Enhanced Due Diligence (EDD): A Comprehensive Guide

Enhanced Due Diligence (EDD): Why It Matters for Financial Institutions

Enhanced Due Diligence (EDD) is an advanced layer of Customer Due Diligence (CDD) used to assess higher-risk clients and transactions. It’s a key requirement under global Know Your Customer (KYC) and Anti-Money Laundering (AML) standards and serves as a crucial safeguard against financial crime.

What Is Enhanced Due Diligence?

EDD goes beyond standard identity checks. It applies when institutions onboard customers with risk factors such as ties to high-risk jurisdictions, politically exposed persons (PEPs), complex ownership structures, or activities linked to higher money laundering risk (e.g., gambling, crypto).

Unlike general CDD, which verifies identity and assesses broad risk, EDD requires deeper investigation. It means collecting more information, verifying it through multiple sources, and maintaining stronger ongoing monitoring.

How to Apply Enhanced Due Diligence?

The EDD process typically starts with a thorough Customer Identification Program (CIP). Institutions must ensure they understand exactly who they’re dealing with—including verifying personal IDs and confirming corporate structures, particularly the ultimate beneficial owners (UBOs).

Next comes defining a customer’s expected behavior. This includes the purpose of the relationship, transaction types, frequency and expected volume. Establishing this baseline helps detect unusual activity later.

For high-risk clients, it’s common to run additional background checks. This could include:

• Reviewing adverse media
• Performing sanctions screenings
• Commissioning intelligence reports

Where needed, institutions should also verify the source of wealth or source of funds involved in the business relationship.

Crucially, EDD doesn’t end at onboarding. Financial institutions are expected to refresh information periodically and monitor for significant changes—especially with corporate control, jurisdictional ties or transactional behavior.

What Triggers Enhanced Due Diligence?

Regulations in the U.S. (FinCEN), EU (4AMLD, 6AMLD), Canada (FINTRAC) and international bodies like the FATF specify clear EDD triggers. These include:

• Business relationships involving PEPs
• Clients or transactions tied to high-risk third countries
• Complex or opaque business structures
• Unusual or large transactions without an apparent purpose

In the EU, for example, any relationship involving a country on the FATF high-risk list requires EDD. Similarly, institutions must apply EDD when working with shell banks or processing certain types of cross-border transactions.

Emerging technologies have added urgency to enhanced due diligence. In its June 2025 update, FATF highlighted the growing role of stablecoins in on-chain illicit activity. These emerging technologies now drive a significant share of fraud, scams, and cross-border laundering. FATF warned that without coordinated oversight, stablecoin adoption could amplify financial crime risks globally.

In some cases, the regulator provides no explicit list. Institutions are expected to make informed judgments based on their internal risk assessments. FinCEN emphasizes that programs should be detailed enough to distinguish between significant variations in customer risk.

Beneficial Ownership EDD Requirements

Verifying beneficial ownership is a critical EDD component, especially for legal entity customers involved in higher-risk activities. Regulators in the U.S. and EU have established specific mandates:

• Obtaining additional identifying information from a wider variety or more robust sources and using the information to inform the individual customer risk assessment
• Carrying out additional searches (for example, verifiable adverse media searches) to inform the individual customer risk assessment
• Commissioning an intelligence report on the customer or beneficial owner to understand better the risk that the customer or beneficial owner may be involved in criminal activity
• Verifying the source of funds or wealth involved in the business relationship to be satisfied that they do not constitute the proceeds from crime
• Seeking additional information from the customer about the purpose and intended nature of the business relationship

In the European Union:

• The Fourth AML Directive (4AMLD) mandates that companies obtain and maintain current, accurate records of beneficial ownership.
• Member States must ensure access to UBO registries and require financial institutions to reference these during onboarding and monitoring.

EDD Responsibilities for Beneficial Owners include:

• Identifying all individuals with significant ownership or control.
• Verifying submitted corporate documents (e.g., articles of incorporation, partnership agreements).
• Performing sanctions, PEP and adverse media screenings on each beneficial owner.
• Using technologies like OCR and AI to extract and validate ownership data from official registries.

EDD requires not just identifying UBOs but assessing their risk independently. Their identities, source of funds, reputational standing and relationship to the customer must all be considered as part of a comprehensive EDD review.

Technology’s Role in EDD

Modern EDD processes often use technology to manage complexity and improve accuracy. Artificial intelligence (AI), natural language processing (NLP) and optical character recognition (OCR) are increasingly deployed to extract and analyze key data from official documents.

Trulioo’s Global Identity Platform enables real-time verification by connecting to government registries and automating checks on ownership, structure and compliance history. This not only reduces manual error but also speeds up decision-making.

Best Practices for Enhanced Due Diligence

Trulioo can support your EDD framework by automating core components of the customer onboarding and verification process. With access to global identity data sources, Trulioo helps financial institutions perform real-time KYC, KYB and UBO verification. These tools:

• Streamline documentation collection
• Screen for watchlists and sanctions
• Monitor ongoing compliance needs
• Operate within a single, integrated platform

A well-structured EDD program should include:

• Documented policies and a checklist for onboarding high-risk clients
• Clear justification and documentation of risk classifications
• Regular staff training on EDD obligations and emerging typologies
• The ability to explain and defend risk-based decisions to regulators

Blanket de-risking (denying high-risk clients outright) may reduce exposure, but it can also lead to missed business opportunities. A risk-based framework, as recommended by the FATF, allows for flexibility while maintaining compliance.

Final Thoughts

Enhanced Due Diligence is not just about ticking boxes—it’s about developing a deeper understanding of your clients and adapting to new threats. With regulatory pressure mounting and criminals becoming more sophisticated, institutions that invest in EDD today are better positioned to grow safely tomorrow.

This post was originally published in December 2017 and has been updated to reflect the latest industry news, trends and insights.