and verification of customers’ identities, aligning with Know Your Customer (KYC) and Anti-Money Laundering (AML) guidelines. In the meantime, Enhanced Due Diligence (EDD) is an extension of the KYC process, offering a more in-depth risk-based approach.

Depending on the assessed level of ML/TF risk associated with a specific customer or business relationship, companies may opt for Simplified Due Diligence (SDD), Customer Due Diligence (CDD), or EDD. The EDD process includes additional measures that companies must employ to scrutinize and monitor high-risk customers and detect potential money laundering activities.

The Definition of Enhanced Due Diligence

Enhanced Due Diligence (EDD) is an advanced risk assessment process that involves gathering and analyzing information about high-risk customers or business relationships to identify and mitigate potential financial crimes, such as money laundering and terrorist financing.

EDD for businesses means implementing a set of additional measures designed to check and monitor high-risk or high-net-worth customers and their high-volume transactions. Given the elevated risks associated with these customers and transactions, they undergo stringent regulation and monitoring to ensure compliance and integrity within the financial sector.

EDD measures consist of different procedures, such as:

In simple words, EDD is an extended KYC and AML process that intensifies the scrutiny of potential business partnerships, uncovering risks not detectable through standard due diligence.

The Difference Between Customer Due Diligence and Enhanced Due Diligence

While Customer Due Diligence (CDD) establishes the groundwork for risk assessment, Enhanced Due Diligence (EDD) builds upon it by introducing additional measures to achieve a more comprehensive understanding of high-risk customers. The primary difference between CDD and EDD lies in their scope of application. CDD is a standard practice applied to all customers, while EDD is specifically reserved for high-risk customers who warrant additional scrutiny.

Regulated entities are mandated to have a clear understanding of their business relationships. Consequently, businesses striving to fulfill CDD and EDD requirements engage in Know Your Customer (KYC) checks. KYC encompasses not only CDD but also involves customer identity verification and continuous monitoring. Similarly, it’s essential to recognize that EDD is just one component within the broader framework of CDD.

Several characteristics that differentiate enhanced due diligence from standard customer due diligence:

Related: What is the Difference Between CDD and EDD?

Who are High-Risk Customers?

High-risk customers are individuals with the potential to pose a threat to a company and its operations. Typically, these individuals can give rise to compliance concerns, engage in fraudulent activities, or attempt to instigate a cybersecurity breach.

It’s possible to determine if a customer needs EDD based on some attributes that identify a high-risk customer. The key high-risk customer types include:

For example, when identifying a PEP, which is a high-risk customer, during the EDD process, companies should assess their type, if they’re a congressman, politician, etc., determine the period during which they held or currently hold such a position, and investigate their source of funds and wealth.

EDD Requirements for Collecting Data About High-Risk Customers

EDD mandates organizations to collect additional information about high-risk customers. This data includes:

Why is Enhanced Due Diligence Important?

Enhanced Due Diligence (EDD) is important for businesses that want to implement a robust AML program. To achieve this, companies must follow EDD and acquire additional information to scrutinize potential money laundering activities and high-risk individuals linked to such activities.

Other reasons that show the importance of EDD include:

In general, the EDD process empowers organizations to handle high-risk customers and transactions effectively. By doing so, EDD minimizes the potential for financial losses, legal penalties, and damage to reputation while also helping companies ensure AML compliance.

When is Enhanced Due Diligence Required?

Financial Action Task Force (FATF) recommends obliged entities to incorporate customer due diligence (CDD) requirements into their Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) processes, as outlined in Recommendation 10 of the FATF’s 40 Recommendations.

FATF specifies that EDD measures should be applied to business relationships and transactions with natural and legal persons and financial institutions. Additionally, according to the FATF, companies must implement Know Your Customer (KYC)/AML and all CDD measures for:

In the meantime, monitoring should be an ongoing, continuous obligation rather than a one-time legal requirement.

The five FATF-recommended best steps for EDD include:

  1. Obtaining additional identifying information from a diverse range of sources.
  2. Conducting extra searches to enhance the depth of investigation.
  3. Verifying the source of funds to ensure they are not proceeds from criminal activities.
  4. Collecting additional information from the customer regarding the purpose and nature of business relationships.
  5. Initiating an intelligence report on the customer or beneficial owner.

