What is Enhanced Due Diligence?

To explain the importance of Enhanced Due Diligence, also known as EDD, we must first explain KYC Due Diligence, or Know Your Customer checks. 

KYC Due Diligence must be carried out on every single customer or client that your company considers doing business with. It’s a fairly simple process which entails verifying the identity of your customer beyond any doubt, by cross referencing details like name, address and date of birth against the public information available. 

Contrastingly, EDD is only required for customers who qualify as high-risk. Enhanced Due Diligence is effectively the process of investigating your customer’s reputation and history even further, after their identity has been verified. This step is designed to protect your business from unknowingly entering into dealings with a person or entity that poses a greater risk of money laundering, or is more vulnerable to corruption.

What is KYC Risk Scoring?

KYC risk scoring is the method used to assess how risky a customer might be before you establish a business relationship with them. Think of it as the financial world’s version of reviewing a guest list before inviting someone to your party—you want to know who you’re letting in, and whether there’s any cause for concern.

Typically, this process analyses a variety of factors such as a customer’s geographic location, occupation, transaction behavior, and whether they are associated with politically exposed persons (PEPs) or countries noted for higher levels of corruption by organizations like Transparency International. Each factor contributes to an overall score, which determines whether the customer is regarded as low, medium, or high risk.

The ultimate goal? To help your business implement the right level of due diligence—standard checks for most, and enhanced scrutiny for those who might raise red flags.

Who needs Enhanced Due Diligence?

To identify if your customer warrants EDD, you should consider whether or not they meet any or all of the below criteria.:

Customer Risk Factors:

- The customer is a PEP

- The customer is an SIP

- Any person or entity with a sanction

- A large amount of adverse media

- High net-worth

- Customers associated with unusual, complex or purposeless transactions

When do customer activities or transactions trigger the need for EDD?

Certain customer behaviours or transaction patterns should immediately set off alarm bells and prompt you to consider Enhanced Due Diligence. These include:

• Transactions that are unusually large, structured in a complicated way, or simply don't match the customer’s known profile or financial history.
• Sudden changes in transaction frequency or value that can't be reasonably explained.
• Inconsistencies or gaps in the information a customer has previously provided, leading you to question their identity or intent.
• Activity that seems out of character for their stated business type or personal background—for example, a local retail business suddenly sending large international wire transfers.
• Any indication that the customer is operating in or from a country, industry, or region flagged as high-risk by the FATF or other regulatory bodies.
  
  

By staying alert to these types of signals, businesses can avoid falling into risky partnerships and ensure that compliance standards are upheld at every step.

Geographical Risk Factors:

- Countries which have sanctions or embargoes levelled against them

- High-risk third countries

- A country on the FATF list of Other Monitored Jurisdictions (greylist)

- A country on the FATF list of Call for Action Jurisdictions (blacklist)

- Any countries which have proscribed terrorist organisations within them 

When is Enhanced Due Diligence Required According to International Guidelines?

International standards, specifically those set by the Financial Action Task Force (FATF), outline when Enhanced Due Diligence steps are not just best practice—but a regulatory expectation. FATF’s recommendations make it clear that businesses must step up their due diligence measures in certain situations to more robustly counter money laundering and terrorist financing risks.

You'll need to apply Enhanced Due Diligence when:

• You’re starting any new business relationship, especially where high-risk circumstances are present.
• There’s an occasional transaction that raises suspicions of money laundering or terrorism financing—no matter how infrequent.
• The documentation provided by a client cannot be sufficiently verified or seems unreliable.
• An existing customer’s behaviour or transaction patterns change in a way that raises red flags.
  
  

EDD isn’t a single checkpoint, either. FATF stresses the importance of ongoing monitoring—meaning that due diligence is a continuous part of compliance, not a box to tick just once. By maintaining heightened scrutiny in these situations, firms meet both international compliance standards and protect themselves from association with illicit activities.

The FATF’s Risk-Based Approach

The FATF requires that all countries and businesses operate using a risk-based approach to anti-money laundering precautions. This applies to every aspect of AML compliance, including Enhanced Due Diligence.

In the introduction to the 40 Recommendations published by the FATF in 2004, it states that a risk-based approach ‘‘allows countries, within the framework of the FATF requirements, to adopt a more flexible set of measures in order to target their resources more effectively and apply preventive measures that are commensurate to the nature of risks”.  

This is why Enhanced Due Diligence is only required in application to customers who could be considered high-risk, or high net-worth. After KYC checks have taken place, you can identify whether or not your customer warrants further investigation, and apply a risk-based approach to how you proceed.

5 Essential EDD Practices Highlighted by the FATF

When it comes to Enhanced Due Diligence (EDD), the Financial Action Task Force (FATF) provides a clear roadmap for best practices. Here are the top five recommendations:

1. Cross-Verify Information: Ensure that additional details are confirmed using various credible sources.

2. Conduct In-Depth Searches: Dive deeper into searches to gain a comprehensive understanding of individuals or entities.

