Enhanced Due Diligence (EDD) is the deeper level of customer and transaction review that banks, payment firms, and other regulated financial institutions apply when risk is higher than normal. In plain language, it means “don’t just know the customer—understand them well enough to detect unusual, hidden, or higher-risk activity.” EDD matters because weak due diligence can expose firms to money laundering, sanctions breaches, fraud, bribery risk, regulatory penalties, and reputational damage.

1. Term Overview

• Official Term: Enhanced Due Diligence
• Common Synonyms: EDD, enhanced customer due diligence, enhanced scrutiny
• Alternate Spellings / Variants: Enhanced-Due-Diligence
• Domain / Subdomain: Finance / Banking, Treasury, and Payments
• One-line definition: Enhanced Due Diligence is a risk-based process of collecting, verifying, and reviewing additional information about higher-risk customers, transactions, relationships, or counterparties.
• Plain-English definition: When a customer or activity looks riskier than usual, a bank or payment company asks more questions, checks more facts, and monitors more closely before and after doing business.
• Why this term matters: EDD helps institutions prevent abuse of the financial system, comply with anti-money laundering (AML) and counter-terrorist financing (CFT) rules, manage sanctions exposure, and protect themselves from financial crime and regulatory action.

2. Core Meaning

What it is

Enhanced Due Diligence is a higher standard of review used when standard due diligence is not enough. It typically applies to customers or activities with elevated risk, such as:

• politically exposed persons (PEPs)
• complex ownership structures
• high-risk jurisdictions
• correspondent banking relationships
• cash-intensive businesses
• unusual or opaque transaction patterns
• sectors vulnerable to financial crime

Why it exists

Financial institutions cannot treat every customer the same. A salaried local retail customer and an offshore trust with multi-jurisdictional ownership do not present the same risk. EDD exists because a risk-based compliance model is more effective than a one-size-fits-all approach.

What problem it solves

EDD helps solve several problems:

• hidden beneficial ownership
• unclear source of funds
• sanctions and corruption exposure
• misuse of payment rails
• layering and movement of illicit funds
• regulatory blind spots in higher-risk relationships

Who uses it

EDD is commonly used by:

• commercial banks
• private banks
• correspondent banks
• payment institutions
• fintech firms
• merchant acquirers
• money services businesses
• brokers and other regulated financial firms
• compliance teams
• AML investigators
• internal auditors and regulators reviewing controls

Where it appears in practice

You see EDD in:

• customer onboarding
• periodic customer reviews
• transaction monitoring escalations
• sanctions and PEP reviews
• correspondent banking onboarding
• trade finance reviews
• merchant underwriting
• treasury and cross-border payment relationships
• remediation after regulatory findings

3. Detailed Definition

Formal definition

Enhanced Due Diligence is the set of additional customer identification, verification, assessment, approval, and monitoring measures applied to relationships or activities assessed as presenting higher money laundering, terrorist financing, sanctions, fraud, corruption, or reputational risk.

Technical definition

From a technical AML/CFT perspective, EDD usually includes some combination of:

• additional identity verification
• deeper beneficial ownership analysis
• source of funds checks
• source of wealth assessment
• purpose and intended nature of the relationship
• expected transaction profile analysis
• screening for PEP, sanctions, and adverse media exposure
• senior management approval
• increased review frequency
• enhanced ongoing monitoring and escalation

Operational definition

Operationally, EDD means a firm has:

1. identified a trigger
2. classified the customer or activity as higher risk
3. gathered additional evidence
4. assessed whether the relationship is acceptable
5. documented the rationale
6. set stronger monitoring controls
7. refreshed the review more often

Context-specific definitions

In banking

EDD focuses on higher-risk account holders, beneficial owners, correspondent banks, private banking clients, trusts, and entities operating across sensitive jurisdictions.

In payments and merchant acquiring

EDD often focuses on merchant business models, chargeback/fraud exposure, cross-border sales patterns, website legitimacy, settlement flows, beneficial ownership, and sanctions or illicit commerce risk.

In treasury and correspondent banking

EDD is used for foreign financial institution relationships, nested payment risks, respondent bank controls, and the expected nature of payment flows.

In wealth management/private banking

EDD often emphasizes source of wealth, source of funds, PEP exposure, family structures, trusts, offshore holdings, and reputational risk.

By geography

The broad concept is global, but triggers, documentation expectations, approval rules, and terminology can differ by regulator and jurisdiction. Firms should verify local requirements.

4. Etymology / Origin / Historical Background

Origin of the term

The phrase “due diligence” comes from the broader legal and commercial idea of taking reasonable care before entering a relationship or transaction. In finance, it evolved into a compliance obligation tied to customer identification and risk assessment.

Historical development

Key stages in the development of EDD include:

1. Early banking controls: Banks historically reviewed customers to reduce fraud and credit loss, but the scope was narrower.
2. Modern AML era: As anti-money laundering laws expanded, customer review moved from identity checking to risk-based monitoring.
3. Global standards development: International standard-setting increased focus on higher-risk customers, jurisdictions, and structures.
4. Post-2001 expansion: Global concern over terrorist financing increased expectations for deeper scrutiny.
5. Correspondent banking focus: Regulators increasingly emphasized foreign correspondent relationships, nested account risks, and opaque ownership.
6. PEP and beneficial ownership focus: Corruption, tax evasion, and shell-company scandals pushed firms toward more robust EDD.
7. Fintech and digital onboarding era: Non-face-to-face onboarding, faster payments, virtual assets, and platform models raised new EDD challenges.

How usage has changed over time

EDD used to be seen as a special case. Today, it is a core feature of risk-based compliance programs. The focus has shifted from “collect more documents” to “understand the real risk and monitor it continuously.”

Important milestones

Without listing every law, the major milestones include:

• growth of AML laws and bank secrecy rules
• creation and development of international AML/CFT standards
• stronger rules for correspondent banking and private banking
• beneficial ownership transparency reforms
• greater attention to sanctions, PEPs, and adverse media
• technology-enabled screening and transaction monitoring

5. Conceptual Breakdown

Enhanced Due Diligence is easier to understand when broken into its main components.

1. Risk Trigger Identification

• Meaning: The event or characteristic that causes a higher-risk review.
• Role: Starts the EDD process.
• Interaction: Connects customer onboarding, transaction monitoring, sanctions screening, and case escalation.
• Practical importance: If triggers are weak, EDD may never begin when it should.

