Insider Look at Enhanced Due Diligence in Banking for Security and Compliance


Do you really know your customers? Effectively, this is the heart of the enhanced due diligence process. When know your customer (KYC) and anti-money-laundering (AML) regulations were enacted, they set out to answer those questions. However, the non-uniformity of achieving those parameters has left a tremendous amount of variability that could be very costly if your bank or credit union gets it wrong. According to a report from Corporate Compliance Insights:

  • U.S. and Canadian financial institutions estimate a 33% jump from compliance spend of $31.5 billion in 2019 to $42 billion in 2020.
  • The lion’s share of the costs were borne by U.S. financial firms with an estimated $35.2 billion, and Canadian financial institutions shouldered the remaining $6.8 billion in 2020 alone.

The report goes on to state the top three most-challenging issues for compliance teams:

  • 41% say accessing information for KYC due diligence is the main problem.
  • 41% say slow customer onboarding is the key problem.
  • 38% say long lag times for complete due diligence and customer onboarding processes are the key problems.

Enter due diligence. KYC and AML are legal requirements set out by the Patriot Act “to strengthen U.S. measures to prevent, detect and prosecute international money laundering and financing of terrorism.” It set guidelines and punishments instead of a step-by-step playbook of what to look for in each account because of the inherent diversity of customer needs at each financial institution. 

Customer Due Diligence

It turns out due diligence has different levels. Customer due diligence (CDD) is the standard level of investigation you need to perform under relatively normal circumstances, such as:

  • New relationship. Before any financial account can be opened, your compliance team must ensure to authenticate the customer with their supporting credentials.
  • Weird transactions. Occasional variances in transaction amounts, usually much larger than average, may require a second look by your compliance team. Also, transactions with high-risk countries or individuals will trigger customer due diligence.
  • Potential money laundering. CDD checks are strongly advised if a customer is suspected of terrorism financing and/or money laundering.
  • Weak documentation. CDD checks are required to satisfy compliance standards when a customer’s verification documents are incomplete or unreliable.
  • Periodic checks. It’s generally recommended that CDD happens at regular intervals throughout your customer’s lifecycle to ensure their risk profile stays within acceptable parameters.

Normal levels of customer due diligence doesn’t mean relaxing your standards; ensure your compliance and security requirements are exceeded — while seamlessly integrating the CDD checks into your customer onboarding process.

Enhanced Due Diligence

This level of due diligence is a step higher than CDD. Enhanced due diligence (EDD) is designed to detect greater or more subtle risks that aren’t picked up by standard customer due diligence processes. EDD is much more sensitive to nuanced risks. Additionally, EDD is typically conducted after an initial CDD is completed. For example, a standard CDD may uncover that your customer is a PEP (politically exposed person) or perhaps a cash-heavy business. In which case, a much more detailed, more risk-sensitive analysis of your customer is required.

Enhanced due diligence risk considerations:

  • Customer-related risk factors:
    • Non-residents make up the bulk of your customer’s clientele.
    • Relatives or associates are PEPs.
    • Cash-heavy business.
  • Geography factors:
    • Customer does business with countries that have weaker or insufficient AML compliance (ex: countries not yet sanctioned or less than “most favored nation” status with the United States).
  • Other risk factors:
    • Customers who are given an unusual amount of leeway in private or correspondent banking — oftentimes because of their higher revenues and deposits. Their greater level of latitude or operational mobility makes it easier to engage in money laundering activities without generating red flags.

Enhanced Due Diligence Requirements

What does EDD entail? Let’s have a look at some mandatory requirements for safe and compliant EDD:

  • Background information. A deeper dive into who your customer is. Double-verification of their identity. This may also include a physical site visit or interviewing customers of your customer.
  • Source of funds. This may include independent research on where the transaction funds came from. Ex: If they were gifted, then an interview of the benefactor may be necessary.
  • Source of wealth. Does your customer’s wealth come from family money? Investments? Offshore investments? A deeper investigation may be required.
  • Adverse media screening. Effectively, any media, news or even Google searches that turn up bad, incriminating or unfavorable information about your customer will often require EDD to clear any discrepancies.

The Benefits of Enhanced Due Diligence

Enhanced due diligence conducted at or during the customer onboarding process helps minimize the outlier risks with taking on new customers. Exposing your customer to expanded checks, overtly or covertly, can reduce the overall risk exposure to your organization. It can also be an additive to your current customer onboarding process. In other words, it doesn’t have to be a net negative to conduct EDD at the onset of the customer relationship. For example, if CDD and EDD are conducted at the beginning of the relationship as a part of the new customer discovery process, you will naturally gain a better understanding of what your customer or prospect is looking for and how to keep your customer’s loyalty over the long term.

Don’t Take On EDD Alone When Instnt Can Help

Enhanced due diligence can be cumbersome, exacting and daunting. The time, resources and expense can be problematic if your organization is currently tackling this growing compliance risk in-house. Consider working with a vetted, trusted partner to alleviate these pressures and allow you to concentrate on your core competencies while we take on EDD. We at Instnt, a sophisticated and tested solutions provider, will even indemnify you for up to $100 million in aggregate annual fraud losses while helping you onboard more great customers to grow revenue. Want to see how it works? Sign up for a free demo.


About the Author

Instnt's fraud loss insurance platform offers comprehensive protection for businesses for the entire customer lifecycle, from account initiation, and onboarding to subsequent logins, transaction processing, and the broadened accessibility of additional products and services.