What Is Enhanced Due Diligence (EDD)?

Content Manager

Enhanced due diligence (EDD) is a risk-based extension of the Know Your Customer (KYC) process. It goes beyond standard checks by applying deeper investigation when a customer, transaction, or business relationship is considered high risk.

Unlike standard due diligence, EDD digs into details such as source of funds and wealth, beneficial ownership structures, and ongoing monitoring. This additional scrutiny helps financial institutions and other regulated businesses detect money laundering, terrorist financing, and other financial crimes before they take root.

Types of Due Diligence Procedures

Due diligence isn’t one-size-fits-all. Regulators recognize that customer and transaction risks vary, so businesses apply different levels of checks:

Procedure	Risk Level	Description
Simplified Due Diligence (SDD)	Low risk	Applied to low-value, low-risk relationships.
Customer Due Diligence (CDD)	Medium risk	Standard process for most customers. Read more about CDD.
Enhanced Due Diligence (EDD)	High risk	Reserved for customers, transactions, or industries that pose elevated financial crime risk.

Low-Risk Category: Simplified Due Diligence

SDD applies to customers or transactions with minimal money laundering or terrorism financing risk. It involves a lighter version of due diligence checks and is typically used for low-value, low-risk relationships.

Medium Risk Category: Customer Due Diligence

CDD is the standard AML procedure required by law. It verifies customer identity, screens for basic risks, and assigns a risk score. For a deeper dive, see our full guide on Customer Due Diligence.

High Risk Category: Enhanced Due Diligence

EDD is required when a customer or transaction is deemed high risk. Triggers include:

Politically exposed persons (PEPs) or close associates.
Links to sanctioned or high-risk countries.
Complex or opaque ownership structures (unclear UBOs).
High-risk industries such as crypto, gambling, or money service businesses.
Unusual transaction patterns or large cross-border transfers.
Negative media or law-enforcement flags.

Ongoing Monitoring

All due diligence levels include monitoring, but EDD requires the most rigorous approach. Institutions should apply:

Event-driven reviews when changes occur (ownership, sanctions hit, adverse media).
Periodic reviews for high-risk customers (often annual).
Continuous monitoring of transactions and screening hits to detect new risks.

Why Is Enhanced Due Diligence Important?

Enhanced due diligence isn’t just a regulatory formality — it’s one of the most effective safeguards against financial crime and reputational damage. Its importance comes from several angles:

Regulatory compliance
Regulators require financial institutions and other regulated businesses to apply EDD in high-risk cases. Failure to do so can result in heavy fines, license restrictions, or even criminal liability for compliance officers and executives.

Reputation and trust
Banks and businesses are under increasing public and media scrutiny. Being linked to money laundering, terrorist financing, or sanctioned entities can cause irreversible reputational harm and loss of client trust. Robust EDD demonstrates a commitment to ethical business practices.

Correspondent banking relationships
Global correspondent banks often demand proof of strong AML controls. Without proper EDD, institutions risk losing access to international payment networks, which can directly impact their business operations.

Better risk management
EDD improves the accuracy of customer risk profiles by uncovering hidden ownership, source of funds, and exposure to sanctioned individuals or countries. This helps businesses make informed decisions and prevent onboarding relationships that could turn toxic later.

Improved reporting and regulator confidence
Suspicious Activity Reports (SARs) and Suspicious Transaction Reports (STRs) must be well-documented and evidence-based. EDD provides the detail regulators expect, ensuring institutions can justify decisions and demonstrate proactive compliance.

Future-proof compliance
A low-risk customer today could be on a sanctions list tomorrow. Ongoing EDD monitoring ensures businesses stay ahead of regulatory updates, criminal tactics, and shifting global risk landscapes.

When to Perform the EDD Process?

Enhanced due diligence is a more rigorous version of standard due diligence, which is performed for all higher-risk customers and partners. Enhanced due diligence focuses on the specific risks associated with the relationship, such as reputational risk, operational risk, compliance risk, and financial risk.

EDD is essential in onboarding high-risk customers. However, the process is also used to minimize the risk of an existing relationship. In many cases, companies rely on business verification services to automate the collection of corporate data, assess UBOs, and apply risk-based screening efficiently. For example, it’s important to know if a person or their family member has become a politically exposed person after onboarding.