Common triggers include:

• PEP match
• high-risk country exposure
• complex legal structure
• cash-heavy activity
• unusual transaction pattern
• adverse media
• foreign correspondent relationship
• mismatch between declared and observed activity

2. Customer Identity and Verification

• Meaning: Confirming who the customer really is.
• Role: Basic foundation of all due diligence.
• Interaction: Links to beneficial ownership, document collection, and sanctions/PEP screening.
• Practical importance: Fake or incomplete identity data undermines every later control.

3. Beneficial Ownership and Control

• Meaning: Identifying the natural persons who own or control an entity.
• Role: Prevents hiding behind shell companies or nominees.
• Interaction: Often determines whether a low-risk-looking company is actually high risk.
• Practical importance: One of the most important EDD elements for legal entities.

4. Source of Funds (SoF)

• Meaning: Where the money for a specific transaction or account activity comes from.
• Role: Tests whether the immediate funds are plausible and legitimate.
• Interaction: Often reviewed with transaction behavior and account purpose.
• Practical importance: Useful for detecting laundering through a particular account or payment flow.

5. Source of Wealth (SoW)

• Meaning: How the customer accumulated their overall wealth.
• Role: Helps assess whether the person’s financial standing makes sense.
• Interaction: Especially important for high-net-worth individuals, PEPs, and private banking.
• Practical importance: A large account balance may be legitimate, but the origin still needs to be understood.

6. Purpose and Expected Activity

• Meaning: Why the relationship exists and what normal activity should look like.
• Role: Creates the baseline for ongoing monitoring.
• Interaction: Used later to judge whether transactions are unusual.
• Practical importance: If expected activity is poorly documented, false alerts and missed risks both increase.

7. Geographic Risk

• Meaning: Risk associated with countries connected to the customer, owners, counterparties, or flows.
• Role: Captures sanctions, corruption, AML, and enforcement concerns.
• Interaction: Geography often raises or lowers the need for EDD.
• Practical importance: Cross-border exposure is a major EDD driver in banking and payments.

8. Product, Channel, and Delivery Risk

• Meaning: The risk created by the services used and how they are accessed.
• Role: Recognizes that some products are more abusable than others.
• Interaction: Non-face-to-face channels, rapid payments, trade finance, correspondent banking, and card acquiring may require stronger controls.
• Practical importance: A low-risk customer using a high-risk product may still require EDD.

9. Screening and Intelligence Review

• Meaning: Checking sanctions lists, PEP databases, adverse media, and internal intelligence.
• Role: Adds external context.
• Interaction: Often triggers escalations or approval requirements.
• Practical importance: A clean ID document does not mean clean risk.

10. Approval and Escalation

• Meaning: Formal decision-making, often involving compliance and senior management.
• Role: Ensures high-risk relationships are consciously accepted, restricted, or rejected.
• Interaction: Depends on quality of the evidence gathered earlier.
• Practical importance: EDD without accountable approval is weak governance.

11. Ongoing Monitoring and Refresh

• Meaning: Continued review after onboarding.
• Role: Recognizes that risk changes over time.
• Interaction: Uses transaction monitoring, periodic review, event-driven review, and updated screening.
• Practical importance: A customer can become high risk after account opening.

12. Documentation and Audit Trail

• Meaning: Recording what was reviewed, what was found, and why a decision was made.
• Role: Supports regulatory examination and internal governance.
• Interaction: Critical for quality assurance and remediation.
• Practical importance: If the analysis is not documented, regulators may treat it as if it never happened.

6. Related Terms and Distinctions

Related Term	Relationship to Main Term	Key Difference	Common Confusion
Customer Due Diligence (CDD)	Base process from which EDD extends	CDD is standard review; EDD is deeper review for higher risk	People often use CDD and EDD as if they are the same
Know Your Customer (KYC)	Broad umbrella concept	KYC often refers to identity and onboarding controls; EDD is a risk-based enhanced layer	KYC is not always enough for high-risk relationships
Simplified Due Diligence (SDD)	Opposite-side risk treatment	SDD uses reduced measures for lower risk where allowed; EDD uses increased measures for higher risk	Some assume all small customers qualify for SDD
Ongoing Monitoring	Ongoing process connected to EDD	Monitoring continues after onboarding; EDD may occur at onboarding and during lifecycle reviews	EDD is not a one-time event
Sanctions Screening	Related control	Screening checks sanctions matches; EDD evaluates broader risk and context	A clear sanctions result does not eliminate EDD need
PEP Screening	Common EDD trigger	PEP screening identifies political exposure; EDD investigates the resulting risk	Not every PEP case is identical in risk
Source of Funds	One component of EDD	Looks at origin of specific money used	Often confused with source of wealth
Source of Wealth	One component of EDD	Looks at how total wealth was accumulated over time	Often confused with source of funds
Beneficial Ownership	Core EDD input	Identifies who owns or controls the entity	Some firms stop at legal shareholders and miss controllers
KYB (Know Your Business)	Business-customer version of KYC	KYB focuses on legal entities and business verification; EDD may sit on top of KYB	KYB alone may not uncover hidden ownership risk
Enhanced Monitoring	Follow-on control	Enhanced monitoring means closer surveillance of activity; EDD is the broader enhanced review process	Monitoring without deeper review is incomplete
Correspondent Banking Due Diligence	Specialized application of EDD	Focuses on other financial institutions and nested relationships	It is more complex than standard corporate onboarding

Most commonly confused terms

EDD vs CDD

• CDD: Normal level of customer review.
• EDD: More intrusive and more detailed review where risk is elevated.

EDD vs KYC

• KYC: Broad customer identification and verification framework.
• EDD: High-risk escalation within or alongside KYC.

Source of Funds vs Source of Wealth

• Source of Funds: Where this money came from.
• Source of Wealth: How the person became wealthy overall.

EDD vs Fraud Review

• EDD: Broader AML/CFT, sanctions, corruption, and reputational review.
• Fraud review: May focus more narrowly on deception and transactional abuse.

7. Where It Is Used

Banking

EDD is central in retail banking, commercial banking, private banking, and correspondent banking. It appears at onboarding, account reviews, credit relationships, and payment investigations.

Treasury and payments

Treasury teams and payment operations encounter EDD in:

• cross-border payment relationships
• correspondent bank selection
• cash management products
• high-risk payment corridors
• merchant settlement arrangements
• suspicious flow analysis

Policy and regulation

Regulators use EDD expectations to assess whether firms apply a credible risk-based AML/CFT framework. Supervisory examinations often test:

• risk classification
• beneficial ownership controls
• PEP handling
• senior approval
• ongoing monitoring
• evidence of decision quality

Business operations

EDD affects:

• customer onboarding speed
• client acceptance decisions
• document collection processes
• operational workload
• periodic review calendars
• case management and escalation

Lending and relationship management

EDD may affect whether a bank opens an account, provides a loan, offers trade finance, or maintains a cross-border service arrangement.

