How to Conduct Enhanced Due Diligence Properly

When it comes to AML compliance, the basic checklist will tell you almost everything you need to know. However, there are a couple of other factors that might have slipped your radar. If you look specifically at KYC, for instance, you’ll find that high risk customers require some additional resources before you can proceed with complete compliance. 

So while basic Customer Due Diligence is necessary for any bank or other financial institution, the concept of Enhanced Due Diligence (EDD) might not be as familiar. If that’s the case, here’s what you need to know:

What is Enhanced Due Diligence 

To comprehend Enhanced Due Diligence you’ll need to understand why it’s necessary and where it comes from. First, it’s important to understand the general definition of Anti-Money Laundering (AML), which refers to a set of laws, regulations, and procedures that prevent fiscal crime. 

In addition, taking the fundamental steps to Know Your Customer (KYC) are essential in order to ensure AML compliance, which is required for any U.S. financial institution. Within KYC regulations, there is a process called Customer Due Diligence (CDD), which typically involves identifying your customer and validating their activities. 

If necessary, companies may need to perform EDD, which consists of the processes and procedures to handle high risk customers and large financial transactions. Because EDD is not always necessary, it’s critical you know exactly when it may be required to avoid wasting resources.

When is Enhanced Due Diligence Necessary 

As mentioned earlier, Enhanced Due Diligence is generally required when a customer is deemed high risk. More specifically, during risk analysis, there are a few red flags that would trigger EDD Regulations:

  • Most of their clients are foreigners or non-residents

  • Legal persons are personal asset-holding vehicles

  • The customer, their family members, or known associates are Politically Exposed Persons (PEP)

  • Presence of nominee shareholders or shares in the company’s bearer form

  • Cash-intensive businesses

While red flags directly related to customer identity may be the most obvious to spot, there are other components you must keep in mind.

What Are The Main EDD Factors 

There are several factors that the EDD process is comprised of:

  • Risk assessment: this involves determining whether or not the customer is considered high risk, as outlined in the previous section

  • Geographical factors: location may also play a role in determining whether the customer is high risk, i.e. countries without enforced AML compliance such as North Korea or Iran, or countries who have financial involvement with terrorist groups such as Syria or Sudan

  • Additional factors such as private or correspondent banking

If you come across any of these factors, it’s crucial to understand what the next steps involve.

EDD Regulation Steps 

While the previous sections help you determine when EDD Regulations will need to kick in, you may find yourself wondering what the correct procedure would be to make sure your EDD efforts are AML compliant. 

  1. Perform risk assessments: begin the process by identifying and dividing those customers who will require a standard CDD vs. EDD procedures

  2. Identity authentication: you must then verify the customer’s identity, which will require a reliable third-party database

  3. Identify source of funds/income: ensure that the source is legitimate and that the customer is not disguising an illegally obtained fund

  4. Obtain background info: this may also require you to consult a third-party database

  5. Keep record of all transactions especially if the customer is deemed high risk: the government requires certain record-keeping practices for various forms, for instance, CTRs and SARs files must be kept 5 years after filing

  6. Comply with General Data Protection Regulation (GDPR) if necessary: the GDPR is a new, privacy and data protection law that is required for any business within or involved with the EU

  7. File Suspicious Activity Report (SAR) if necessary: the SAR is the standard form to report suspicious financial activity, essentially any activity out of the ordinary

Conduct EDD Accurately with Intellicheck

Handling risk through general KYC and Enhanced Due Diligence is absolutely essential to ensuring that your financial institution maintains its AML compliance. As mentioned above, the effectiveness of two key steps to EDD regulation rely on a third-party base that can be trusted, such as Intellicheck

Intellicheck is a highly accurate ID authentication program that is trusted by companies and institutions nationwide. It is one of the most effective systems at catching fake IDs in real-time with a guaranteed 99% accuracy. With Intellicheck, you can ensure your financial institution is conducting EDD efficiently and accurately all while staying AML compliant.


To see a recorded demo, click here.

A transaction takes place every time you scan /validate an ID.

The transactions that you purchase are available for use for up to one year from the purchase date. When you run out of transactions, you automatically purchase another bucket of the same number of transactions that you originally purchased.

Groups allow you to set-up notifications that are shared across a specific set of devices. For instance if you marked a person as “do not serve” that alert would show when their ID was scanned by any user in the group.

Once you fill in the application form and are approved for purchase, you will be sent a credit card payment link. Once you have made your first payment, then Intellicheck will get you set up and ready to go.

Intellicheck Mobile is the app that your employees use to scan IDs. Once you have your account set-up, you can go to the Apple App Store or Google Play Store to download it for your device. Google Play Store Apple App Store

Standard pricing includes up to 5 devices. These devices will require a separate login, and can be set on the Intellicheck Admin Portal. Customers receive a link to the Admin Portal after they are set up.