Enhanced Due Diligence, or EDD, is the additional level of scrutiny a firm applies where a customer, relationship, transaction, or jurisdiction presents a higher risk of money laundering, terrorist financing, sanctions exposure, fraud, or other financial crime. The FCA states that where the money laundering risk associated with a business relationship is increased, firms must carry out additional, enhanced due diligence and enhanced ongoing monitoring. FATF’s standards similarly require enhanced measures for higher-risk situations as part of the risk-based approach.
In the financial crime environment, EDD is important because standard customer due diligence is not always sufficient to understand more complex or higher-risk relationships. Some customers, structures, products, or geographies create a greater risk that the firm could be used to conceal criminal ownership, move illicit funds, evade sanctions, or facilitate corruption or other abuse. In those cases, the institution is expected to go beyond basic identification and verification and build a deeper, more defensible understanding of who the customer is, how the relationship will be used, and why the risk is acceptable. The FCA’s recently published findings from its 2025 review of firms’ CDD and EDD controls underline that regulators continue to treat EDD as a live supervisory priority.
From a professional perspective, EDD is not a separate control universe. It is the higher-risk extension of CDD. Standard due diligence establishes baseline identity and relationship understanding. EDD adds more depth, more challenge, more corroboration, and more frequent or intensive monitoring. This often includes deeper analysis of beneficial ownership, source of funds, source of wealth where relevant, expected activity, ownership chains, counterparties, political exposure, geographic exposure, and the rationale for using the product or service. The FCA’s guidance links EDD directly to increased risk and to enhanced ongoing monitoring, while FATF frames it as part of the proportionate response required in higher-risk situations.
A key principle is that EDD should be risk-based rather than formulaic. Higher-risk relationships do not all require exactly the same additional steps. The required depth depends on what is driving the risk. A politically exposed person may require deeper source-of-wealth understanding and senior approval. A complex corporate structure may require a much more detailed beneficial ownership analysis. A customer connected to a higher-risk jurisdiction may require stronger scrutiny of counterparties, transaction purpose, and control environment. FATF’s standards are explicit that countries and firms should apply enhanced measures in higher-risk scenarios, but within a broader risk-based framework rather than as a one-size-fits-all checklist.
In practical terms, EDD is especially relevant in relationships involving politically exposed persons, complex legal entities, correspondent banking, private banking, high-risk sectors, unusual source-of-funds patterns, sanctions-sensitive activity, or jurisdictions subject to significant AML/CFT concerns. FATF’s public lists of high-risk jurisdictions and its guidance on PEPs and correspondent banking illustrate the kinds of contexts in which higher-risk measures become necessary.
This is why EDD is closely tied to ongoing monitoring, not just onboarding. A high-risk relationship cannot be assessed once and then treated as static. The FCA’s guidance expressly refers to both enhanced due diligence and enhanced ongoing monitoring, which means the institution is expected to revisit the customer relationship more often and with greater intensity where risk is elevated. In practice, that can mean more frequent reviews, lower tolerance for unexplained activity, tighter escalation thresholds, and stronger management oversight of unusual behavior.
The U.S. framework shows the same principle, although it is expressed in more sector-specific rules. FinCEN’s Section 312 materials state that U.S. financial institutions must apply due diligence and, in some cases, enhanced due diligence to certain correspondent accounts for foreign financial institutions and private banking accounts for non-U.S. persons. FinCEN also notes that enhanced due diligence is designed to be risk-based and flexible in implementation. That shows EDD is not only a general AML concept; in some areas it is a specific regulatory obligation tied to especially sensitive relationship types.
A professionally mature EDD framework therefore depends on more than collecting more documents. It requires institutions to ask better questions, verify information more rigorously, challenge implausible explanations, and ensure that higher-risk customers are subject to proportionately stronger governance. Senior approval, specialist review, documented rationale, and stronger alerting and monitoring often become part of the control response. The FCA’s latest review findings on firms’ CDD and EDD controls reinforce that regulators are looking not just for policy statements, but for evidence that firms’ EDD processes actually work in practice.
Ultimately, Enhanced Due Diligence is a core control discipline in the financial crime environment because it is the mechanism firms use when ordinary due diligence is not enough. It ensures that higher-risk relationships receive deeper scrutiny, stronger challenge, and closer monitoring before and during the life of the relationship. Without effective EDD, firms are more likely to misunderstand high-risk customers, miss warning signs, and provide financial access to individuals or structures they do not properly understand.
