Enhanced Due Diligence
The enhanced due diligence (EDD) procedure is a tiered anti-money-laundering safeguard that requires financial institutions to conduct deeper background checks and ongoing monitoring for customers deemed high-risk — particularly politically exposed persons (PEPs), those with connections to sanctioned jurisdictions, or those involved in high-risk industries (casinos, gemstone dealers, cash-intensive businesses).
The KYC-to-EDD progression
Know Your Customer (KYC) establishes baseline identity verification: name, address, date of birth, employment, source of funds. Every customer must pass KYC before opening an account or engaging in transactions.
Enhanced Due Diligence escalates scrutiny. If a customer flags as high-risk — say, a foreign official or a transaction pattern suggesting money laundering — the bank must gather additional information and conduct heightened monitoring.
The progression looks like:
- Standard KYC: basic identity + source-of-funds verification.
- EDD: additional documentation, beneficial ownership verification, sanctions screening, source-of-wealth confirmation.
- Extreme/enhanced EDD: for ultra-high-risk clients (government officials, shell companies), ongoing audits and real-time transaction monitoring.
Politically Exposed Persons
A PEP is anyone who currently holds or has recently held a prominent public office — a president, minister, judge, military general, central bank governor, or high-ranking bureaucrat. Family members and close associates are often considered PEPs by extension.
Why are PEPs flagged? They have greater opportunity and motivation to embezzle or receive bribes, making them vectors for corruption-sourced money entering the financial system. An anti-bribery compliance program must treat PEPs as inherently higher-risk.
EDD for a PEP typically requires:
- Confirmation of status via public records, official government websites, media searches.
- Source-of-wealth documentation: where did their money come from? A general’s salary alone rarely matches his offshore account balance.
- Beneficial ownership tracing: who truly owns entities the PEP controls?
- Ongoing monitoring: flags on suspicious transaction patterns trigger escalation to compliance teams.
Sanctions and country risk
Financial institutions must screen customers against sanctions lists (OFAC, EU sanctions, UN lists). A customer matching a name on a sanctions list cannot be served. EDD also involves country-risk assessment: is the customer from a high-corruption jurisdiction? A jurisdiction under international sanctions? A country with weak anti-money-laundering rules?
The Financial Action Task Force (FATF) identifies “high-risk and non-cooperative jurisdictions” — places where firms must exercise maximum caution, often declining business to avoid compliance risk.
Source-of-funds and source-of-wealth verification
A customer claiming income of $50,000/year but depositing $500,000 annually is an EDD red flag. Institutions must verify:
- Employment (via employer verification or tax records).
- Business ownership (articles of incorporation, business licenses, profit-and-loss statements).
- Asset sales (if claiming income from selling property, proof of ownership and sale).
- Inheritance (if claiming gifts, estate documentation).
Source-of-wealth verification goes deeper: if a wealthy customer claims net worth of $10 million, what is the origin of that wealth? Documented over years or suddenly acquired?
Beneficial ownership and shell companies
EDD requires piercing corporate veils. If a customer is a company, who owns and controls it? Shell companies — entities created purely to hide true ownership — are red flags. EDD procedures require identification of all individuals owning >25% (often >10% under stricter regimes) and those exercising control via board positions or signature authority.
The Beneficial Ownership Disclosure regulations in many jurisdictions now mandate that companies register their true owners with the government.
Transaction monitoring and ongoing scrutiny
EDD is not one-time. Institutions maintain file on high-risk customers and monitor their transactions:
- Suspicious Activity Reports (SARs): filed with authorities when transaction patterns suggest money laundering (frequent structuring, round-dollar amounts, offshore transfers).
- Enhanced reporting: EDD accounts may require weekly or daily transaction reviews rather than batch monthly reviews.
- Relationship reviews: periodic re-verification of identity and source of funds, especially if the account goes dormant and then suddenly spikes in activity.
International standards and FATF recommendations
The Financial Action Task Force is a 40-member intergovernmental body that sets anti-money-laundering standards. Its recommendations require EDD specifically for:
- PEPs: immediate and ongoing verification.
- High-risk jurisdictions: customers and beneficial owners from places with inadequate AML regimes.
- High-risk customers: those in cash-heavy industries, those with unclear economic purpose, those with past compliance violations.
Most jurisdictions (U.S. via FinCEN, EU via 5th and 6th Money Laundering Directives, U.K. via FCA) have incorporated FATF guidance into law.
Practical challenges and costs
EDD is resource-intensive. Large banks have dedicated compliance teams and software systems for customer risk assessment, screening, and ongoing monitoring. Smaller institutions often outsource customer due diligence to third-party vendors.
False positives are common: a customer with a name similar to a sanctions-list entity triggers a block. Remediation (verifying the customer is not the sanctioned person) takes days or weeks, creating friction.
Over-compliance (rejecting legitimate customers or blocking legitimate transactions) is a competitive risk — customers often switch to banks with lighter-touch compliance. This creates a tension between risk mitigation and customer service.
Transition to comprehensive KYC
Modern fintech platforms are integrating KYC and EDD: a customer provides documents during onboarding (passport, proof of address, employment letter, source-of-funds statement), and the platform’s algorithms instantly assess risk, triggering automatic EDD workflows for high-risk profiles.
Blockchain and identity-verification startups are exploring decentralized KYC solutions — once a customer is verified on one platform, that verified identity could be reused across institutions, lowering friction.
Closely related
- Anti-money laundering — the broader regulatory framework
- Know Your Customer — baseline due diligence for all customers
- Customer due diligence — the implementation process
Wider context
- Financial Action Task Force — the standard-setting body
- Beneficial ownership disclosure — regulatory requirement for revealing true owners
- Sanctions screening — complementary screening tool