Additionally, EDD can be triggered by geographical risk factors such as connections with high-risk countries. Relationships with greater risk industries, such as gambling services, may also require an EDD process.

To effectively handle high-risk customers, EDD must also be carried out when a customer provides altered or stolen documents during onboarding.

How to Perform EDD Processes

The enhanced due diligence process can be broken into clear steps. Each stage strengthens risk assessment and ensures compliance:

Step	What It Involves	Why It Matters
1. Define risk & scope	Assess the customer’s risk profile and determine why EDD is required (e.g., PEP, high-risk jurisdiction, complex ownership).	Sets the foundation for tailored EDD checks.
2. Verify identity	Strengthen KYC with additional documents or biometric verification.	Confirms the authenticity of the customer.
3. Map ownership & confirm UBO	Uncover shareholding layers and validate ultimate beneficial owners (UBOs).	Detects hidden risk and ensures transparency.
4. Screen against watchlists	Conduct enhanced screening for sanctions, PEPs, and adverse media.	Flags reputational and compliance risks early.
5. Collect source of funds & wealth evidence	Request supporting documents such as bank statements, payslips, or asset sales.	Proves legitimacy of funds and prevents illicit flows.
6. Review transaction history	Analyze past and ongoing transactions for unusual or high-value activity.	Identifies patterns linked to money laundering or fraud.
7. Conduct independent checks	Perform site visits, third-party attestations, or registry verification if needed.	Adds an extra layer of assurance in high-risk cases.
8. Document findings & set monitoring cadence	Record decisions and establish periodic or continuous monitoring.	Ensures regulatory compliance and readiness for audits.

Last Thoughts

Enhanced due diligence helps financial institutions and regulated businesses manage high-risk relationships responsibly. A structured EDD process, supported by ongoing monitoring, ensures compliance with AML/KYC regulations while protecting organizations from financial crime, reputational harm, and regulatory penalties.

FAQ

What’s the difference between customer due diligence (CDD) and enhanced due diligence (EDD)?

Customer due diligence (CDD) is the standard process of verifying identity and assessing basic risks. Enhanced due diligence (EDD) is applied when customers or transactions are high risk, such as politically exposed persons (PEPs), complex ownership structures, or links to sanctioned countries. EDD includes additional checks like source-of-funds analysis, adverse media review, and ongoing monitoring. In short, CDD is the baseline, while EDD is the deeper investigation for elevated risks.

When do banks and financial institutions need to apply enhanced due diligence?

Banks apply enhanced due diligence when a customer or transaction poses higher risk of money laundering or sanctions exposure. Triggers include PEPs, high-risk jurisdictions, unclear beneficial ownership, unusual cross-border transactions, or negative media. EDD is used during onboarding, before large or unusual payments, and during periodic or event-driven reviews. Regulators expect institutions to document why EDD was applied and to continue monitoring the relationship.

What documents are required for enhanced due diligence checks?

EDD requires stronger documentation than standard KYC. For individuals, this may include a passport or ID, proof of address, and source-of-funds or wealth evidence such as bank statements or payslips. For businesses, typical documents include company registration, articles of incorporation, ownership charts, UBO declarations, director IDs, and financial statements. Certain industries may also require licenses or regulatory filings. The goal is to verify identity, trace fund origins, and confirm ownership transparency.

How does enhanced due diligence go beyond standard KYC checks?

Standard KYC confirms customer identity and screens for sanctions or PEPs. Enhanced due diligence (EDD) builds on this by digging deeper into ownership structures, verifying UBOs, reviewing source of funds and wealth, and analyzing transaction history. EDD may also include independent verification, such as site visits or third-party attestations. Unlike basic KYC, EDD also establishes ongoing monitoring, ensuring that new risks are detected throughout the relationship, not just at onboarding.

What is the enhanced due diligence process?

The enhanced due diligence process starts by identifying high-risk customers or transactions. Institutions then verify identity, map ownership, check sanctions/PEP/adverse media, and collect source-of-funds and wealth documentation. They review past and ongoing transactions, conduct independent checks when necessary, and record findings. Finally, they set an ongoing monitoring schedule to keep risk data current. This documented process demonstrates compliance with AML/KYC regulations and protects institutions from financial crime exposure.

Published November 5, 2025