Skip to main content

A Guide to Enhanced Due Diligence (EDD)

24 March 2025
Two business professionals collaborating on a laptop in a modern office setting.

To stay vigilant against financial crime such as money laundering and terrorist financing, law firms must take a risk-based approach towards the clients and matters that they deal with. “Know Your Customer” (KYC) encompasses a series of important checks and monitoring that legal professionals must undertake at the start of (and during) business relationships. 

There are 3 core components of KYC - Customer Identification/Verification, “Customer Due Diligence” (CDD), and Ongoing Monitoring. Although CDD applies to many, some clients or instructions with a higher risk profile require further or deeper consideration, a process known as “Enhanced Due Diligence” (EDD) - this article will outline what EDD is and when it is required. 

What Is Enhanced Due Diligence, and Why Is It Important?

Enhanced Due Diligence is a rigorous risk assessment and monitoring process that should be applied when encountering high-risk clients, transactions or situations. It goes beyond standard (or ‘Regular’) Customer Due Diligence by requiring additional documentation, in-depth identity verification, further examination of sources of wealth and ongoing monitoring to prevent financial crime from occurring. 

EDD is vital in identifying illicit activities that may be obscured through complex financial transactions, most notably during the layering stage of money laundering. It also helps reduce false positives - instances where legitimate customers are mistakenly flagged - by applying a more nuanced, risk-based approach rather than relying solely on automated alerts.

EDD vs CDD vs SDD - How Are They Different?

To avoid confusion, let’s break down the three different due diligence measures:

Illustration depicting the three levels of due diligence

  • Simplified Due Diligence (SDD): Used for the lowest-risk clients, such as companies listed on the UK stock exchange. Relatively simple checks are typically required at the outset, as the risk of money laundering is deemed low.
  • Regular Due Diligence (RDD): General verification controls for most clients and situations, involving identity verification, source of wealth checks and risk assessments. Used in routine transactions where the risk is moderate.
  • Enhanced Due Diligence (EDD): Applied to high-risk clients, such as Politically Exposed Persons (PEPs) or those in high-risk countries, and in certain other situations. Requires extensive background checks, source of funds verification, and ongoing monitoring.

When Is Enhanced Due Diligence Required?

Firms are required to apply EDD in any of the following situations:

  • When Politically Exposed Persons (PEPs) and their associates are clients or donors on a matter.
  • In any matter identified as one where there is a high risk of money laundering or terrorist financing.
  • In any matter where there is potential for the risk of proliferation financing.
  • In any business relationship with a person established in a high-risk third country (or country bordering a high-risk country) concerning any relevant transaction where any of the parties to the transaction are established in a high-risk third country (or country bordering a high-risk country).
  • In any matter where the fee earner or firm discovers that a customer/client has provided false or stolen identification documentation or information, and the fee earner or firm proposes to continue to deal with that customer/client.
  • In any matter where a transaction is complex or unusually large.
  • If there is an unusual pattern of transactions, or the transaction or transactions have no apparent economic or legal purpose.
  • In any other case, which by its nature can present a higher risk of money laundering or terrorist financing.

CDD obligations must be documented within each firm’s Policies, Controls and Procedures. The scenarios listed above must be included within these PCPs, ensuring that all relevant staff are aware as to when this extra layer of scrutiny must be applied. The Solicitor’s Regulation Authority (SRA) expects to see thorough documentation of this during their thematic AML inspections. 

When Should Enhanced Due Diligence Also Be Carried Out?

EDD should ideally be conducted on:

  • Individual clients who firms do not meet face-to-face.
  • A risk-sensitive basis in general. 
  • Any matter involving unusual methods of funding or payment. 
  • Any business relationship with a person established in a country bordering a high-risk country, concerning any relevant transaction where any of the parties to the transaction are established in a country bordering a high-risk country.

When Is a Client Classed as “High Risk”?

Classifying a client as being high risk depends on both the inherent characteristics of the client and the specific nature of the transaction. In legal practice, this assessment is broken down into two main aspects: client risk, and matter risk

Client Risk

  • Background and Identity: Those with complex beneficial ownership structures, offshore entities, or involvement with PEPs may raise red flags
  • Geographical Factors: Clients who are located in or transacting with high-risk countries (such as those with weak AML frameworks) are considered to be higher risk. 
  • Business Profile: By operating in high-risk or cash-intense industries, such as gambling, cryptocurrency, or arms trading, a client’s risk profile is elevated. 

