CDD vs EDD: Know When to Go Beyond Basic Due Diligence16 April, 2025 6 minutes read Both customer due diligence (CDD) and enhanced due diligence (EDD) are regulatory requirements that are prerequisites for ensuring AML compliance and help with risk management and mitigation.These concepts may sound similar, but there is quite a difference between the two, especially if we consider what their individual protocols are, why both practices are required, and when to go for EDD.Whenever a business develops a relationship with another entity (customer or business), there is a certain level of scrutiny that is mandatory to avoid getting into the risk of dealing with entities prone to violations of AML regulations.What is Customer Due Diligence (CDD)?Customer due diligence is one of the integral components of meeting the Know Your Business (KYB) requirements. It is a part of an organization’s risk management strategy required by laws and regulations like the Anti-Money Laundering (AML) and the Bank Secrecy Act (BSA). CDD is typically conducted when establishing a new business relationship, carrying out occasional transactions, or generally when transactions are involved or when there is a suspicion of money laundering. While conducting CDD, financial institutions collect and then verify crucial information about a client.For example, during business onboarding, implementing CDD as a part of KYB, the following documents of the customer will be collected:Full legal/registered nameDate of birth and a valid picturePassport, national ID, and driver’s licenseContact number and emailCertificate of incorporationBusiness/trade licenseTax identification numberArticles of associationProof of registered business address (bill, lease agreements)After collecting these documents, businesses assess the customer’s risk level. This involves analyzing their financial and business activities.One of the important steps to note here is that in CDD, the customer data is not only under scrutiny but also extends to checking data against public and government databases, including sanctions lists, company listings, adverse media, and PEP lists.What is Enhanced Due Diligence (EDD)?After developing the customer’s risk profile, the risk score that is assigned determines the level of due diligence required. It involves an intense level of scrutiny called enhanced due diligence (EDD). The extent to which due diligence is conducted depends on the customer’s risk level. In usual scenarios, standard CDD is sufficient for basic or low-risk profiles. However, that may not always be the case, as sometimes a UBO, for example, may be a politically exposed person (PEP) or may be an individual from a sanctioned jurisdiction.Implementing this risk-based strategy enables businesses to safeguard customer relationships and assets and ensure EDD compliance.CDD vs EDD: When Basic Checks Aren’t EnoughCDD and EDD are both integral components of risk mitigation and AML compliance programs in financial institutions. While both regulatory practices are implemented to avoid the risks associated with the illegitimate customers, the latter differs slightly based on depth, scope, and intent.Depth:Contrary to the CDD, which typically involves collecting a customer’s basic data to create a risk profile, EDD digs deeper into the customer’s profile. In businesses where a customer is an ultimate beneficial owner (UBO), enhanced due diligence evaluates the risk associated with them. Ensuring a comprehensive investigation is an essential regulatory requirement, as it peels through the complex ownership structures and helps financial institutions know when a customer’s risk level is higher than usual.With existing customers who have the potential to become high-risk entities in the future, ongoing monitoring through EDD is also beneficial for avoiding future risk and penalties.Scope:In terms of scope, EDD goes beyond basic checks to manage high-risk business persons that may be involved in various types of financial crimes such as money laundering, terrorist financing, or regulatory non-compliance. UBO identification is a non-negotiable thing in enhanced due diligence. The decision to apply EDD or CDD in the context of UBOs lies in their risk level. For example, if a customer is a high-risk politically exposed person (PEP), owns a substantial amount of wealth, or has an intricate financial profile, the business should use EDD to get a full picture of the customer’s historical records and financial activities.Intent:Unlike basic due diligence, the intent of EDD is to identify and mitigate high levels of risk by scrutinizing factors such as complex ownership structures, involvement of UBOs, or links to high-risk jurisdictions. In addition to that, since CDD only aims to collect and verify basic customer data, in EDD, detailed documentation of a customer is scrutinized, ultimately helping in the meticulous verification of the company’s integrity.For example, it not only supports customer onboarding but also enhances supplier chain due diligence for fintechs, by providing comprehensive director checks and screening names against sanctions lists and adverse media, helping them understand the risk associated with their partners.How The KYB’s Approach to CDD and EDD Can Help Your BusinessThe KYB facilitates both CDD and EDD processes by offering quick, document-supported evaluations from official registers and non-public databases. For CDD, it allows for business or entity verification, business register checks, license verification, and document acquisition under one roof. Our platform ensures that companies are able to instantly check the validity of an entity before onboarding.Where EDD is needed, we provide sophisticated features such as financial performance analysis (balance sheets, income statements, and cash flows), Ultimate Beneficial Owners (UBOs) identification, and visualization of intricate ownership structures.Unlike traditional data sources, The KYB provides a comprehensive due diligence report much faster. This comprises extensive company information, underlying risk indicators, and observations that are usually overlooked in regular verification exercises.Our platform aims to assist companies and financial institutions in reducing onboarding delays, ensuring AML/CFT compliance, and meeting regulatory requirements across various jurisdictions.Regardless of whether performing third-party screening, investor due diligence, or adding a new vendor, The KYB allows companies to use the right amount of scrutiny, fueled by validated data sources directly and in real time from the official registry. What this means is that our enhanced due diligence not only digs deep into a business entity’s profile but also checks for direct and indirect sanctions, identifying whether the entity is explicitly listed or associated with a sanctioned individual or organization through ownership, control, or business ties.Get in touch for a comprehensive, automated CDD and EDD solution tailored to your specific compliance needs. Our services simplify Know Your Business (KYB) checks, helping you stay compliant, reduce onboarding friction, and protect your business from potential risks.
