Skip to main content
HMRC internal manual

Anti-money laundering guidance for supervised businesses

AMLG11600 - Enhanced due diligence (EDD)

16. Enhanced due diligence (EDD)

Enhanced due diligence (EDD) is an increased level of due diligence and applies in situations that present a high risk of money laundering, terrorist financing. It means taking additional measures to mitigate and manage those risks including taking additional measures to identify and verify the customers identity and source of funds and conducting enhanced ongoing monitoring. The EDD measures put in place should give your business more certainty on your customer’s identity, their associated risk, and the purpose of the business relationship or occasional transaction. This in turn enables your business to effectively manage the risks posed to it and increases the likelihood that it will detect the use of its products and services for money laundering, terrorist financing or proliferation financing, as well as managing the risk of breaching sanctions imposed by the Government to comply with international obligations and support foreign policy and national security objectives.

 

16.1 When must you apply EDD?

The Regulations set out specific circumstances where EDD measures must be applied as follows:    

  • The case has been identified as one where there is a high risk of money laundering or terrorist financing in your risk assessment or in information provided to you by HMRC including in this guidance and any other guidance referred to within it.

  • In any business relationship with a person established in a FATF Call for Action country or in relation to any relevant transaction where either of the parties is established in a FATF Call for Action country.

 

Important note:

This requirement to apply EDD does not apply when a customer is a branch or majority owned subsidiary undertaking of an entity which is established in a state other than the UK (a third country), if the following conditions are all satisfied: 

  • The entity is subject to, and supervised for compliance with, requirements in national legislation with equivalent effect to those laid down in the fourth money laundering directive. 
  • The branch or subsidiary complies fully with the PCPs established for the group; and,
  • After applying a risk-based approach, the relevant person does not consider it is necessary to apply EDD.

  • In any case where you discover that a customer has given you falseinformation or false or stolen documents to identify themselves and you propose to continue to deal with that person.  (Regardless of whether you intend to continue to deal with that person, you should immediately consider reporting this to the NCA as Suspicious Activity). 
  • You have determined that a customer or potential customer is a PEP, or a family member or known close associate of a PEP.    
  • In any case where:
    • The transaction is unusually complex or unusually large in each case given the nature of the transaction.
    • There is an unusual pattern of transactions, or
    • The transaction has no apparent legal or economic purpose.  
    • In any other case which by its nature can present a higher risk of money laundering or terrorist financing.

 

Important note:

You must also apply EDD in any other case which by its nature can present a higher risk of money laundering or terrorist financing.


In deciding whether a case is high risk, and the extent of the measures you need to take to manage and mitigate that risk, you should apply a risk-based approach and must take into account factors including, among other things:

 

Customer risk factors, including whether:   

  • The business relationship is conducted in unusual circumstances.
  • The customer is resident in a geographical area of high-risk (see geographical risk factors below).
  • The customer is a legal person or legal arrangement that is used to hold personal assets.
  • The customer is a company with nominee shareholders or bearer shares.
  • The customer is a cash-intensive business.
  • The corporate structure of the customer is unusual given the nature of the business.
  • The customer is the beneficiary of a life insurance policy.
  • The customer is a third country national who is applying for residence rights in, or citizenship of, a state in exchange for transfers of capital, purchase of a property, government bonds or investment in corporate entities in that state.

 

Product, service, transaction or delivery channel risk factors including whether:

  • The product involves private banking i.e. personalised financial services and products such as investing and portfolio management, tax services, insurance, and trust and estate planning offered to the high-net-worth individual clients of a retail bank or other financial institution.
  • The product or transaction is one which might favour anonymity (e.g. where the customer is a trust).
  • The customer is not seen face to face and is without safeguards such as electronic identification.    
  • Payment is received from unknown third parties or third parties with no association to the customer.
  • You are offered an excessive fee for the level of services provided.
  • New products and business practices are involved, including new delivery mechanisms and the use of new or developing technologies.
  • The service involves nominee directors, nominee shareholders or shadow directors, or a company formation in a third country.

 

Transactions that relate to any of the following:

  • Oil.   
  • Arms and weapons. 
  • Precious metals and stones.   
  • Tobacco products.   
  • Cultural artefacts.   
  • Ivory and other items related to protected species, or other items of archaeological, historical, cultural or religious significance or of rare scientific value.  

 

Geographical risk factors, including countries that:

  • Are identified by a credible source as not having effective systems to counter money laundering or terrorist financing.
  • Are identified by a credible source as having a significant level of corruption, or other criminal activity, such as terrorism, money laundering and the production and supply of illicit drugs.
  • Are subject to sanctions or embargoes issued by EU or UN.  You should also consider geographical risks around countries and persons subject to sanctions imposed by the UK Government to comply with international obligations and support foreign policy and national security objectives.
  • Are providing funding or support for terrorism.
  • Have terrorist organisations operating within the country which have been designated by the UK as proscribed under the schedule 2 Terrorism Act 2000, or by the EU, other countries and international organisations as terrorist organisations.
  • Have been identified by organisations such as FATF, FATF-style Regional Bodies, World Bank, Organisation for Economic Co-operation and Development and the International Monetary Fund as not implementing requirements to counter money laundering and terrorist financing that are consistent with the FATF recommendations.

 

For further guidance on calculating geographical risk, you should have regard to:

  • UK government’s National Risk Assessment of Money Laundering and Terrorist Financing which lists countries particularly at risk of money laundering and terrorist financing.
  • The National Risk Assessment of any country which is involved in the transaction e.g. the country where a customer or the other party to a relevant transaction is established or based.
  • FATF publications.
  • Relevant law enforcement alerts.
  • The risk factors discussed in part 3 of this guidance which may present in any given case.

 

16.2 EDD measures

If EDD is appropriate, then you must do more to verify identity and scrutinise the background and nature of the transactions, than for standard CDD. How this goes beyond standard due diligence must be made clear in your risk assessment and PCPs.  

You should take all of the following measures if applicable to the particular case:    

  • Obtain additional information or evidence to establish the identity from independent sources, such as more documentation on identity or address or electronic verification alongside manual checks.
  • Take additional measures to verify the original documents supplied from independent sources, such as more documentation on identity or address or electronic verification alongside manual checks or require that copies of the customer’s documentation are certified by a bank, financial institution, lawyer, or notary who are competent at document inspection and impostor detection, such as a person from a regulated industry or in a position of trust.   
  • Ensure any information on identity documents is validated by an authoritative source.   
  • Check if the person identified is known to be involved with any fraudulent activity or documents.  
  • If receiving payment, ensure it is made through a bank account in the name of the person you are dealing with.     
  • Take more steps to understand the history, ownership, and financial situation of the parties to the transaction.   
  • Carry out more scrutiny of the business relationship and satisfy yourself that it is consistent with the stated purpose.   

You must take all the following measures, in addition to those set out above, if you propose to have, or to continue, a business relationship with a PEP, a family member or known close associate of a PEP:  

  • Obtain senior management approval before establishing a business relationship with that person.    
  • Take adequate steps to establish the source of wealth and source of funds that are involved in the proposed business relationship or transaction. 
  • Conduct enhanced ongoing monitoring where you’ve entered a business relationship.

See AMLG11650 for further information on PEPs.