Reporting and disclosures

EDD itself is usually an internal compliance process rather than a public disclosure line item. However, its failures may become visible through:

• regulatory enforcement disclosures
• audit findings
• compliance remediation expenses
• market commentary on risk management weaknesses

Investing and market analysis

In investing, the phrase “due diligence” is common, but Enhanced Due Diligence is more specifically associated with AML/compliance. Investors may still analyze a bank’s EDD quality indirectly by looking at:

• regulatory fines
• consent orders or remediation programs
• compliance spending
• de-risking strategy
• exposure to high-risk markets or customers

Analytics and research

EDD uses analytics for:

• customer risk scoring
• network analysis
• adverse media review
• behavior anomaly detection
• periodic review prioritization

8. Use Cases

Use Case 1: Onboarding a Politically Exposed Person

• Who is using it: Private bank or commercial bank
• Objective: Determine whether the customer can be onboarded safely and compliantly
• How the term is applied: The bank performs additional checks on office held, jurisdiction, source of wealth, family/associate connections, adverse media, and expected account activity
• Expected outcome: Clear, documented risk assessment and approval or rejection decision
• Risks / limitations: False positives, outdated PEP data, overreliance on media reports, customer friction

Use Case 2: Evaluating a Foreign Correspondent Bank

• Who is using it: International bank treasury/correspondent banking team
• Objective: Understand whether the respondent bank’s AML controls are strong enough
• How the term is applied: Review licensing, ownership, regulatory history, AML program, sanctions controls, nested relationship risks, customer base, and expected payment corridors
• Expected outcome: Safe correspondent relationship with calibrated controls
• Risks / limitations: Limited transparency, changing geopolitical risk, hidden nested access

Use Case 3: Merchant Acquiring for an Online Marketplace

• Who is using it: Payment processor or merchant acquirer
• Objective: Prevent illegal commerce, fraud, chargeback abuse, and AML exposure
• How the term is applied: Review beneficial owners, website content, product category, jurisdictions served, settlement flows, refund behavior, and whether the business model matches declared activity
• Expected outcome: Better merchant selection and lower losses or enforcement risk
• Risks / limitations: Fast-changing online models, shell front stores, synthetic identities

Use Case 4: Reviewing a Cash-Intensive Business

• Who is using it: Commercial bank
• Objective: Decide whether cash activity is consistent with the customer’s declared business
• How the term is applied: Obtain business profile, revenue explanation, cash handling patterns, tax or licensing evidence where appropriate, ownership details, and expected deposit volumes
• Expected outcome: Realistic transaction baseline and stronger monitoring
• Risks / limitations: Legitimate businesses may still look unusual; over-conservatism may exclude lawful customers

Use Case 5: Trust or Multi-Layer Holding Structure Review

• Who is using it: Private bank, corporate bank, or custody provider
• Objective: Identify the real individuals behind a complex structure
• How the term is applied: Map legal entities, trustees, settlors, protectors, beneficiaries, controllers, and cross-border ownership chains
• Expected outcome: Visibility into control, risk, and legitimacy
• Risks / limitations: Incomplete records, nominee arrangements, changing beneficiaries, jurisdictional secrecy

Use Case 6: Transaction Alert Escalation

• Who is using it: AML operations team
• Objective: Decide whether unusual activity is explainable or suspicious
• How the term is applied: Move beyond alert review into deeper customer understanding, source of funds, counterparties, and historical behavior
• Expected outcome: Better alert disposition and stronger suspicious activity decisioning
• Risks / limitations: Alert fatigue, data gaps, inconsistent investigator quality

9. Real-World Scenarios

A. Beginner Scenario

• Background: A new bank customer says she runs a local consulting firm.
• Problem: The bank notices her account receives frequent international transfers from multiple unrelated companies.
• Application of the term: The bank applies Enhanced Due Diligence by asking for business details, invoices, ownership information, expected transaction patterns, and source of funds explanations.
• Decision taken: The bank pauses full account functionality until the information is reviewed.
• Result: Some transfers are explained by genuine contracts, but several counterparties remain unclear, so the account is placed under enhanced monitoring.
• Lesson learned: Even small business customers may require EDD if real activity differs from the original profile.

B. Business Scenario

• Background: A payment processor wants to onboard a fast-growing online nutraceutical merchant.
• Problem: The business sells globally, uses a complex fulfillment chain, and has high refund rates.
• Application of the term: The processor performs EDD on owners, corporate structure, product claims, sales jurisdictions, payment flows, chargeback data, and website disclosures.
• Decision taken: The merchant is approved with reserve requirements, transaction limits, and enhanced monitoring.
• Result: Risk is contained, and suspicious geographies are restricted.
• Lesson learned: EDD is not only about rejecting clients; it can support controlled acceptance.

C. Investor / Market Scenario

• Background: An equity analyst is evaluating a listed bank after news of AML control weaknesses.
• Problem: The analyst wants to understand whether future penalties, customer exits, or remediation costs may affect valuation.
• Application of the term: The analyst reviews the bank’s EDD framework, exposure to correspondent banking, high-risk customer segments, remediation disclosures, and enforcement history.
• Decision taken: The analyst lowers earnings forecasts due to expected compliance costs and slower onboarding growth.
• Result: The compliance weakness becomes a valuation and governance issue, not just a legal issue.
• Lesson learned: EDD quality can affect profitability, franchise value, and investor confidence.

D. Policy / Government / Regulatory Scenario

• Background: A regulator inspects a mid-sized bank operating in multiple cross-border payment corridors.
• Problem: The bank claims to use a risk-based approach, but examiners suspect weak EDD for foreign corporate customers.
• Application of the term: Examiners test customer files for beneficial ownership, source of funds, documented rationale, senior approvals, and ongoing monitoring.
• Decision taken: The regulator requires remediation because many high-risk files lack clear evidence of enhanced review.
• Result: The bank must improve governance, retrain staff, and revisit existing customer files.
• Lesson learned: A policy statement is not enough; EDD must be demonstrable in practice.

