What is Enhanced Due Diligence?

Enhanced due diligence (EDD) is a form of customer due diligence specifically for high-risk individuals, involving additional checks and verifications that go beyond standard KYC processes. EDD requires more thorough, in-depth research on the individual to ensure they’re not on any watchlists or involved in any criminal activity. These investigations are a critical part of global AML efforts and thus an important element of financial compliance.

Introduction

Customer due diligence (CDD) is one of the core components of the know your customer (KYC) process. It’s that crucial step wherein financial institutions must verify the identities of customers to ensure they are who they say they are. But sometimes, red flags crop up during CDD that create the need for greater scrutiny and a more in-depth look into the person they’re researching – that’s when enhanced due diligence (EDD) comes into play.

Let’s take a deep dive into what EDD is and how it differs from CDD. We’ll also examine how to conduct EDD investigations, and why doing so is critical in reducing an institution’s exposure to risk.

EDD: What It Is and Why It’s Necessary

Compliance teams conduct different types of CDD depending on the level of risk the customer presents. Some customers present such low levels of risk that they can be subjected to simplified due diligence (identifying the customer but not verifying that identity) or standard due diligence (verifying their identity and determining a risk level).

EDD, on the other hand, is meant for individuals financial institutions have determined to be high-risk. They are then subjected to a series of additional checks and verifications that go beyond basic KYC processes. For example, if standard due diligence for an individual might involve reviewing identifying paperwork, EDD might involve additional video or phone interviews with that person.

Who’s categorized as high-risk, and why? Great question. The Financial Action Task Force (FATF) has outlined a number of factors that would categorize an individual as high risk, including (but not limited to):

• Being from a country or jurisdiction with few or inadequate AML systems
• Being from a country known for funding terrorism or having terrorist groups operating within it
• Being from a country subjected to embargoes or known for being extremely corrupt
• Being a non-resident
• Having a history of business relationships formed under unusual circumstances
• Doing business anonymously or conducting non-face-to-face transactions
• Being identified as a politically exposed person (PEP)

It’s important for financial institutions to be on top of identifying high-risk individuals, as they present greater liabilities for the organization and overlooking them can come with steep regulatory and financial consequences. Even if nothing criminal or concerning emerges during EDD, financial institutions must be able to show that they did thorough investigations to ensure the person is safe to do business with.

Let’s take a quick look at what an EDD investigation looks like, and what steps compliance professionals need to take to make sure they’re doing comprehensive research.

How EDD Investigations Work

Generally speaking, EDD processes include the following steps:

• Risk Profiling. Flagging a person as high risk is considered the first step in EDD. As mentioned above, this means scanning for any of the factors the FATF has outlined as cause for concern, and then escalating to a deeper, more thorough investigation from there. Risk profiling is crucial, as it determines what level of CDD the individual needs to be subject to.

• Collecting and Analyzing Additional Information. This is where the deep dive begins. Investigators must find and request any and all sources of information to help conduct a more comprehensive search into the individual’s background. Looking into sources of wealth and business affiliations, ordering intelligence reports, and requesting video and phone interviews are all common methods of gathering additional information. Investigators should also make sure their data is coming from reliable sources (public records, regulatory databases, reputable third-party providers, etc.).

• Escalating Suspicious Activities. During EDD, if the investigator finds any red flags or activities that need to be escalated, they must complete and file a Suspicious Activity Report (SAR).

• Ongoing Monitoring. Once EDD is complete and the customer approved for business, it’s important to conduct regular monitoring. Compliance departments need to stay on the lookout for any suspicious transactions or activity, and be sure to investigate and escalate if appropriate. CDD isn’t a one-and-done process, but something that should be continuous to mitigate the risk of unknowingly facilitating financial crime.

• Document, and Then Document Some More. Financial institutions are required to keep detailed records of their EDD investigations for every customer. It’s critical to be able to explain what actions were taken and why, why escalations were made or not made, and what triggered an EDD investigation in the first place. As is always the case in compliance, over-communication and documentation is better than not enough!

Wrap Up

EDD investigations take more time and resources than standard CDD investigations, but they’re important work in the global fight against money laundering and financial crime. Financial institutions should ensure they have strong, streamlined CDD processes in place that make it easier for compliance professionals to identify individuals that need to be subjected to EDD. Doing so goes a long way towards ensuring compliance and helping investigators prevent high-risk individuals from falling between the cracks.