What is Enhanced Due Diligence? A Comprehensive Guide22 December, 2023 9 minutes read Even though money laundering is widely denounced, it persists in many sectors and often remains unidentified. Regulatory bodies worldwide, such as the Financial Conduct Authority (FCA) and FinCEN, along with Financial Crime watchdogs like the Financial Action Task Force (FATF), aim to mitigate financial crimes. Businesses require strict verification protocols and a comprehensive due diligence process to adhere to regulatory frameworks and mitigate money laundering. It is necessary to verify all the customers and perform due diligence. However, enhanced due diligence of high-risk entities can help substantiate the actual level of risk associated with entities.What are Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD)? Customer Due Diligence (CDD) refers to the process of verifying customer identity and assessing the risk of being involved in any financial crimes. Performing due diligence on customers is a key requirement under FATF Recommendation 10. Here are some key steps of the CDD process: 1. Customer Identification and Verification (CIV)CIV applies to an individual or legal entity to confirm identity and legality. It involves a review of various identity documents, including ID cards, passports, and company registration certificates, among others. 2. Beneficial Ownership Identification If the customer is a legal entity, such as a company or trust, it is necessary to identify the beneficial owners who ultimately control that entity.  3. Ongoing Monitoring Companies are required to continuously review transactions that customers perform to ensure that they align with their profiles. It enables the detection and identification of suspicious and unusual behavior. 4. Enhanced Due Diligence (EDD)Enhanced Due Diligence (EDD) refers to an advanced risk assessment process that goes beyond basic verification and provides a thorough and more rigorous approach for risk estimation. EDD process involves deeper checks such as verifying the customer’s source of wealth, applying strict monitoring, and is often required for:If the customer is a politically exposed personIf a customer or transaction is associated with a high-risk country and sectorIf transactions are complex or largeThis process is a step ahead of simplified due diligence. It is typically applied when entities stand higher at risk of being involved in money laundering or terrorist financing.Who are High Risk Entities? High-risk entities include individuals in their ownership structure or representatives who have the potential to pose a serious threat to a company or its operation. There are some attributes that define high-risk individuals who need EDD; they are mainly: Politically Exposed Persons (PEPs) Entities with complex ownership structures Offshore Companies or Trusts Cash-Intensive BusinessesNon-Profit Organizations (NPOs) in High-Risk AreasCustomers coming from countries with lax regulations on AML/CFT complianceEntities with suspicious transaction patternsEnhanced Due Diligence Process – Key StepsCompliance with FATF recommendations requires businesses to implement enhanced due diligence measures when dealing with high-risk entities. A thorough Enhanced Due Diligence process involves the following steps:Risk-Based Approach Initially, organizations evaluate each client’s risk profile by looking at transaction type, geography, and employment, among other things. Regulators in various countries have been using this principle for risk identification. The UK’s Financial Conduct Authority (FCA), the U.S. FinCEN under the Bank Secrecy Act, and the European Union’s AML Directives all stress the use of a risk-based approach. It requires firms to allocate compliance resources efficiently and ensures that higher-risk relationships or transactions receive proportionally greater scrutiny through EDD.Comprehensive Data CollectionEnhanced Due Diligence process involves collecting more thorough business data such as sources of wealth, company connections, transaction patterns, and the intended use of the goods or services. There is a need to collect various documents that provide insight into business or company information, including the following documentation and the nature of information: Official corporate record Business registration documents, Articles of incorporation & partnership agreementsBanking details often include bank statements and transactional histories Identity documents of representatives, UBOs, and board members. If there is any Politically Exposed Person (PEP) within the ownership structure of the client organization, the following information is necessary to collect: Title and details on the position a PEP holds within the company When a Politically Exposed Person (PEP) has a close associate or family member, it is essential to thoroughly establish the individual’s identity, including their full name, title, and role. Additionally, it is important to assess their level of proximity to public office, detailing the nature of their relationship and any potential influence they may exert within the context of public affairs.Review of Funds SourceThe EDD process involves a thorough review of the company’s funding source and the financial background of all the UBOs. In case of any inconsistency in the earnings or source of