An Essential Guide to Enhanced Due Diligence in 2024

Abiding by anti-money laundering legislation sometimes means taking customer due diligence one step further by conducting enhanced due diligence but what does that actually mean and when is it required?


    If you need help with understanding Enhanced Due Diligence, you’ve come to the right place. In this essential guide, we’ll explain the difference between PEPs and sanctions, discuss when to run Enhanced Due Diligence checks, and give examples of a few common mistakes in the EDD process.

    What Is a PEP?

    A Politically Exposed Person (PEP) is someone appointed by an institution or governing body to do a high-profile job or role. PEPs are usually public figures in positions that make them responsible for the general public in some way.

    Some examples of PEPs are:

    • Heads of state or government
    • Members of parliament
    • Members of the High Court or Supreme Court
    • Ambassadors to other countries
    • People working in embassies or consulates.

    PEPs are more targeted for corruption and bribery due to the public nature of their position. The relatives and close associates (RTAs) of people in these high-profile roles are also considered PEPs.

    What Are Sanctions?

    Sanctions are legal stipulations that prevent people from dealing with certain people, organisations or countries. If someone is sanctioned (i.e. on a sanctions list), they are forbidden from engaging in economic activities, such as buying or selling property.

    These are usually people, groups or nations deemed by another country’s government to be corrupt in some way or more susceptible to fraudulent activity.

    What’s the Difference Between PEPs & Sanctioned People?

    PEPs and sanctioned people are often discussed in the same context, but there are some key differences.

    PEPs are people at a higher risk of corruption. Their public profile means they might be targeted for blackmail or bribery, so you need to carry out additional customer due diligence (CDD) checks, known as enhanced due diligence (EDD), before you carry out any large transactions with them.

    People on sanctions lists have been legally identified as corrupt or problematic in some way. You are legally obliged to cease all economic activity with sanctioned people and report them to the relevant authorities.

    How Can I Find Out if Someone Is a PEP or on a Sanctions List?

    We answer this question and many more in our in-depth full PEPs and Sanctions which you can get by completing the the form above or visit our online PEPs and Sanctions guide here.

    What should Enhanced Due Diligence entail?

    The big question we often get asked is what do I have to do to prove I’ve conducted Enhanced Due Diligence on a customer. While a clear checklist that all regulators have approve of would be ideal the truth this just doesn’t exist for a very good reason. Your AML processes should operate on a risk-based approach and depending on your market the risks will differ and therefore so should your due diligence.

    The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 – 33.5

    Depending on the requirements of the case, the enhanced customer due diligence measures required under paragraph (1) may also include, among other things—
    (a) seeking additional independent, reliable sources to verify information provided or made available to the relevant person;
    (b) taking additional measures to understand better the background, ownership and financial situation of the customer, and other parties to the transaction;
    (c) taking further steps to be satisfied that the transaction is consistent with the purpose and intended nature of the business relationship;
    (d) increasing the monitoring of the business relationship, including greater scrutiny of transactions.

    For example, as a letting agent you might be working on a behalf of a landlord leasing out a industrial space they own. You are approached by a potential tenant before the property is even marketed. In addition to your normal due diligence you may want to investigate whether there are links to landlord, such as been linked to the same company or same address.

    Examples of Enhanced Due Diligence could include:

    • Running adverse media checks
    • Gathering additional forms of identity
    • Gathering additional evidence of funds being used
    • Confirming the details of their employer
    • Checking a customers address over a longer period

    Does the information they provided collerate with the evidence they’ve given.

    Enhanced Due Diligence & High-Risk Countries

    Certain countries are considered high risk for money laundering and corruption. In some instances, it’s worth running enhanced EDD before deciding to work with clients or groups from these high-risk countries.

    The Financial Action Task Force (FATF) aims to reduce corrupt practices by highlighting these high-risk countries. The FATF examines countries’ regimes and policies relating to AML and counter-terrorism financing (CTF) to decide whether those controls are lacking. Based on this, it categorises high-risk countries into one list for countries that should be avoided and another for countries that should be more closely monitored.

    Working with Overseas Clients

    Despite these lists of high-risk countries, you still need to use your own judgement when deciding whether to run enhanced due diligence checks on people from those countries.

    If someone was born in Iran (a country on the FATF’s high-risk list), this doesn’t necessarily mean the individual person is at a high risk of criminal activity. If they still live in Iran, you’ll need to run EDD, as it’s a country. However, if you have proof that they’re now living in the UK and have a UK bank account, that generally means this person wouldn’t need EDD.

    Your main consideration shouldn’t be where the person was born but where they currently reside and where their Source of Funds originates from. If it’s savings earned from a UK-based job, then this is generally fine and doesn’t require enhanced due diligence. But if a relative based in Iran gave them all or some of the funds, this would raise some questions, so you should conduct additional checks.

    About the Financial Action Task Force
    The Financial Action Task Force (FATF) is an intergovernmental organization founded in 1989 by the Group of Seven (G7) nations to combat money laundering, and later, terrorist financing and other financial crimes. It comprises 39 members, including major financial centres worldwide, and sets international standards through its recommendations. The United Kingdom has been a member of FATF since 1990. FATF evaluates member countries’ compliance with these standards and identifies high-risk jurisdictions through its “blacklist” and “grey list.” Its work significantly influences global financial regulations, ensuring transparency and security in the international financial system.