E. Advanced Professional Scenario

• Background: A global bank reviews a respondent bank in a region with rising sanctions and corruption concerns.
• Problem: The respondent serves local money service businesses and may provide nested access to smaller institutions.
• Application of the term: The bank conducts EDD on ownership, licensing, regulatory history, customer base, sanctions controls, monitoring systems, audit reports, and nested payment exposure.
• Decision taken: The relationship is retained only for limited corridors with tightened controls, annual senior approval, and enhanced transaction monitoring.
• Result: The bank preserves strategic access while reducing exposure.
• Lesson learned: Mature EDD is not binary; it supports granular risk decisions.

10. Worked Examples

Simple conceptual example

A local salaried employee opens a savings account with payroll deposits from a known employer. Standard CDD may be enough.

Now compare that with a foreign-owned company with three shareholder layers, no obvious operating website, and expected high-volume cross-border transfers. Standard CDD is no longer sufficient. The bank performs EDD to understand:

• who really controls the company
• why the payment flows make sense
• where the funds come from
• whether the jurisdictions involved raise concern

Practical business example

A merchant acquirer is reviewing an online electronics reseller.

1. The merchant says it sells only in one country.
2. Website review shows shipping to 20 countries.
3. Settlement account is in a different jurisdiction.
4. Beneficial owner previously held interests in a terminated merchant.
5. Refund rates are already elevated in test processing.

EDD response: – verify ownership and past business interests – reconcile website, contracts, and bank account details – review product authenticity and sales pattern – impose rolling reserve and tighter monitoring if approved

Business outcome: The acquirer either declines the merchant or approves it under controlled conditions.

Numerical example

There is no regulator-mandated universal EDD formula, but many firms use illustrative internal risk scores.

Assume a firm uses this model:

• Customer/profile risk weight = 20%
• Geography risk weight = 25%
• Product risk weight = 20%
• Channel risk weight = 15%
• Transaction behavior risk weight = 20%

Each factor is scored from 1 (low) to 5 (high).

A customer is scored as follows:

• Customer/profile risk = 4
• Geography risk = 5
• Product risk = 3
• Channel risk = 4
• Transaction behavior risk = 2

Step 1: Multiply each score by its weight

• 0.20 × 4 = 0.80
• 0.25 × 5 = 1.25
• 0.20 × 3 = 0.60
• 0.15 × 4 = 0.60
• 0.20 × 2 = 0.40

Step 2: Add them

Total weighted score = 0.80 + 1.25 + 0.60 + 0.60 + 0.40 = 3.65

Step 3: Convert to a 100-point scale

Risk Score = 3.65 × 20 = 73

Step 4: Interpret

Illustrative internal thresholds:

• 20 to 39 = low risk
• 40 to 69 = medium risk
• 70 to 100 = high risk

This customer scores 73, so the firm triggers Enhanced Due Diligence.

Important: This is only an example of internal methodology. Firms must follow their own approved models and applicable regulations.

Advanced example

A bank reviews a foreign respondent bank.

Findings:

• licensed and regulated: positive
• ownership is partially opaque: negative
• serves small local financial institutions: moderate risk
• two sanctions-related control issues were remediated last year: negative
• independent audit of AML controls exists: positive
• expected payment volume is high and cross-border: higher risk

Advanced EDD conclusion: Rather than automatic exit, the bank may:

• restrict products
• prohibit nested access without disclosure
• require periodic certifications
• increase transaction screening sensitivity
• seek senior management approval

This shows EDD as a structured decision framework, not just document collection.

11. Formula / Model / Methodology

Enhanced Due Diligence does not have a single globally mandated formula. The most relevant methodology is a risk-based assessment model.

Formula name: Illustrative Customer Risk Score

Formula

[ \text{CRS} = 20 \times \sum (w_i \times s_i) ]

Meaning of each variable

• CRS = Customer Risk Score on a 20 to 100 scale
• w_i = weight of risk factor i
• s_i = score of risk factor i from 1 to 5
• The factor weights should sum to 1.00

Typical factors used

• customer type/profile
• geography
• product/service
• delivery channel
• transaction behavior
• ownership complexity
• PEP/adverse media exposure

Interpretation

• Higher score = higher inherent risk
• A high score may trigger EDD
• Some factors may trigger EDD regardless of score, such as a confirmed sanctions concern or a specific regulatory rule

Sample calculation

Assume:

• customer type weight 0.20, score 4
• geography weight 0.25, score 5
• product weight 0.20, score 3
• channel weight 0.15, score 4
• behavior weight 0.20, score 2

[ \text{CRS} = 20 \times [(0.20 \times 4) + (0.25 \times 5) + (0.20 \times 3) + (0.15 \times 4) + (0.20 \times 2)] ]

[ \text{CRS} = 20 \times (0.80 + 1.25 + 0.60 + 0.60 + 0.40) ]

[ \text{CRS} = 20 \times 3.65 = 73 ]

A score of 73 is high under this illustrative framework, so EDD is required.

Optional residual risk model

Some institutions also estimate a residual risk score after considering controls.

[ \text{Residual Risk} = \text{Inherent Risk Score} \times (1 – c) ]

Where:

• c = control effectiveness adjustment, between 0 and 1

If the inherent risk score is 73 and control effectiveness is estimated at 15%:

[ 73 \times (1 – 0.15) = 62.05 ]

This suggests controls reduce some risk, but the relationship may still remain above ordinary levels.

Caution: Residual-risk formulas vary widely and are not standardized across regulators.

Common mistakes

• treating the model as a replacement for professional judgment
• using stale or poor-quality customer data
• failing to override scores when mandatory triggers exist
• ignoring changes after onboarding
• assigning arbitrary weights without governance

Limitations

• models may oversimplify real-world risk
• data quality can distort outcomes
• weighting choices can bias results
• some high-risk cases look normal numerically
• regulatory expectations often require qualitative analysis beyond scoring

12. Algorithms / Analytical Patterns / Decision Logic

1. Rule-based trigger framework

What it is: A set of predefined rules that automatically route cases into EDD.

Examples: – customer is a PEP – customer or beneficial owner is linked to a high-risk jurisdiction – ownership chain exceeds a complexity threshold – non-face-to-face onboarding plus cross-border activity – unusually high expected transaction volumes

Why it matters: It ensures consistent escalation.

When to use it: Onboarding and periodic review.

Limitations: Rigid rules can miss nuanced risk or create too many escalations.

2. Risk scoring model

What it is: Weighted scoring of risk factors.

Why it matters: Helps prioritize resources.

When to use it: Initial classification, refresh reviews, case triage.

Limitations: Dependent on model quality and governance.

3. Event-driven review logic

What it is: EDD triggered by specific events after onboarding.

