Skip to main content

6.4 Enhanced Due Diligence (EDD) Measures

Effective from 13/7/2023

(AML-CFT Decision Articles 4.2(b), 7.2, 15, 22, 25)

In keeping with a risk-based approach to CDD, FIs are obliged to enhance their CDD measures with regard to customers identified as high-risk, including the specific categories of customers as provided for in the relevant articles of the AML-CFT Decision, such as politically exposed persons (PEPs) (see Section 6.4.1, Requirements for Politically Exposed Persons), customers associated with high-risk countries (see Section 6.4.3, Requirements for High-Risk Countries), and correspondent relationships (see Section 6.4.4, Requirements for Correspondent Relationships).

Generally speaking, EDD involves a more rigorous application of CDD measures, including elements such as:

Increased scrutiny and higher standards of verification and documentation from reliable and independent sources with regard to customer identity;
 
More detailed inquiry and evaluation of reasonableness in regard to the purpose of the Business Relationship, the nature of the customer’s business, the customer’s source of funds and source of wealth, and the purpose of individual transactions;
 
Increased supervision of the Business Relationship, including the requirement for higher levels of management approval, more frequent monitoring of transactions, and more frequent review and updating of customer due diligence information.
 

EDD means that FIs should intensify their measures, specifically by obtaining further evidence and supporting documentation. FIs should obtain additional information and evidence from high-risk customers such as:

 
  
Source of funds (revenue) and source of wealth;
Identifying information on individuals with control over the customer (legal person or arrangement) or account, such as signatories or guarantors;
Occupation or type of business;
Financial statements;
Banking references;
Domicile;
Proximity of the customer’s residence, place of employment or place of business to the FI;
Description of the customer’s primary trade area and whether international transactions are expected to be routine;
Description of the business operations, the anticipated volume of currency and total sales, and a list of major customers and suppliers; and
Explanations for changes in account activity.
 

In addition, FIs should also apply specific EDD measures in case there are doubts about the accuracy or appropriateness of a customer’s ML/FT risk classification in order to determine the appropriate risk classification. EDD should also be applied when there are red-flag indicators of potentially unusual or suspicious transactions or activities. In all cases in which EDD is applied, FIs should ensure that they take reasonable measures to obtain adequate, substantiated, information about the customer, commensurate with the level of the risks identified.

As part of their overall AML/CFT framework, FIs should develop risk-based internal policies, procedures and controls in connection with the application of EDD measures. Examples of the some of the factors they should consider when developing the risk-based policies include:

the ML/FT risks identified in the ML/TF business risk assessment;
 
Circumstances, timing, and composition regarding the application of EDD measures;
 
Frequency of reviews and updates in relation to information on high-risk customers;
 
Extent and frequency of ongoing monitoring of the Business Relationship and monitoring of transactions in relation to high-risk customers.
 

Such policies, procedures and methodologies should be reasonable and proportionate to the risks involved, and, in formulating them, FIs should consider the results of the NRA, any Topical Risk Assessment and their own ML/FT business risk assessments. Commensurate with the nature and size of the FIs’ businesses, the policies, procedures and methodologies should also be documented, approved by senior management, and communicated at the appropriate levels of the organisation.

Additional guidance regarding the application of EDD measures to statutory high-risk Business Relationship categories is provided in the following sub-sections.