In 2023, an estimated $3.1 trillion in illicit funds passed through the global financial system, reflecting the scale of financial crimes. This underscores the importance of effective monitoring and regulatory frameworks to combat money laundering and other illegal financial activities. 

Establishing proper controls is especially important when considering entering new business relationships, for example through mergers and acquisitions (M&A). That’s when deal-makers opt for enhanced due diligence. 

This article delves into Enhanced Due Diligence (EDD), highlighting best practices, real-world scenarios, and its distinctions from Customer Due Diligence (CDD) to enhance business strategies.

What is enhanced due diligence?

Enhanced due diligence (EDD) is a detailed assessment of high-risk individuals, businesses, or transactions. 

Unlike regular due diligence in M&A, it goes beyond basic checks to ensure compliance with anti-money laundering (AML) and combating the financing of terrorism (CFT) rules and involves obtaining additional identifying information. The goal is to define and mitigate potential risks from dealing with certain clients or activities.

To better understand how EDD works, let’s take a look at this enhanced due diligence example.

A tech company plans to buy a foreign business in a high-risk country, such as Iran. During the EDD process, they discovered one owner was involved in a past scandal, and some payments went to suspicious shell companies. They also find the country has weak anti-money laundering controls. As a result, the company lowers the deal’s value and adds strict compliance rules to protect against future risks.
Without EDD, the company could face legal, financial, and reputational damage. 

*Note: This is just an illustrative example that doesn’t involve real companies or events.

Key components of EDD

Here’s what enhanced due diligence measures typically include:

  • Corporate identity verification. EDD involves a deeper review of the organization’s structure, ownership, and ultimate beneficial owners (UBOs) to confirm legitimacy.
  • AML and CFT compliance. It ensures the client or transaction complies with international regulations by identifying potential connections to illegal activities.
  • Transaction pattern monitoring. It’s about analyzing the nature, frequency, and size of transactions to detect unusual patterns that may signal money laundering or fraud.
  • Background research. Checking public records, media reports, and regulatory filings to identify potential red flags, such as links to politically exposed persons (PEPs) or sanctions lists.
  • Risk assessment. Evaluating the overall risk profile based on geographic location, industry, and transaction behavior.

Enhanced due diligence vs. customer due diligence

Let’s start with a definition: what is customer due diligence? 
Customer due diligence (CDD) is the process of verifying a customer’s identity, understanding their financial activities, and assessing their risk level. It involves collecting basic information like identification documents, business registration details, and the purpose of the customer’s business relationship with the organization to ensure compliance with AML laws.
On the surface, the customer due diligence process looks similar to enhanced due diligence services. However, they’re different. Here’s how:

AspectCDDEDD
PurposeStandard process for all customersExtra scrutiny for high-risk customers or transactions
Risk levelApplied to low- and medium-risk customersFocuses on high-risk customers or activities
Depth of investigationCollects basic information, such as identity and business detailsInvolves deeper checks, such as tracing ownership and background research
ExamplesVerifying ID for a new clientInvestigating ties to sanctions or unusual transactions

Therefore, the main difference between CDD and EDD is that CDD involves basic identity checks for all customers, while EDD requires deeper investigations for high-risk customers or transactions.

Why is enhanced due diligence critical?

Simply put, enhanced due diligence helps mitigate risks of financial and reputational damage. 

A great example of insufficient EDD is HSBC’s money laundering scandal in 2012. The bank failed to prevent illicit transactions linked to drug cartels and other illegal activities. This oversight led to a $1.9 billion fine and damaged its reputation. 

These are the main aspects EDD helps businesses with:

  • Compliance risks. Failing to conduct due diligence can lead to serious consequences, including heavy financial penalties, legal action, and damage to a company’s reputation if it unknowingly engages with high-risk or illicit entities.
  • Regulatory compliance. EDD helps businesses comply with AML and CFT laws by providing a deeper understanding of customers and ensuring no connections to illegal activities or financial crime.
  • Risk mitigation. EDD is crucial for identifying and managing high-risk entities, such as those with complex ownership structures, ties to sanctioned individuals, or operations in risky industries or regions, protecting businesses from hidden liabilities.