Examples: – ownership change – sanctions hit – adverse media – unusual transaction spike – change in business model – entry into a new geography

Why it matters: Customer risk is dynamic.

When to use it: Ongoing monitoring stage.

Limitations: Requires timely data feeds and alert management.

4. Transaction pattern analysis

What it is: Monitoring transactional behavior against expected activity.

Patterns that may matter: – rapid in-and-out movement of funds – round-number transfers without clear business purpose – payments inconsistent with known industry profile – multiple counterparties in unrelated sectors – sudden increase in cross-border activity – funnel-like deposits and immediate dispersal

Why it matters: EDD should connect customer profile to actual behavior.

When to use it: Ongoing monitoring and alert investigation.

Limitations: Legitimate business growth can resemble suspicious change.

5. Network and relationship analysis

What it is: Looking at connected parties, shared addresses, directors, phone numbers, devices, or counterparties.

Why it matters: Hidden relationships often reveal risk not visible in isolated files.

When to use it: Complex entities, merchant networks, fraud-linked structures.

Limitations: False associations are possible without context.

6. Decision tree for EDD outcomes

A practical decision flow often looks like this:

1. Is the customer or activity high risk?
2. If yes, collect additional information.
3. Can identity, ownership, purpose, and funds be reasonably understood?
4. Are sanctions, corruption, or reputational concerns acceptable within policy?
5. Is senior approval required?
6. Decision: – approve – approve with restrictions – defer pending more information – decline – exit existing relationship

13. Regulatory / Government / Policy Context

Enhanced Due Diligence is strongly shaped by AML/CFT and sanctions regulation. Exact rules vary, so firms should verify current local requirements and sector-specific guidance.

International / global context

Global practice is heavily influenced by:

• risk-based AML/CFT standards
• expectations around higher-risk customers and jurisdictions
• beneficial ownership transparency
• sanctions compliance frameworks
• correspondent banking guidance
• payment transparency standards

Global policy tension often exists between:

• financial integrity
• financial inclusion
• cross-border access
• de-risking pressure

United States

In the U.S., EDD sits within the broader Bank Secrecy Act and AML framework. Practical expectations often involve:

• customer identification and verification
• beneficial ownership review for legal entities
• risk-based due diligence
• enhanced scrutiny for certain higher-risk accounts, including some foreign correspondent and private banking relationships
• suspicious activity monitoring and reporting
• sanctions compliance considerations where relevant

Banks, money transmitters, broker-dealers, and other covered institutions may face overlapping expectations from different regulators and supervisors.

Important: The exact content of EDD may depend on the institution type, charter, product, and regulator.

European Union

In the EU, AML rules generally require stronger measures for higher-risk situations. EDD commonly arises in relation to:

• high-risk third-country connections
• PEPs
• complex ownership structures
• non-face-to-face relationships
• correspondent relationships
• unusual transactions lacking clear purpose

Firms must also consider member-state implementation differences and local supervisory expectations.

United Kingdom

In the UK, EDD is an established part of AML compliance under the money laundering regime. Practical triggers commonly include:

• higher-risk customers
• PEPs
• high-risk third-country exposure
• correspondent relationships
• situations where standard due diligence is not enough to manage the risk

The UK approach emphasizes documentation, governance, and a risk-based framework, with supervisory attention from relevant authorities.

India

In India, EDD is relevant under AML and KYC obligations for banks and regulated financial institutions. In practice, enhanced measures may be expected for:

• higher-risk customers
• complex legal entities
• non-face-to-face onboarding
• PEPs
• unusual transaction activity
• beneficial ownership cases requiring deeper verification

Banks and regulated entities should align with applicable AML/KYC rules, sector guidance, and regulator directions, and verify the latest circulars and amendments.

Sanctions angle

EDD is not the same as sanctions screening, but sanctions risk often drives EDD. A customer may require enhanced review when there is:

• geographic exposure to sanctioned or sensitive regions
• ownership links to restricted parties
• trade or payment flows with elevated sanctions complexity

Taxation angle

EDD is not a tax concept, but tax transparency issues may surface during review. For example, unexplained offshore structures or mismatch between wealth claims and visible business activity may raise broader compliance questions.

Public policy impact

Strong EDD can:

• protect the financial system
• deter illicit finance
• support anti-corruption policy

But excessive or poorly calibrated EDD can also:

• delay legitimate commerce
• exclude lawful customers
• contribute to de-risking in fragile markets

14. Stakeholder Perspective

Student

For a student, Enhanced Due Diligence is the “high-risk version” of customer due diligence. Learn it as a practical application of the risk-based approach in AML/CFT.

Business owner

For a legitimate business owner, EDD means extra document requests, questions about ownership, and sometimes delays. It is usually not personal; it reflects the institution’s risk obligations.

Accountant / finance controller

An accountant may support EDD by providing:

• audited or management financial statements
• ownership documentation
• business activity explanations
• cash flow evidence
• tax and registration records where appropriate

Investor

An investor may view EDD as an indicator of operational resilience. Weak EDD can lead to fines, remediation costs, and franchise damage.

Banker / lender

For a banker, EDD is both a control and a business decision tool. It helps decide whether to onboard, limit, price, or decline a relationship.

Analyst

For an analyst, EDD is relevant when assessing:

• compliance maturity
• governance quality
• reputational risk
• exposure to high-risk segments
• sustainability of growth

Policymaker / regulator

For a regulator, EDD is proof that the institution can distinguish ordinary risk from elevated risk and respond proportionately and effectively.

15. Benefits, Importance, and Strategic Value

Why it is important

EDD matters because it helps firms understand who they are dealing with, why the relationship exists, and whether activity is consistent with that explanation.

Value to decision-making

EDD improves decisions about:

• onboarding or rejection
• account restrictions
• product eligibility
• monitoring intensity
• escalation thresholds
• exit decisions

Impact on planning

Institutions can use EDD insights to plan:

• staffing for high-risk segments
• product design and corridor strategy
• market entry and client segmentation
• remediation priorities

Impact on performance

Good EDD can reduce:

• fraud losses
• compliance failures
• enforcement costs
• customer review backlogs

But it can also slow growth if badly designed.

Impact on compliance

EDD is a core part of showing that the firm has a genuine risk-based AML/CFT program rather than a checklist-only process.

