Any financial institution or regulated business has to undergo the KYC process for customer on boarding. This is part of the global efforts to comply with Anti-Money Laundering/Counter-Terrorism Financing (AML/CTF) laws, as well as to protect the business from fraud and bad actors. During the KYC process, CDD is a key measure that scrutinises the risk exposure of a customer.
However, in some cases the regulatory compliance extends beyond the onboarding stage, when additional or enhanced checks are required.
What is Enhanced Customer Due Diligence (ECDD)?
Enhanced customer due diligence, or ECDD, are additional checks to minimise risk exposures, violations of regulatory compliance, and prevent financial crimes arising from money laundering or terrorist financing. EDD procedures are applicable to all entities, whether individuals or businesses, which are deemed ‘high risk’ or mandated under the law for enhanced diligence.
Why is ECDD required?
ECDD is required where the client and/or business transaction poses a high risk of financial crime. Enhance diligence of client is meant to lessen the risk of exposure.
When is ECDD required?
Risk-based approaches to client on boarding are based on the regulator guidelines, nature of transactions, business relationships and industry type.
However, broadly, ECCD is required in any one, or more, of the following cases:
– where transactions are large;
– where a business relationship is established with a high net worth entity;
– where KYC risk rating /compliance risk assessment indicates high risk exposure;
– where the national regulator lays down specific instances where ECDD is to be performed;
– in the case of certain businesses; like cryptocurrency, gambling and offshore banking;
– in the case of certain business relationships, for instance with shell banks;
– in the case of PEPs (Politically Exposed Persons), their close associates or family members;
– where a business relationship is established with an entity belonging to a sanctioned country.
What do you do when the situation or client requires ECDD?
Turning away the client and denying business that maybe legitimate, can create a loss of revenue and growth. So a risk-based approach is recommended by FATF.
The ECDD recommendations include:
– Rigorous checks of documents and data provided by client,
– Additional information
– Obtained from the client, about the purpose and proposed nature of the business relationship,
– Gathered about the client, from varied and robust sources,
– About the source of funds to satisfy that they do not constitute the proceeds from crime,
– Carry out further checks, like adverse media searches and criminal records,
– Ensure immediate access to such information to minimise exposure to risks of financial crime, – Reasonable assurance that the internal controls are adhered to,
– Use of third-party compliance software like sanctions screening APIs and SaaS,
– On-going monitoring even after client onboarding, that includes financial sanctions and PEP screening,
– Check the Ultimate Beneficial Ownership Structure (UBO),
– Suspicious reporting to authorities.
The approach to diligence should ensure constant monitoring to identify potential triggers like changes in the product/service, business relationship, and suspicious patterns in transactions or concerns about information collected.
Advantages of EDD
Implementing enhanced diligence ensures minimising on opportunities lost, while ensuring the institution is not exposed to risks of financial crime or terrorist financing activities.
In the event of any ML/TF incident, if EDD rules are adhered to, penalties may not be applicable.
EDD can be adapted to size of the institution, making it very suitable for SMBs engaged in high-risk sectors like money remittances
Deal with High Risk Clients with Enhanced Due Diligence (EDD)