Conducting enhanced due diligence: Best practices

Here are a few recommendations to ensure effective enhanced due diligence:

  1. Identify high-risk customers. Start by setting clear criteria to recognize high-risk customers. These may include businesses operating in high-risk countries, clients with complex ownership structures, or those engaging in unusually large transactions. By identifying these risks early, you can prioritize deeper investigations and safeguard your operations against potential fraud or legal violations.
  2. Apply a risk-based approach. Customize your due diligence efforts based on the individual customer risk assessment. High-risk clients require deeper scrutiny, while lower-risk clients may only need basic checks. This approach ensures that resources are efficiently allocated to the most critical cases while maintaining compliance with regulations.
  3. Verify ownership and financial records. Take a close look at who actually owns the business and where the funds are coming from. Ultimate beneficial ownership checks help uncover hidden connections to sanctioned individuals or illicit activities. Scrutinize financial documents for inconsistencies, such as unexplained income or discrepancies in records, to ensure transparency and legal compliance. It often includes commissioning an intelligence report.
  4. Monitor transactions. Ongoing monitoring of customer transactions is key to spotting suspicious activities early. Regularly review transaction patterns to detect anomalies, such as sudden large transfers or dealings with high-risk regions. Continuous monitoring provides a dynamic approach to addressing emerging risks and ensures your organization stays proactive.
  5. Include on-ground verification. It involves physically checking and confirming the legitimacy of businesses and clients. This can include site visits, interviews with key personnel, or contacting local authorities to verify information. By engaging with the actual business environment, you can better understand the risks associated with a customer and ensure compliance.
  6. Document and report findings. Thoroughly document every step of the due diligence process in the customer’s risk profile and report any suspicious findings to the relevant authorities. Proper documentation serves as proof of compliance and helps defend your actions in case of an investigation. To make these processes easier and more accurate, opt for using an enhanced due diligence checklist.
  7. Use advanced tools. Modern technology, like AI-driven platforms, makes enhanced due diligence faster and more accurate. These tools can analyze large datasets to uncover hidden patterns, flag suspicious activities, and reduce human error. Investing in the right technology helps maintain compliance while saving time and resources. 

Additional read: Explore how to craft a structured financial due diligence checklist that makes target’s review faster and more efficient.

When is enhanced due diligence necessary?

Now, let’s take a look at the main cases when conducting enhanced due diligence is essential:

  • High-risk countries. Countries such as North Korea, Iran, Venezuela, and Afghanistan are often considered high-risk due to their lack of strong anti-money laundering controls and exposure to corruption. Businesses dealing with clients from these regions should apply EDD to carefully assess and manage risks associated with illegal financial activities.
  • Politically exposed persons. PEPs are individuals who hold significant public positions, such as government officials or high-ranking politicians. Due to their influence, they may be more vulnerable to bribery or corruption, making EDD crucial to monitor for any illicit activities.
  • Complex ownership structures. Some businesses have intricate ownership networks designed to conceal the true beneficial owners. EDD is necessary to trace ownership and uncover any hidden risks, such as links to criminal organizations or illegal financial activities.
  • Unusual transactions. Large, sudden, or atypical transactions can indicate money laundering or fraud. When these transactions don’t match a client’s usual pattern of behavior, EDD ensures that the sources of funds and the reasons for the transactions are thoroughly verified.
  • New or unfamiliar clients. When entering into relationships with new customers or businesses, especially those without a clear financial history, conducting EDD is vital. This helps to verify the legitimacy of the client and their sources of wealth, reducing the risk of fraud or financial crimes.
  • Cross-border transactions. International business and investments involve additional risks, such as different regulatory environments and the potential for money laundering. EDD is essential to track and analyze cross-border transactions to ensure compliance with anti-money laundering laws and avoid involvement in illegal activities.
  • High-risk industries. These include real estate, casinos, luxury goods, virtual assets like cryptocurrency, and correspondence banking where financial institutions establish relationships with foreign banks. For example, a casino may facilitate money laundering through large cash transactions, or a real estate company may be used to hide illicit wealth by over- or under-valuing properties. EDD helps identify red flags and ensure compliance within these high-risk sectors.

