What is the difference between CDD and EDD
Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) are two critical processes in the fight against financial crime, money laundering, and terrorist financing. The primary difference lies in the level of risk assessment and scrutiny applied. CDD is the standard, baseline identity verification and risk profiling performed for all customers. EDD is a higher, more intensive level of due diligence reserved specifically for customers identified as posing a higher risk. Think of CDD as the standard security check at an airport, while EDD is the additional, thorough screening for passengers flagged for extra attention.
What is the core difference in risk level between CDD and EDD?
The fundamental distinction between CDD and EDD is the risk profile of the customer. CDD applies to the vast majority of customers with a standard or low-risk profile. It involves collecting basic identifying information, such as name, address, and date of birth, and verifying that identity against official documents. EDD, on the other hand, is triggered by specific red flags indicating a higher risk of financial crime. These triggers include customers who are politically exposed persons (PEPs), those from high-risk jurisdictions, complex corporate structures, or transactions involving large sums of money or unusual patterns. EDD goes far beyond simple verification to uncover the source of funds and the true beneficial ownership of the customer.
What specific steps are involved in CDD versus EDD?
The steps in CDD are relatively straightforward and standardized. They include identifying the customer, verifying their identity using reliable documents, and understanding the nature of their business relationship. EDD, however, involves a much deeper investigation. This includes obtaining additional information about the customer's source of wealth and source of funds, understanding the reasons for complex or unusual transactions, and conducting ongoing, heightened monitoring of the business relationship. A key component of EDD is establishing the ultimate beneficial owner (UBO) behind a legal entity.
| Feature | Customer Due Diligence (CDD) | Enhanced Due Diligence (EDD) |
|---|---|---|
| Risk Level | Standard or low risk | High risk |
| Data Collected | Basic identity (name, address, DOB) | Source of wealth, source of funds, UBO |
| Verification | Official documents (passport, ID card) | Independent, reliable sources, additional documents |
| Monitoring | Standard transaction monitoring | Enhanced, frequent, and real-time monitoring |
| Purpose | Verify identity, assess standard risk | Uncover hidden risks, prevent complex crime |
When is Enhanced Due Diligence (EDD) required?
EDD is not a discretionary choice but a regulatory requirement in many jurisdictions when specific risk factors are present. Common triggers for mandatory EDD include dealing with a Politically Exposed Person (PEP), conducting business with a customer from a high-risk third country (e.g., countries sanctioned by the Financial Action Task Force - FATF), or when a transaction is unusually large, complex, or has no apparent economic or lawful purpose. Additionally, any situation where a customer's identity or business purpose is unclear, or where the beneficial ownership structure is opaque, will typically require EDD. For example, a shell company in a tax haven trying to open an account for a multi-million dollar transaction would almost certainly trigger EDD.
What is a practical checklist for implementing EDD?
Implementing a robust EDD process requires a systematic approach. The following checklist outlines key steps for compliance teams:
- Identify the trigger: Confirm the specific high-risk factor (e.g., PEP, high-risk country, unusual transaction).
- Gather senior management approval: Document the decision to proceed with the business relationship.
- Verify beneficial ownership: Identify and verify all individuals who ultimately own or control the customer.
- Establish source of wealth and funds: Obtain and verify documentation proving the origin of the customer's assets.
- Understand purpose of relationship: Document the expected nature and volume of transactions.
- Conduct ongoing, enhanced monitoring: Implement a plan for more frequent transaction reviews and account activity checks.
- Document everything: Maintain a clear, auditable trail of all EDD measures taken and the rationale behind them.
Frequently Asked Questions
Is EDD a separate process from CDD?
No, EDD is not a separate process but rather an extension or escalation of the standard CDD process. It starts with the same identity verification but then adds deeper layers of investigation and scrutiny based on the identified risk. You cannot perform EDD without first completing the core CDD steps.
How long does an EDD check typically take?
Unlike a standard CDD check which can be automated and completed in minutes, a thorough EDD check can take days or even weeks. This is because it often requires manual research, document collection from the customer, and consultation with external databases or third-party risk intelligence providers. The complexity of the customer's structure and the availability of information are major factors in the timeline.
What happens if EDD reveals a high risk that cannot be mitigated?
If the enhanced due diligence process uncovers an unacceptably high risk of money laundering or terrorist financing that cannot be effectively mitigated through additional controls, the financial institution is obligated to decline the business relationship. This means refusing to open the account, terminating an existing relationship, or filing a Suspicious Activity Report (SAR) with the relevant authorities. The decision is typically documented and approved by senior management.
Resumen Breve
- Diferencia Fundamental: La CDD es la diligencia debida estándar para todos los clientes, mientras que la EDD es una investigación más profunda para clientes de alto riesgo.
- Nivel de Riesgo: La CDD se aplica a clientes de riesgo bajo o normal; la EDD se activa por señales de alerta como PEPs, países de alto riesgo o transacciones inusuales.
- Proceso: La CDD verifica la identidad básica; la EDD investiga el origen de los fondos, la riqueza y la propiedad beneficiaria final.
- Resultado: La CDD permite la relación estándar; la EDD puede llevar a un monitoreo intensificado o al rechazo de la relación si el riesgo es inaceptable.