    Other Reasons to Perform Enhanced Due Diligence

    Discovering whether someone is classified as a PEP or sanctioned is an essential aspect of enhanced due diligence, but there are a few other situations where EDD should also take place.

    Previously, companies carrying out due diligence applied EDD only to non-UK nationals. However, a change to AML legislation in 2017 means that EDD checks now also apply to native Brits if there are other factors at play. This regulation update helps prevent discrimination and ensures no high-risk people are missed.

    Here are a few additional reasons why you may need to apply EDD, no matter where your client is from.

    Complex Company Structures

    Let’s say you have a company as a client, but when you investigate that company, you find out it’s owned by another company. On researching the parent company, you might discover that the owner of the first company is actually owned by a third business.

    Instances like this indicate a higher risk profile, as the client has gone to great lengths to hide their identity. If you’re ever unclear as to who the person you’re dealing with is, you should carry out EDD and look further into the situation to establish who the Ultimate Beneficial Owner is.

    No Face-to-Face Meetings

    It’s widely accepted that if you haven’t met a client in person that it’s a more high-risk situation as it not only posses the risk of money laundering but also fraud. Before recent technological advances, the only way to confidently verify someone’s identity was in person or rely on counterparties. Nowadays, however, it’s easier to verify someone’s ID remotely using new technology like our ID check.

    Even with this technology its still not always possible to carry out ID checks remotely. Some people may not have access to a smartphone in order to complete a check or have the appropriate forms of documentation. In this scenarios, you should think about it on a case-by-case basis instead of setting rigid rules, and if you still feel uneasy about not meeting a client in person, you can carry out EDD checks.

    Reliance on counterparties

    Not all transactions are straight forward involving singular parties on both sides. You could have transactions involving multiples parties, you could have transactions that involved trusts, or parties that want to strictly work through their solicitor / a designated proxy. In these scenarios, you may have to rely on others parties like a solicitor to verify who you working with. If you are relying on checks from our parties then this should be documented along with any additional due diligence that scrutinises the counterparty themselves.

    Ongoing Enhanced Due Diligence

    After carrying out your initial CDD or EDD processes and confirming that you can continue the working relationship with a client, you need to continue monitoring them to ensure their status doesn’t change over the course of your transaction.

    As part of AML regulations, you need to keep monitoring for changes in their PEP or sanctioned status and to ensure they don’t join any watchlists. You must also confirm that the source of funding doesn’t change before completing the transaction.

    For example, if you run a PEP check on a new client and everything is clear (i.e. they aren’t a PEP), you might think that’s the end of your job. However, if they change jobs a few weeks into the transaction, they might become a PEP – or they could become the RTA of a PEP.

    Ongoing monitoring is important to help you flag this type of change. If someone is newly identified as a PEP, your MLRO will need to sign off on the transaction before you go ahead.

    How Long Should I Continue EDD Monitoring?

    AML legislation doesn’t specify a set frequency or duration for CDD and EDD monitoring. However, best practice dictates that you should continue monitoring your clients for the duration of the transaction in question.

    If you’re an estate agent dealing with a short-term, finite transaction, you might only need to do CDD and EDD at the beginning of your dealings with the customer. The chances of somebody’s situation changing over the course of six to 12 weeks are probably low.

    On the other hand, banks would run these types of checks every day, maybe even several times a day, as things can change very quickly in the financial industry.

    Certain transaction types might benefit from continuous monitoring, while others might be sufficient just at the beginning. For example, a company formation agent dealing with a one-off new business might only need to carry out CDD once. But if the agent is filing that company’s documentation each year, it’s worth keeping an eye on things more often.

    Overall, you can apply common sense and find a routine that works for your business and the specific transactions you’re dealing with. The legislation requires a risk-based approach to money-laundering checks, so use your best judgement in each case.

    Common Mistakes with Enhanced Due Diligence

    Here are some of the most common mistakes that apply to EDD:

    No documented processes/policies
    While most firms will have refer to the need to conduct EDD withing their policies there is often little detail as to what that should entail. A lack of detail and training will lead to CDD/EDD checks being inconsistently applied in similar situations.

    Only running EDD checks on people from oversea customers
    Some firms incorrectly believe that EDD does not apply to UK natives. While recent guidance has reduced the risk of UK domestic PEPs, EDD still applies. Firms that only run EDD on non-UK native could been seen to be discriminating against certain clients.

    Failure to notify the MLRO / Nominated Officer
    Money Laundering Regulations clearer state that any decision to continue to work with high-risk customers such as PEPs requires confirmation and review by the firms MLRO / nominated officer. For all customers, regardless of PEP status, there should be a documented risk assessment that has been appropriately signed-off.

    Mistakes like this can increase the risk of fraudulent activity and money laundering.

    Technology and software now exist that can help prevent these CDD and EDD mistakes. Software can help you make better-informed decisions about your potential customers and remove some of the burden of performing these checks.

    Fortifying your Enhanced Due Diligence Operations

    Navigating AML legislation can be tricky. What’s consider Enhanced Due Diligence for one set of customers or transaction type might not be the same for another. Understanding the nuances of different risks and when to commit to Enhanced Due Diligence is vital in adhering to the AML regulations.

    By embracing best practices and leveraging technology where possible, you can fortify your AML efforts and uphold the integrity of your operations.