Impact on risk management

EDD strengthens management of:

• financial crime risk
• sanctions risk
• corruption exposure
• reputational damage
• third-party and cross-border risk

16. Risks, Limitations, and Criticisms

Common weaknesses

• inconsistent file quality
• overreliance on templates
• poor understanding of customer business models
• weak beneficial ownership tracing
• inadequate refresh cycles

Practical limitations

• limited access to reliable public data
• opaque offshore structures
• language barriers
• inconsistent documentation across jurisdictions
• operational cost and turnaround time

Misuse cases

EDD can be misused when firms:

• request documents with no clear risk rationale
• apply “EDD” as a blanket label without real analysis
• use it to justify automatic de-risking
• fail to distinguish high complexity from high illegality

Misleading interpretations

• “More documents” does not automatically mean “better due diligence.”
• A clean screening result does not prove low risk.
• A high score does not always mean rejection.

Edge cases

Some lawful customers are structurally complex:

• family offices
• international trading firms
• NGOs in difficult regions
• remittance-linked businesses
• digital platforms with many sub-merchants

These require careful analysis, not simplistic treatment.

Criticisms by experts or practitioners

Common criticisms include:

• EDD can become box-ticking
• firms may over-de-risk certain regions or sectors
• false positives consume resources
• real risks may hide behind apparently clean documentation
• technology tools can create a false sense of certainty

17. Common Mistakes and Misconceptions

Wrong Belief	Why It Is Wrong	Correct Understanding	Memory Tip
EDD is just collecting extra documents	Documents alone do not equal understanding	EDD is a deeper risk assessment plus monitoring	“More paper is not more insight”
EDD is only for very rich clients	Many non-wealth customers can be high risk	Risk, not wealth, drives EDD	“High risk, not high net worth”
If sanctions screening is clear, EDD is unnecessary	Sanctions is only one control	EDD covers broader AML, corruption, ownership, and activity risks	“No hit does not mean no risk”
EDD happens only at onboarding	Risk changes over time	EDD can be event-driven or periodic	“Risk moves, so reviews move”
A high-risk score means automatic rejection	Institutions can approve with controls	EDD supports calibrated decisions	“High risk is not always no business”
Source of funds and source of wealth are the same	They answer different questions	One is about specific money; the other is about overall wealth creation	“Funds = this money, wealth = lifetime story”
Small firms do not need EDD	Small entities can still be abused	Complexity and behavior matter more than size alone	“Small can still be risky”
EDD is purely a compliance task	Business, operations, and technology all matter	Effective EDD is cross-functional	“Compliance leads, but the whole firm helps”
Once approved, the customer is safe	Circumstances change	Ongoing monitoring remains essential	“Approval is the start, not the end”
Complex structure means criminality	Complexity may be legitimate	The task is to understand and assess, not assume	“Complex is a clue, not a verdict”

18. Signals, Indicators, and Red Flags

Positive signals

• transparent ownership structure
• consistent explanation of business activity
• plausible source of funds and source of wealth
• documents from credible sources
• transactions match stated purpose
• responsive and cooperative customer behavior
• stable pattern over time

Negative signals / warning signs

• reluctance to disclose beneficial owners
• unexplained offshore layers
• inconsistent business description across documents
• sudden volume spikes without business reason
• counterparties unrelated to stated business
• use of personal accounts for corporate flows
• settlement in unrelated jurisdictions
• adverse media suggesting fraud, corruption, or sanctions evasion
• rapid fund movement with little economic rationale

Metrics to monitor

• alert frequency per customer
• change in transaction volume vs expected baseline
• number of unresolved documentation gaps
• periodic review overdue rate
• false positive vs true escalation ratio
• percentage of high-risk customers with senior approval
• time taken to complete EDD

What good vs bad looks like

Area	Good Looks Like	Bad Looks Like
Ownership review	Clear control map, validated UBOs	Missing or contradictory owners
Source of funds	Specific, evidence-backed, plausible	Vague explanations like “business income” only
Monitoring	Activity matches profile or deviations are explained	Repeated unexplained alerts
Documentation	Decision rationale is clear and auditable	File contains documents but no real analysis
Governance	Proper escalation and approval	High-risk cases approved informally

19. Best Practices

Learning

• understand AML/CFT basics before advanced EDD
• learn the difference between identity, ownership, funds, and wealth
• practice reading customer profiles and transaction patterns together

Implementation

• define clear EDD triggers
• document standard information requirements by risk type
• align onboarding, screening, and monitoring teams
• tailor EDD to customer type rather than using one template for all

Measurement

• track turnaround time, escalation quality, and missing data
• review whether high-risk classifications actually correlate with alert outcomes
• test whether the model produces too many or too few EDD cases

Reporting

• report high-risk concentrations by customer segment, geography, and product
• highlight recurring file quality weaknesses
• distinguish backlog numbers from substantive risk findings

Compliance

• ensure policies reflect current law and regulator guidance
• maintain auditable rationale for approvals
• use senior management approval where policy or law requires it
• refresh high-risk files on time

Decision-making

• combine model outputs with expert judgment
• prefer evidence over assumptions
• if uncertainty remains material, restrict or decline rather than guess
• treat EDD as a business acceptance framework, not just a control hurdle

20. Industry-Specific Applications

Banking

Banks use EDD for:

• PEPs
• correspondent banking
• cash-intensive businesses
• complex corporates
• private banking clients
• trade finance relationships

The emphasis is on AML/CFT, sanctions, beneficial ownership, and transaction consistency.

Payments and merchant acquiring

Payment firms apply EDD to:

• online merchants
• marketplaces
• high-risk merchant categories
• cross-border payment flows
• payout and settlement arrangements
• sub-merchant or aggregator models

The emphasis often includes fraud, chargebacks, illegal goods/services risk, and settlement flow transparency.

Fintech

Fintech firms often face:

• digital onboarding
• non-face-to-face verification
• API-driven account opening
• rapid scaling of customer base
• platform or embedded finance models

EDD here must balance speed with strong controls.

Insurance

Insurance firms may apply EDD where products, beneficiaries, or premium flows create elevated risk. The pattern differs from banking because activity is tied to policy structure, premium source, and payout arrangements.

