Understanding the difference between Enhanced Due Diligence vs Customer Due Diligence is crucial for risk managers today. With global anti-money laundering fines up 50% year-on-year, knowing when to apply enhanced customer due diligence (EDD) instead of standard Customer Due Diligence (CDD) can protect your organisation.
Let’s break down what standard CDD covers, when to escalate to EDD, and how a risk-based approach guides these decisions.
Standard Customer Due Diligence (CDD)
Customer Due Diligence is the routine “know your customer” or KYC process you perform on all clients to verify identity and assess baseline risk. It typically involves collecting official IDs or company documents, identifying beneficial owners, and understanding the purpose of the business relationship.
FATF guidance says to perform CDD for any new client relationship, significant one-off transaction, or whenever there’s suspicion of money laundering.
In practice, if all checks are normal and the client’s profile is low risk, standard CDD measures (plus periodic monitoring) are sufficient.
Enhanced Due Diligence (EDD)
Enhanced Due Diligence is an extra level of scrutiny reserved for higher-risk customers or situations. It’s essentially an in-depth investigation into a customer’s background when basic checks raise red flags.
EDD involves verifying not just identity, but also the counterparty’s sources of funds and wealth, mapping out complex ownership structures, checking for adverse media or sanctions exposure, and often obtaining senior management sign-off before onboarding.
While CDD is applied to all customers, EDD is reserved for those who pose higher risk. In short, EDD is how you dig deeper and double-check everything when a customer’s risk profile calls for it.
When to use Enhanced Due Diligence vs Standard CDD
Risk managers should escalate from CDD to EDD whenever a counterparty’s risk profile is above normal. Common triggers for Enhanced Due Diligence include:
- Politically Exposed Persons (PEPs) – PEPs (or their close associates) carry higher corruption risk and require EDD.
- High-risk jurisdictions – Customers from countries with weak AML controls or sanctions risks should undergo EDD.
- High-risk industries or structures – Those in sectors prone to money laundering (gambling, crypto, etc.) or with opaque ownership structures merit EDD.
- Unusual or large transactions – Sudden large or complex transactions that don’t fit a customer’s normal pattern warrant EDD.
In essence, whenever standard due diligence finds something out of the ordinary (a high-risk country link, a prominent public figure, an unexpected transaction), it’s time to switch to EDD. Regulators expect this risk-based escalation. The FATF explicitly states that higher-risk scenarios must be met with enhanced due diligence measures. Skipping EDD when it’s warranted can lead to serious compliance failures and penalties.
Practical tips for risk managers
1. Automate risk flagging
Use risk scoring tools to automatically tag high-risk clients for EDD based on factors like country, industry, or adverse media hits.
2. Document your decisions
Record why you applied (or didn’t apply) EDD for each high-risk client. A clear audit trail shows regulators you’re following a risk-based approach.
3. Stay current on guidance
Keep up with FATF advisories so you know which scenarios legally require EDD and can update your policies accordingly.
By following these practices, you ensure EDD efforts are focused where they matter most. Many costly compliance failures happen when firms don’t adjust due diligence depth to match a customer’s risk. Don’t fall into that trap.
How Company Watch can help with EDD
Conducting deep-dive due diligence can be challenging and resource-intensive. This is where Company Watch’s Enhanced Due Diligence services come in. We blend cutting-edge technology with expert analysis to provide a full picture of your high-risk target.
Unlike a standard approach that might rely on basic credit checks or a Google search (which covers only ~4 to 6% of the internet), Company Watch scours extensive data sources – including over 600 billion archived web pages and 200 million corporate records – to uncover hidden risks.
Our Enhanced Due Diligence reports deliver detailed evidence with an audit trail across all relevant risk factors.
When your risk assessment says “EDD required,” we ensure no stone is left unturned.
Smart due diligence, stronger compliance
In summary, apply standard CDD to every customer to establish a compliance baseline, and step up to Enhanced Due Diligence when higher-risk factors emerge. This targeted approach aligns with regulatory expectations and protects your business. By staying vigilant and leveraging advanced EDD tools when needed, you can turn due diligence into a powerful defence for your organisation.
