What is Enhanced Due Diligence (EDD)?
In today’s ever-connected and ever-changing world, financial crime continues to pose a significant threat to economies and organisations. In fact, the National Crime Agency estimates that fraud alone causes losses to UK consumers, businesses and the public sector worth around £219 billion every year, and that money laundering costs the UK more than £115 billion a year. Combined, these figures are equivalent to approximately 14.5 % of the UK’s annual GDP.
Dishonest individuals, or bad actors as we know them, are continually developing new ways of committing economically-motivated transgressions. As such, businesses have to ensure they keep pace in fighting devastating financial crime.
What is the Difference Between Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD)?
Today, businesses should not only be concerned with making profits — they should also be confident in knowing who they are dealing with.
As such, regulated businesses must adhere to Know Your Customer (KYC) guidelines in order to minimise the risk of enabling financial crime or terrorist financing. These guidelines set out stringent requirements to ensure businesses identify and verify customers, and evaluate the risk associated with dealing with said customers.
Preventative measures need to be reviewed and put in place to combat the devastating impact that financial crime can have on businesses, consumers and the economy.
When a regulated organisation creates a new business relationship with an individual or organisation without fully knowing their past and present business dealings, it can expose them to criminal proceedings and hefty regulatory fines.
Customer Due Diligence (or CDD) and Enhanced Due Diligence (EDD) are both forms of KYC processes.
CDD checks often involve identifying the customer by checking supplied personal data against databases, or by using solutions such as a document and biometric check.
Comparatively, EDD is an advanced KYC due diligence process that allows for the identification and investigation of any risk factors associated with establishing business dealings with a client. These procedures address and evaluate the risk a customer may pose for money laundering or terrorist financing. Put simply, EDD is the process of investigating a higher-risk customer more thoroughly than you would others.
When is EDD Required?
As a general rule, CDD measures have to apply in all circumstances. However, as part of FATF guidance, the amount and type of information obtained, and the extent to which this information is verified, must be increased where the risk associated with the relationship is higher. This is where Enhanced Due Diligence is essential.
EDD is required as a supplement to basic CDD/KYC process for customers who are deemed to be high-risk. This may be due to their location, political exposure or profession.
Which Clients Warrant EDD Measures?
When assessing the level of risk associated with a customer, and whether they warrant Enhanced Due Diligence measures, it is important to be on the lookout for:
- Individuals that are, or have family members, that are politically exposed (a PEP) or holding prominent public positions
- Clients with sanctions against them
- Those who feature in adverse media
- Clients with links to higher-risk countries or business sectors
- Business clients who have unnecessarily complex or opaque beneficial ownership structures
- Clients whose requirements or reason for initiating a relationship with your organisation are unusual, lack an obvious economic or lawful purpose, or are complex or suspiciously large
- Customers with connections to higher-risk sectors, such as the arms trade or gambling industry
What does Enhanced Due Diligence Involve?
When a high-risk situation is identified, companies are required to conduct Enhanced Due Diligence in addition to standard CDD procedures.
Under guidance from the FATF, all affected businesses must operate using a risk-based approach to anti-money laundering procedures. The EDD process starts with the verification of customers and determining the level of risk they pose, which may lead to further investigation.
Organisations must then gather additional information from the customer and, where required, from third parties too, in order to inform the individual customer risk assessment.
As part of FATF guidance, EDD measures must also include:
- Carrying out additional searches (e.g., adverse media searches)
- Commissioning an intelligence report on the customer or beneficial owner to understand the risk that the customer or beneficial owner may be involved in criminal activity
- Verification of the source of funds or wealth involved in the business relationship to be satisfied that they do not constitute the proceeds from crime
- Any additional information from the customer about the purpose and intended nature of the business relationship
Additionally, organisations must ensure ongoing monitoring of clients to understand where and how risk profiles change over time. Initial CDD and EDD measures are often out of date soon after they are carried out, and changes in circumstances can directly impact the level of risk assigned to a client.