Wealth management / private banking

EDD is especially deep for:

• high-net-worth individuals
• trusts and family offices
• offshore structures
• PEPs and associates
• source of wealth analysis

Government / public finance entities

Public sector banks and state-related financial entities may face special sensitivity around:

• public procurement-linked funds
• politically exposed counterparties
• state-owned enterprise relationships
• anti-corruption controls

21. Cross-Border / Jurisdictional Variation

Jurisdiction	General Approach to EDD	Common Triggers	Practical Notes
India	Risk-based AML/KYC with enhanced measures for higher-risk cases	PEPs, non-face-to-face cases, complex ownership, unusual activity	Verify current sector regulator directions and PMLA-related requirements
United States	Risk-based AML framework with stronger scrutiny for certain higher-risk relationships	Foreign correspondent/private banking, high-risk entities, suspicious behavior, sanctions complexity	Institution type and regulator affect implementation detail
European Union	Strong AML framework emphasizing enhanced measures for higher-risk situations	PEPs, high-risk third-country exposure, complex structures, unusual transactions	Member-state implementation can differ
United Kingdom	Risk-based EDD under money laundering rules	PEPs, high-risk third countries, correspondent relationships, elevated AML risk	Documentation and governance are heavily emphasized
International / Global	Guided by international AML/CFT standards and best-practice frameworks	Jurisdiction risk, ownership opacity, cross-border flows, corruption exposure	Firms must align global policy with local law

Key cross-border differences

• definition may be broad globally but operational triggers differ
• some jurisdictions are more prescriptive about certain scenarios
• documentation expectations vary
• data access and beneficial ownership transparency vary widely
• sanctions exposure can change faster than customer risk models

22. Case Study

Context

A mid-sized international bank wants to onboard a foreign import-export company that expects monthly cross-border payments in multiple currencies.

Challenge

The company is profitable and legally registered, but its ownership chain runs through three jurisdictions, one beneficial owner has negative media exposure, and the stated business activity does not fully explain the proposed payment corridors.

Use of the term

The bank initiates Enhanced Due Diligence by:

• mapping beneficial ownership and control
• requesting a clearer explanation of business lines and counterparties
• reviewing source of funds and major contract flows
• screening owners and related entities for sanctions, PEP, and adverse media exposure
• assessing whether the company’s expected transactions fit the business model
• requiring senior management review

Analysis

EDD reveals:

• the ownership structure is legal but unnecessarily opaque
• negative media relates to a past corruption investigation involving a related party, not a conviction against the owner
• several expected payment corridors are commercially plausible
• one corridor involves counterparties in a high-risk jurisdiction with limited documentation

Decision

The bank does not reject the customer outright. Instead, it:

• approves the relationship with restrictions
• disallows activity in the poorly documented corridor
• sets lower initial transaction limits
• requires periodic refresh every 12 months or sooner if triggered
• applies enhanced transaction monitoring

Outcome

The customer begins operating within approved limits. After six months, activity stays largely consistent with the declared profile, and the restricted corridor remains unused.

Takeaway

Good EDD supports controlled acceptance, not just approval or rejection. The goal is to understand risk deeply enough to make a defensible decision.

23. Interview / Exam / Viva Questions

10 Beginner Questions

1. What is Enhanced Due Diligence?
2. Why do firms perform EDD?
3. How is EDD different from standard CDD?
4. What does KYC have to do with EDD?
5. What is a beneficial owner?
6. What is the difference between source of funds and source of wealth?
7. Name three common triggers for EDD.
8. Is EDD only done at account opening?
9. Does a high-risk customer always have to be rejected?
10. Why is documentation important in EDD?

Model Answers: Beginner

1. Enhanced Due Diligence is additional review applied to higher-risk customers, transactions, or relationships.
2. Firms perform EDD to manage AML/CFT, sanctions, fraud, corruption, and reputational risk.
3. CDD is the normal level of review; EDD is deeper review for elevated risk.
4. KYC is the broader customer identification framework; EDD is a higher-risk extension of it.
5. A beneficial owner is the real natural person who ultimately owns or controls a legal entity.
6. Source of funds explains where specific money came from; source of wealth explains how the person accumulated overall wealth.
7. Common triggers include PEP status, high-risk jurisdictions, and complex ownership structures.
8. No. EDD can also be triggered during periodic reviews or by unusual transaction activity.
9. No. A high-risk customer may be approved with restrictions and stronger monitoring.
10. Documentation proves what was reviewed, why decisions were made, and whether the process was compliant.

10 Intermediate Questions

1. What operational steps are usually included in an EDD process?
2. Why is beneficial ownership analysis central to EDD for companies?
3. How does geography affect EDD?
4. What role does senior management approval play in EDD?
5. How can transaction monitoring trigger EDD?
6. Why might a payment processor apply EDD to a merchant?
7. What is the risk-based approach in the context of EDD?
8. How does adverse media influence EDD?
9. Why can a purely document-based approach fail?
10. What is the difference between inherent risk and residual risk?

Model Answers: Intermediate

1. Typical steps are trigger identification, information gathering, verification, risk assessment, approval/escalation, monitoring, and documentation.
2. Because legal ownership may hide the real controllers, and hidden control is a major financial crime risk.
3. Some jurisdictions carry higher AML, sanctions, corruption, or enforcement risk, which can increase scrutiny.
4. It ensures deliberate acceptance of higher-risk relationships and stronger governance accountability.
5. If a customer’s actual behavior diverges from the expected profile, the case may be escalated into EDD.
6. To understand business legitimacy, ownership, fraud exposure, cross-border sales patterns, and illegal-commerce risk.
7. It means applying stronger controls where risk is higher rather than treating all customers identically.
8. Adverse media can indicate corruption, fraud, sanctions evasion, or reputational risk that needs deeper analysis.
9. Because documents can be incomplete, misleading, or context-free; EDD requires understanding, not just collection.
10. Inherent risk is the risk before considering controls; residual risk is what remains after accounting for controls.

10 Advanced Questions

1. How would you design an EDD framework for correspondent banking?
2. What are the weaknesses of customer risk scoring models in EDD?
3. How should a firm handle a customer with high complexity but no obvious illegal conduct?
4. When should EDD override an automated low-risk score?
5. How do you distinguish a genuine international business from layering activity?
6. What governance features separate strong EDD programs from weak ones?
7. How can EDD create unintended de-risking?
8. What data quality problems most often undermine EDD?
9. How should firms treat event-driven EDD refreshes?
10. How can investors use information about a bank’s EDD weaknesses?

Model Answers: Advanced

1. A correspondent banking EDD framework should cover licensing, regulatory history, ownership, AML controls, customer base, nested relationships, sanctions controls, payment corridors, and governance approvals.
2. Weaknesses include data bias, arbitrary weights, model drift, false confidence, and failure to capture nuanced or emerging risk.
3. The firm should investigate and understand the structure, not assume illegality; complexity is a risk indicator, not proof of wrongdoing.
4. Manual override is appropriate where mandatory triggers, strong adverse information, or new intelligence show higher risk than the model captures.
5. Compare ownership, contracts, counterparties, transaction purpose, payment timing, and industry norms; layering often lacks a credible business logic.
6. Strong governance includes clear triggers, documented rationale, quality assurance, senior approvals, timely refreshes, and effective challenge.
7. If controls are too conservative, firms may exit lawful customers or whole regions rather than managing risk proportionately.
8. Common issues are missing beneficial owner data, stale customer profiles, inconsistent address data, and unstructured narrative explanations.
9. Event-driven refreshes should be prompt, documented, and proportionate to the triggering event, not delayed until the next periodic cycle.
10. Investors can use them to assess compliance cost, future penalties, growth constraints, governance quality, and reputational exposure.