10 Examples of Customers Who Always Require EDD

Here are ten common examples of when EDD is necessary for individuals or situations posing a higher risk:

  1. High-risk customers such as PEPs or known criminals on watchlists and their close family members.
  2. Businesses that engage in anonymous transactions without face-to-face interaction.
  3. Cash-intensive businesses that carry elevated risk due to a significant volume of cash transactions.
  4. Business relationships with unclear or unexplained conditions, such as offshore firms catering to customers in high-risk jurisdictions.
  5. Companies with shareholders acting as nominees or shares held in bearer form.
  6. Customers who are non-residents or are under economic sanctions.
  7. Legal entities or structures that function as personal asset-holding vehicles.
  8. Payments received from third parties that are unknown or not associated.
  9. Private banking institutions or businesses that facilitate transactions with unknown third parties, complicating the process of source-of-funds tracking.
  10. Businesses operating in countries subject to active sanctions, embargoes, high corruption rates, or prevalent terrorist and criminal activities.

It’s important to mention that customers who are deemed as ‘high-risk‘ don’t automatically imply involvement in criminal activities. Instead, this factor signals a heightened risk that requires careful scrutiny. 

Which Countries Require Enhanced Due Diligence?

The list of high-risk countries that require enhanced due diligence consists of:

In Europe, Article 18 of the Fourth Anti-Money Laundering Directive (4AMLD) specifies that businesses situated in countries listed as high-risk third countries require EDD.

In general, regulators categorize countries such as Syria, North Korea, or Pakistan as high-risk, necessitating EDD. The European Commission also designates high-risk third countries based on strategic deficiencies in their AML/CTF regimes. That’s why these high-risk countries exhibit significant deficiencies in their AML frameworks, demonstrate a notable level of corruption based on transparency index rankings, and typically aren’t members of the FATF.

What Industries are Subject to EDD?

The FATF mandates that countries and businesses adopt a risk-based approach (RBA) to AML compliance, including EDD. However, certain industries naturally face a higher risk of financial crimes or illicit activities, showing the need for the adoption of Enhanced Due Diligence measures.

Examples of industries that must employ EDD include:

How to Conduct Enhanced Due Diligence?

Aligning with FATF recommendations, companies must adopt a risk-based approach to enhanced due diligence measures tailored to unique AML risks presented by their customers.

In practice, the recommended EDD checklist consists of these steps:

  1. Employing a risk-based approach
  2. Obtaining additional identifying information
  3. Reviewing ultimate beneficial ownership and source of funds
  4. Implementing transaction monitoring
  5. Using adverse media screening
  6. Conducting on-site visits
  7. Reviewing documentation and reporting
  8. Developing an ongoing risk-based monitoring system

These steps in the EDD process are important for showcasing compliance and responding to regulatory inquiries. The customer’s risk profile serves as a detailed report outlining the steps undertaken to verify their identity, assess their risk level, and document any findings or red flags identified during EDD.

AML Requirements for Enhanced Due Diligence

Industries at a higher risk of money laundering, such as virtual assets, often impose KYC requirements globally. In the US, FinCEN highlights that the scope of due diligence measures varies on a case-by-case basis. However, all jurisdictions should stay ahead of continually evolving AML sanctions. That’s why regular sanctions screening is necessary for EDD to ensure customers are not on any global sanctions lists or criminal watchlists.

Companies should also have the capability to efficiently comply with requests for records from regulators, enabling authorities to reconstruct individual transactions, including details such as the amounts of money involved and the types of currency used. CDD regulations typically mandate firms to retain records of the collected information for a minimum of five years. 

In instances where CDD measures provide reasonable grounds to suggest a customer’s involvement in criminal activity, regulated entities must report this information to their jurisdiction’s financial intelligence unit (FIU) through a suspicious activity report (SAR).

Using RegTech Solutions for Automating Enhanced Due Diligence

Adapting to evolving compliance requirements and criminal behaviors, companies tend to switch to a more innovative approach to EDD — RegTech solutions. This strategic shift to automation not only strengthens their AML programs but also proactively safeguards against emerging threats of financial crime.

At iDenfy, we help companies easily integrate AI-powered identity verification and AML screening into a simple, hassle-free onboarding process for the end customer. Additionally, we help assess customers and their risk profiles without adding unnecessary friction to the KYC flow. All the needed tools for enhanced due diligence are in one place, including PEPs and sanctions screening, adverse media screening, watchlist screening, and business verification services for corporate clients.

Of course, technology serves as a valuable tool in streamlining EDD processes, but the human touch remains crucial for managing emerging threats. For this reason, we have a dedicated in-house KYC specialist team that can manually review each verification result in real-time. Additionally, our compliance experts advise and answer any industry-specific questions to provide you with a concise and expert view of any due diligence process.

Get started right away.

Exit mobile version