Red flags in enhanced due diligence

Here are some examples of the most frequent red flags to look out for during enhanced due diligence. We divide them by individual, corporate, and transaction risks.

Individual risks

  • Resistance to compliance measures. Reluctance to provide required documentation, delays in response, or refusal to cooperate with due diligence checks.
  • Unexplained wealth. Sudden increases in assets or income that don’t align with a person’s known occupation or financial history.
  • Links to sanctioned legal entities. Direct or indirect connections to individuals or organizations on government sanctions lists.
  • Inconsistent personal history. Gaps or contradictions in personal background information or a lack of verifiable records.
  • Unclear source of funds. Difficulties in explaining how wealth or assets were accumulated, especially in cases of sudden large deposits.

Corporate risks

  • Bearer shares and nominee shareholders. Use of bearer shares (unregistered shares) or nominee shareholders to conceal actual ownership and control of a company.
  • Incorporation in high-risk jurisdictions. Registration in countries with poor AML practices or tax havens known for weak financial regulations.
  • Inconsistent financial records. Discrepancies between reported earnings and actual financial activities, hidden liabilities, or altered financial statements.
  • Unusual business activities. Companies operating in sectors known for high money laundering risk, such as casinos, real estate, or online gambling.
  • Lack of transparency in operations. Companies that are reluctant to share information about their business practices, clients, or operational details.

Transaction risks

  • Frequent amendments. Multiple changes to transaction details or terms, especially if it seems to bypass reporting thresholds or regulations.
  • Structuring of transactions. Transactions designed to avoid detection, such as splitting large payments into smaller ones to stay below reporting limits.
  • Below-threshold transactions. Multiple small transactions just under the reporting limit, suggesting an attempt to evade mandatory reporting or detection.
  • Involvement with high-risk assets. Engagement in transactions involving high-risk assets like cryptocurrencies, precious metals, or other hard-to-trace goods.
  • Unexplained cross-border payments. Large or frequent international transfers, especially to or from countries with weak financial oversight.
  • Complex or non-standard payment methods. Using unconventional payment channels like prepaid cards or online money transfers that can be difficult to trace.

Streamlining enhanced due diligence with virtual data rooms

Virtual data rooms (VDRs) are a reliable solution for managing enhanced due diligence. 

VDRs offer due diligence capabilities that ensure smooth and secure EDD. Here are some of the most common VDR features that benefit EDD participants:

  • Q&A workflows. These enable smooth collaboration by allowing parties to post questions, assign experts, and get prompt and informative answers, which significantly improves communication among stakeholders.
  • Secure data repository. VDRs ensure data is encrypted and provide robust audit trails, making it easier to track access and maintain security. Moreover, there are various document security features such as watermarking or redaction which ensure confidential data stays protected.
  • Role-based access. Permissions can be customized to control who sees what information, ensuring data is shared securely. Virtual data room administrators decide who can view, download, or edit each document.
  • Customizable workspaces. VDRs offer branded environments and clear user agreements, enhancing trust among users. What’s more, the most advanced providers offer multi-project management capabilities, which enable conducting several due diligence processes simultaneously.

These features collectively boost security, streamline workflows, and centralize data management, making the EDD process more efficient and transparent.
Additional read: Learn more about due diligence data rooms in Canada and their offerings in our dedicated article.

Key takeaways

  • Enhanced due diligence is a detailed assessment of high-risk individuals, businesses, or transactions.
  • Unlike customer due diligence, EDD ensures a deeper understanding of a customer’s or potential partner’s background.
  • Key EDD measures include corporate identity verification, AML and CFT compliance, transaction pattern monitoring, background research, and risk assessment.
  • Conducting EDD is essential when dealing with high-risk countries, politically exposed persons, complex ownership structures, unusual transactions, new clients, cross-border transactions, or high-risk industries.