3. Validate the Source of Funds: Scrutinize the origins of funds to ensure they are not tied to any illegal activities.

4. Compile Intelligence Reports: Create detailed intelligence reports on the individuals or businesses in question.

5. Clarify the Business Relationship: Clearly document the purpose and nature of the business relationship, including all transaction details.

By adhering to these practices, companies can enhance their EDD processes and better comply with FATF guidelines.

The Importance of Ongoing Sanctions Screening

A crucial part of robust Enhanced Due Diligence is routine sanctions screening. By regularly checking that individuals and entities are not listed on international sanctions registers or criminal watchlists—such as those issued by the United Nations, US Treasury’s OFAC, or the European Union—you reduce the risk of inadvertently facilitating financial crime or dealing with prohibited individuals.

Sanctions lists are frequently updated, so ongoing screening helps ensure that you remain compliant and protect your business from potential legal or reputational repercussions. This proactive step keeps your risk assessments up to date and supports a thorough, risk-based approach to due diligence.

Your Enhanced Due Diligence Checklist

There are no official guidelines regarding what EDD should actually entail; it’s only required that the further checks are proportionate to the level of risk that your customer poses. Here’s a run-through of what your EDD might include:

• A thorough understanding of the risk your customer poses.

• Obtaining further information from a wider selection of sources.

• Regularly scheduled background checks to inform your risk assessment.

• Understanding the source of your customer’s funds, to ensure they are not the proceeds of financial crime.

• Organising your data in a way that is AML compliant, and accessible in case of auditing.

In addition to these guidelines, it's essential to gather specific details to gain a clearer picture of high-risk customers. This includes:

Business Information

- Key stakeholders: Identify and verify the individuals who have significant control over the business.

- Ownership structure: Understand the hierarchy and relationships within the company.

- Financial details: Obtain comprehensive financial statements and reports.

Beneficial Ownership

- Identify individuals who ultimately own or control the customer, ensuring transparency and accountability.

Risk Indicators

- Assess various risk factors that could indicate potential issues, such as geographical risks or industry-specific vulnerabilities.

Source of Funds

- Verify the origin of the customer's funds to ensure they are legitimate and not derived from illegal activities.

Enhanced Identity Verification

- Implement advanced techniques for verifying the identity of the customer, utilizing additional documentation and verification methods.

Detailed Steps for Enhanced Due Diligence

1. Risk Assessment: Evaluate customers based on risk factors and assign risk levels. Perform Enhanced Due Diligence (EDD) only on high-risk customers, particularly those from high-risk countries. This step ensures that resources are focused where they are most needed.

2. Verification Process: Standard Customer Due Diligence (CDD) involves verifying customer identification using documents like passports or driver’s licenses. Enhanced Due Diligence requires additional identity documentation to confirm the legitimacy of the customer more thoroughly.

3. Wealth Origin and Beneficial Ownership: Verify the source of customer wealth and establish the Ultimate Beneficial Owner (UBO) of their organization. Understanding the source of funds helps ensure they are not derived from illegal activities.

4. Transaction Monitoring: Analyse transaction history for inconsistencies, including values and involved parties. This continuous review helps in identifying suspicious activities over time.

5. Media Coverage Check: Investigate media coverage for adverse information about the client, particularly regarding past financial crimes or involvement with Politically Exposed Persons (PEPs). This step can uncover red flags that are not immediately apparent.

6. On-Site Visit: Visit the client’s business address to confirm identity and match it with provided documentation. This additional verification step helps ensure the business is legitimate and operating as claimed.

7. Investigation Strategy Report: Document EDD plans and monitoring activities in a report, stored securely. Keeping detailed records ensures that your due diligence process is transparent and can withstand scrutiny during audits.

8. Ongoing Monitoring Strategy: Develop a strategy for continuous monitoring, looking for patterns of suspicious activity over time. Regularly scheduled background checks should inform this ongoing risk assessment.

By integrating these detailed steps into your Enhanced Due Diligence process, you’ll be better equipped to mitigate risks and ensure compliance with regulatory requirements.

What happens if you don’t do EDD?

Once you’ve identified that a customer is a risk to your company, failing to carry out Enhanced Due Diligence can make your business more vulnerable to financial crimes like money laundering.

Simply put, you risk the financial integrity and reputation of your company by avoiding EDD. On top of this, if your business is audited to check that it’s AML compliant, and you haven’t subjected your high-risk customers to Enhanced Due Diligence, you could face serious penalties.

SmartSearch Can Help

After we’ve performed KYC checks on your behalf, we will carry out an extensive selection of AML checks using the aggregate SmartSearch platform. This includes screening for PEPs, SIPs, sanctions and adverse media on the Dow Jones WatchList – an unparalleled resource which is updated each day for maximum accuracy.

If we do find a match for your customer, we’ll provide you with a detailed account of the risk they pose to your business, so that you can make an informed decision and begin the Enhanced Due Diligence process. We can also assist you with ongoing monitoring – an integral part of EDD – as our daily monitoring service will alert you to any change in your customer’s status within our database.