24. Practice Exercises

5 Conceptual Exercises

1. Explain in your own words why EDD is needed in a risk-based AML framework.
2. Distinguish between CDD and EDD using one sentence each.
3. Give two examples of when source of wealth matters more than source of funds.
4. Why is beneficial ownership harder to assess for legal entities than for individuals?
5. Describe one reason why a legitimate customer might still trigger EDD.

5 Application Exercises

6. A small company opens an account and declares domestic operations only, but soon receives funds from five countries. What EDD questions would you ask?
7. A PEP applies for a private banking relationship. List the extra areas you would review.
8. A payment processor sees a merchant whose website says “local only,” but transactions come from many countries. What should happen next?
9. A corporate customer refuses to identify a trust beneficiary, saying it is confidential. How should this affect the EDD process?
10. A previously low-risk customer suddenly triples monthly transaction volume. What event-driven EDD actions are appropriate?

5 Numerical or Analytical Exercises

Use this illustrative risk model:

[ \text{CRS} = 20 \times \sum (w_i \times s_i) ]

Weights:

• customer/profile = 0.20
• geography = 0.25
• product = 0.20
• channel = 0.15
• behavior = 0.20

Scores range from 1 to 5.

Illustrative thresholds:

• 20 to 39 = low
• 40 to 69 = medium
• 70 to 100 = high

11. Customer A scores: profile 2, geography 2, product 3, channel 1, behavior 2. Calculate CRS and classify risk.
12. Customer B scores: profile 4, geography 4, product 4, channel 3, behavior 4. Calculate CRS and state whether EDD is likely.
13. Customer C scores: profile 3, geography 5, product 2, channel 4, behavior 3. Calculate CRS.
14. A customer has an inherent risk score of 80. If a firm uses an internal residual risk adjustment with control effectiveness of 10%, what is the residual risk score?
15. A customer scores only 48 but is a confirmed PEP under internal policy. Should EDD still apply? Explain.

Answer Keys

Conceptual answers

1. EDD is needed because not all customers present the same risk, so higher-risk cases require deeper checks and monitoring.
2. CDD is standard customer review; EDD is enhanced review for higher-risk situations.
3. Examples: private banking for a wealthy individual, onboarding a trust or family office linked to a PEP.
4. Because ownership may be layered across companies, trusts, nominees, or multiple jurisdictions.
5. Because complexity, geography, business model, or transaction pattern can elevate risk even when activity is lawful.

Application answers

6. Ask about business purpose, counterparties, contracts, ownership, expected cross-border activity, source of funds, and why activity differs from original declaration.
7. Review office held, jurisdiction, source of wealth, source of funds, family/associate links, adverse media, sanctions screening, and expected account activity.
8. Escalate to EDD, verify business model, reconcile website claims, check ownership and geographies, and decide whether restrictions or decline are needed.
9. It should materially increase risk; inability or refusal to identify key parties may prevent completion of EDD and may justify rejection or escalation.
10. Reassess customer profile, request updated business explanation, review counterparties and source of funds, and increase monitoring if needed.

Numerical / analytical answers

11. [ 20 \times [(0.20 \times 2)+(0.25 \times 2)+(0.20 \times 3)+(0.15 \times 1)+(0.20 \times 2)] ]
    [ = 20 \times (0.40+0.50+0.60+0.15+0.40)=20 \times 2.05=41 ]
    Classification: Medium risk.

12. [ 20 \times [(0.20 \times 4)+(0.25 \times 4)+(0.20 \times 4)+(0.15 \times 3)+(0.20 \times 4)] ]
    [ =20 \times (0.80+1.00+0.80+0.45+0.80)=20 \times 3.85=77 ]
    Classification: High risk. EDD is likely.

13. [ 20 \times [(0.20 \times 3)+(0.25 \times 5)+(0.20 \times 2)+(0.15 \times 4)+(0.20 \times 3)] ]
    [ =20 \times (0.60+1.25+0.40+0.60+0.60)=20 \times 3.45=69 ]
    Classification: Upper-medium risk; depending on policy, may trigger EDD or enhanced review.

14. [ 80 \times (1-0.10)=72 ]
    Residual risk score: 72.

15. Yes. Mandatory policy triggers such as confirmed PEP status can require EDD regardless of score.

25. Memory Aids

Mnemonics

EDD = Extra Depth for Danger
If risk is higher, review must go deeper.

RISK – Real owner – Income and funds – Screening and story consistency – Keep monitoring

SOF vs SOW – F = Funds = this flow – W = Wealth = whole fortune

Analogies

• Airport security analogy: Most passengers go through standard checks. Some situations require extra screening. That extra screening is like EDD.
• Doctor analogy: A normal checkup is like CDD. If symptoms suggest something more serious, the doctor orders deeper tests. That is EDD.

Quick memory hooks

• EDD begins when standard review is not enough.
• High risk does not always mean no business.
• Ownership, funds, purpose, and behavior must tell the same story.
• EDD is not a one-time file; it continues through monitoring.

“Remember this” summary lines

• EDD is risk-based, not random.
• The goal is understanding, not paperwork.
• Complexity is a clue, not a verdict.
• No audit trail, no defensible EDD.

26. FAQ

1. What is Enhanced Due Diligence in one sentence?

It is deeper customer and transaction review for higher-risk cases.

2. Is EDD the same as KYC?

No. KYC is broader; EDD is an enhanced layer for elevated risk.

3. Does every customer go through EDD?

No. Usually only customers or activities assessed as higher risk.

4. What usually triggers EDD?

PEP exposure, complex ownership, high-risk geography, unusual activity, correspondent relationships, adverse media, and certain business models.

5. Is EDD required only at onboarding?

No. It can also be triggered during periodic reviews or after unusual activity.

6. What documents are commonly requested in EDD?

It depends on the case, but may include ownership records, business information, transaction explanations, source of funds evidence, and source of wealth information.

7. What is the difference between source of funds and source of wealth