wealth, the following additional details are required for thorough review: Shares details Salary, Bonuses, and Investment DetailsProperty and asset details Transaction Monitoring and Payment Screening EDD measures include checking details of transactions to confirm their purpose. It also involves verifying the parties involved in a specific transaction. If there are any red flags, such as multiple small transactions or high-value transactions without a transparent purpose, it can be a sign of money laundering. High-risk businesses and their transactions must be subject to more frequent and comprehensive surveillance to identify abnormal or suspicious behavior, including transaction evaluations.Adverse Media Screening Enhanced Due Diligence involves the review of press articles, reports, and other media, including social networks. It aims to check the reputational status of a company or business. As part of EDD, it is important to identify the reputational status of the business and verify if it appears in adverse media. Onsite Visit In case of inconsistency of address details, it is mandatory to conduct onsite visits for verification. A non-corresponding address registered in official documents is a red flag and a high-risk indication that businesses consider for fraud prevention and regulatory compliance. Documentation and Reporting Organizations have to thoroughly record all information acquired, risk assessments completed, and measures taken in response to potentially suspicious activity. It is also the step in completing the EDD process. Following the detection of suspicious activity, companies notify the appropriate authorities, such as the Financial Intelligence Unit (FIU) or other regulatory agencies, of the incident.Why is Enhanced Due Diligence Necessary? Enhanced Due Diligence (EDD) is important for an AML program as it allows the detection of money laundering. In addition to the AML compliance framework, EDD is important for the following reasons:For Accurate Risk Management Where EDD contributes to overall AML compliance by providing insight into financial assets and activities of potential entities, it serves in accurate risk management. Detailed information about entities and their transactions enables organizations to detect suspicious activities and mitigate financial crimes. In addition to this, the EDD program helps organizations to comprehend associated risk in a better way and reduce financial loss, legal fines, and reputational damage by compliance with regulatory requirements. For Improved Internal AML Controls Enhanced Due Diligence (EDD) process works for strong and effective AML compliance programs. By acquiring comprehensive details and cross-referencing with available data sources, companies can better assess the risk of money laundering associated with potential entities. In general, the Enhanced Due Diligence process empowers companies to handle high-risk entities and minimize the risk of dealing with such entities that can bring significant challenges in the form of noncompliance fines and reputational damage. Streamline Your Enhanced Due Diligence Process with The KYBManual due diligence process is challenging as it takes a long time full of errors. Businesses need tech-based automated solutions to have quick service and accurate results. The KYB empowers Enhanced Due Diligence by automating the identification of complex ownership structures and screening of UBOs for PEPs, sanctions, and watchlists. It also integrates adverse media screening APIs to ensure review of a business’s reputational risk. In addition, The KYB also offers perpetual benefits for real-time alerts of evolving regulations and emerging threats. Therefore, investing in The KYB will empower an enhanced due diligence process and help businesses to stay compliant with regulatory standards. FAQsWhat Makes EDD Different from CDD? EDD (Enhanced Due Diligence) differs from CDD (Customer Due Diligence) primarily in the level of scrutiny and the risk profile of the customer. EDD is a more comprehensive investigation required for high-risk customers, while CDD is a standard process for all customers. Although Customer Due Diligence (CDD) establishes a groundwork for risk assessment, EDD offers additional measures for a more comprehensive evaluation of high-risk entities.  It requires a more in-depth investigation into the customer’s background, financial activities, and risk factors. What is an example of EDD?An example of Enhanced Due Diligence (EDD) is a bank that has to onboard a new client who is a Politically Exposed Person (PEP) from a high-risk jurisdiction, like a country on the FATF blacklist. For such an individual, the bank needs to be more rigorous in its scrutiny than for a regular client. This includes gathering more comprehensive information about the client’s identity, verifying their source of funds and wealth, and implementing continuous monitoring of their transactions. What is EDD, and who is it done for?Enhanced Due Diligence (EDD) is a risk-based process of verifying a customer’s and business’s identity and assessing their risk profile beyond standard due diligence. Financial institutions and businesses primarily use it to comply with regulations and prevent financial crimes like money laundering and terrorist financing. EDD is typically conducted for customers or business partners who pose a higher risk, such as Politically Exposed Persons (PEPs) or those operating in high-risk sectors. In simpler terms, EDD is a deeper level of screening that goes beyond basic identity verification to assess the overall risk associated with a customer or business relationship. It involves collecting more information, verifying sources thoroughly, and conducting more in-depth analysis to understand and mitigate potential risks.Which situations require EDD?Enhanced Due Diligence (EDD) is required in situations where there’s a heightened risk of money laundering, terrorist financing, or other financial crimes. This includes dealing with high-risk customers like Politically Exposed Persons (PEPs), those from high-risk jurisdictions, or those in industries prone to such activities. Complex transactions, unusual transaction patterns, and the use of shell companies also trigger the need for EDD.