Matter Risk

  • Complex Transactions: Unusually large, complex, or frequent transactions can indicate an elevated risk, especially if they lack a clear rationale. 
  • Source of Wealth: Wealth or funds which cannot be verified or are ambiguous may increase the risk level, particularly when funds originate from high-risk third countries or neighbouring countries.
  • Nature of Engagement: Certain types of matters, such as cross-border transactions, can inherently pose a greater risk due to the layers of financial activity involved. 
  • Concerns about the other side: Where there are any of the above concerns about a party on the other side.

EDD should be applied when either client risk or matter risk is elevated. For example, if a client’s background or profile presents inherent risks, or a particular transaction involves a complex nature, EDD will be required. In cases where either or both aspects indicate a heightened risk, implementing EDD measures ensures a more thorough verification process.

High Risk Third Countries

The Money Laundering Regulations 2017 (MLRs) require that regulated firms in the UK apply EDD to transactions involving “high-risk third countries” (HRTCs). As outlined by the Financial Action Task Force (FATF), the current list of “jurisdictions under increased monitoring” and “high-risk jurisdictions subject to a call for action” (as of February 2025) include the following countries or territories:

  • Algeria
  • Angola
  • Bulgaria
  • Burkina Faso
  • Cameroon
  • Cote d'Ivoire
  • Croatia
  • Democratic Republic of the Congo
  • Haiti
  • Kenya
  • Lao PDR
  • Lebanon
  • Mali
  • Monaco
  • Mozambique
  • Namibia
  • Nepal
  • Nigeria
  • South Africa
  • South Sudan
  • Syria
  • Tanzania
  • Venezuela
  • Vietnam
  • Yemen

How Is Enhanced Due Diligence Performed?

To conduct a more in-depth verification check on a higher-risk client, there are several steps in which legal professionals are required to conduct: 

1. Client Identification and Risk Assessment

The firm begins by verifying the client’s identity using official documents, such as a passport, and conducts a comprehensive risk assessment. This includes evaluating the client’s background, business activities, and whether they are a PEP

2. Verifying the Source of Funds & Wealth

The next step involves collecting and reviewing documents such as bank statements, income records, or tax returns to confirm the legitimacy of the client’s funds and overall wealth. This helps to ensure that the financial resources are not linked to illicit activities. 

3. Ongoing Monitoring and Transaction Reviews

Once the initial verification is complete, the firm implements continuous monitoring systems. These systems track transactions in real time, flagging any unusual or suspicious patterns that may indicate money laundering or other financial crimes. 

4. Additional Provision of Documentation

For high-risk clients, additional documentation is often required. This might include detailed business records, financial statements, or other evidence that sheds light on the client’s financial dealings and business activities. 

5. Cross-Checking Against Sanction Lists

The firm conducts regular screenings of the client against international sanction lists, watchlists, and PEP databases. This helps to identify any affiliations or activities that could pose additional risks.

6. Further Monitoring and Reporting

As a final step, the firm maintains a robust system for continuous monitoring and reporting. Any suspicious activities detected during transaction reviews are promptly documented and reported to the firm’s money laundering reporting officer (MLRO), ensuring firm-wide compliance. 

Challenges in Implementing Enhanced Due Diligence

Although EDD is an essential process when elevated risk is present or anticipated, it does come with some challenges. EDD: 

  • Can be complex and resource-intensive, especially for smaller firms. 
  • Requires sensitive client data, which can sometimes raise concerns about data privacy. 
  • Needs a balance between compliance and client experience, which can be a challenge.
  • Is more time-consuming than standard verification checks.

Improper execution of EDD can result in fines or sanctions by the SRA, leading to reputational damage.

Supporting Best Practice for Effective Enhanced Due Diligence

There are several things that firms can do to support and bolster the value of EDD checks, such as:

  • Using electronic Know Your Customer (eKYC) for more efficient and robust screening. 
  • Establishing a risk-based approach to due diligence, helping to reduce false positives.
  • Training all relevant employees in how to correctly perform EDD, plus how to recognise potential red flags
  • Keeping the Firm-Wide Risk Assessment (FWRA) up to date with latest  guidance. 
  • Increased involvement from AML officers (MLROs, MLCOs etc.) to support monitoring. 

Our Experts Support Your Due Diligence Procedures

Combatting money laundering requires a team effort - every member of your firm has an important part to play. At PDA Legal, we help you towards ensuring  that your team fulfils their role in this respect.

Our AML training services, FWRA drafting and MLRO support are individually tailored to each firm to align with their unique AML risk profile.

We would be pleased to start a conversation with you; get in touch with us today

Contact Us

Latest Articles

More Articles
Get in touch for a free no obligation quote today
Contact Us
Law Society Lexcel Assessor. Legal Practice Quality Mark.
Cyber Essentials logo
Information Commissioner's Office logo
ISO logo
Legal Aid Agency logo
Solicitors Regulation Authority