A Guide to Anti-Money Laundering for Crypto Firms

What is Enhanced Due Diligence?

AML Compliance Knowledge & Training

Enhanced due diligence (EDD) involves determining, based on a risk-based approach, to investigate particular clients more thoroughly – requiring significantly more evidence and detailed information about reputation and history to be collected.

EDD is especially relevant for high-risk or high-net-worth customers or those who conduct large or unusual transactions, which pose more significant risks.

Every year around $2tn in illicit cash flows through the global financial system despite governments, regulators, and financial institutions trying to maintain financial stability through new legislation, enforcement actions, and improved collaboration. 

For firms trying to protect against money laundering and terrorist financing (ML/TF), understanding customers is critical, and EDD is an in-depth know your customer (KYC) process that can help.

What is Enhanced Due Diligence Usually Required For?

All Financial Action Task Force (FATF) members must implement customer due diligence (CDD) requirements as part of their domestic AML/CFT legislation – as stated in Recommendation 10 of the FATF’s 40 Recommendations

Institutions should implement KYC/AML and all CDD measures for new business relationships, occasional transactions, if there is a suspicion of money laundering or terrorism financing, or unreliable documentation. Monitoring should be ongoing rather than a one-off obligation.

FATF identifies customer, country, and product money laundering risks in its CDD guidance. Enhanced due diligence may be required for persons or situations that present a greater risk, including:

  • A business relationship conducted in unusual circumstances – e.g., unexplained geographic distance between the firm and customer
  • Non-resident customers, or those subject to economic sanctions
  • Legal persons or arrangements that are personal asset-holding vehicles
  • Companies that have nominee shareholders or shares in bearer form 
  • Cash-intensive businesses
  • The beneficial ownership structure of the company appears unusual or excessively complex, or opaque
  • Countries without adequate AML/CFT systems
  • Countries subject to sanctions or embargoes or with significant levels of corruption or criminal activity
  • Countries funding or supporting terrorist activities or having designated terrorist organizations operating within their country
  • Private banking
  • Anonymous or non-face-to-face transactions or business relationships
  • Payments received from unknown or unassociated third parties

In Europe, under Article 18 of 4AMLD, any business located in a country on the high-risk third countries list requires EDD. 

Enhanced due diligence may also be needed for politically exposed persons (PEPs). FIs should take a risk-based approach to determine what measures to put in place and for how long.

How Does the Enhanced Due Diligence Process Work?

Following FATF guidance, companies should implement risk-based EDD measures that reflect the specific AML/CFT risk that individual customers present. These should include:

  • Obtaining additional customer identification materials
  • Establishing the source of funds or wealth
  • Applying closer scrutiny to the nature of the business relationship or purpose of a transaction
  • Implementing ongoing monitoring procedures

For many of the persons and entities identified, Enhanced due diligence will be a standard part of their relationship with a firm.

An alert could also trigger EDD in a transaction monitoring system if it’s flagged for further investigation. Additional information – either from a relationship manager or the client – may be needed, and firms should make internal and external inquiries to learn more about the customer and the transaction. 

Identify risks before they become threats

Ensure your firm has effective EDD measures in place. Screen against the world’s only dynamic global database of Sanctions and Watchlists, PEPs, and Adverse Media, in consolidated, structured profiles.

Learn more

Enhanced Due Diligence AML Requirements 

CDD regulations typically require firms to maintain records of the information they collect for at least five years. This includes copies of all identification documents (driving licenses, birth certificates, passports, etc.) and business documentation. 

Firms should be able to comply quickly and efficiently with requests for records from regulators and enable authorities to reconstruct individual transactions, including details of the amounts of money and types of currency involved. 

Where CDD measures create suspicion or reasonable grounds to suggest that a customer is involved in criminal activity, companies must report that information promptly to their jurisdiction’s financial intelligence unit (FIU) via a suspicious activity report (SAR).

Regulatory requirements will differ in local jurisdictions, so firms should check their operating areas.

While adverse media is not a regulatory requirement for enhanced due diligence, it can be a powerful tool. It may reveal involvement with money laundering, financial fraud, drug trafficking, human trafficking, financial threats, organized crime, terrorism, or other criminal activity.

Customer Due Diligence vs. Enhanced Due Diligence

There are three levels of due diligence – simplified, CDD, and EDD – and several characteristics that distinguish EDD from regular CDD policies:

  • Rigorous and robust: Enhanced due diligence policies require significantly more evidence and detailed information than essential regulatory obligations of customer identification, establishing ultimate beneficial ownership, and business relationship nature and purpose
  • Reasonable assurance: EDD requirements should provide “reasonable assurance” when calculating a KYC risk rating. Responsible investigators should complete all necessary research steps and exercise professional skill and judgment in making decisions
  • Detailed documentation: The EDD process must be documented in detail, with scrutiny on how data is captured and validating the reliability of information sources
  • PEPs: Special attention should be paid to PEPs, who are in positions that can be potentially abused for money laundering.

Effective enhanced due diligence measures are built on a combination of technology and expertise. 

As risk profiles and criminal behaviors evolve, firms must be as flexible and innovative with their approach to EDD as with other aspects of their AML/CFT policy. Technology provides valuable tools to facilitate EDD processes, but human vigilance is vital to spot and address new threats.

Find out more about the FATF recommendations you need to know.

Request a Demo

See how 1000+ leading companies are screening against the world's only real-time risk database of people and businesses.

Demo request

Originally published July 26, 2022, updated July 26, 2022

Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.

Copyright © 2022 IVXS UK Limited (trading as ComplyAdvantage).