Enhanced Due Diligence, commonly called EDD, is the process of applying additional scrutiny to higher-risk clients, transactions or situations. Under Australia’s AML/CTF framework, some clients present elevated money laundering or terrorism financing risk. Where that occurs, standard onboarding procedures may not be enough.

EDD exists to help firms better understand the risk, gather additional information, apply stronger controls and make informed risk based decisions.

EDD Is Not About “Catching Criminals”

One of the biggest misconceptions about AML compliance is that firms are expected to conduct investigations like law enforcement agencies. That is not the purpose of EDD.

EDD is fundamentally a governance and risk management process. It helps firms answer questions such as:

Do we properly understand this client?
Does the transaction make commercial sense?
Are there indicators requiring escalation?
Are additional controls needed?
Is this risk acceptable to the firm?

When Is EDD Required?

EDD is typically required where higher-risk indicators exist. Examples may include politically exposed persons (PEPs), high-risk jurisdictions, unusual ownership structures, unexplained source of funds, sanctions concerns, suspicious behaviour, large or unusual transactions or adverse media findings.

The obligation is generally risk-based. The presence of one factor does not automatically mean criminal conduct exists.

However, it may mean the firm needs to apply greater scrutiny before proceeding.

What Does EDD Involve?

EDD may involve obtaining additional identification information, verifying source of funds or wealth, understanding transaction purpose, obtaining senior management approval, conducting deeper sanctions or PEP screening, reviewing supporting documentation and documenting the firm’s reasoning and controls.

Importantly, EDD should be documented properly. A regulator reviewing a file later will often focus not only on the outcome, but on the reasoning process followed by the firm.

EDD Does Not Remove Risk

A common misunderstanding is that EDD somehow “fixes” a high-risk client. It does not.

EDD does not reduce inherent risk simply because additional questions were asked. Instead, EDD helps explain how the risk was assessed, what controls were applied, why the firm proceeded (or declined to proceed) and how the risk will be managed going forward.

In other words, EDD does not reduce inherent risk, it explains how you manage it. That distinction is extremely important from a governance perspective.

Why Documentation Matters

Many AML failures occur not because firms ignored risk entirely, but because decisions were undocumented, escalation reasoning was unclear, reviews were inconsistent or monitoring obligations were forgotten.

A proper EDD process should create a clear audit trail showing what concerns were identified, what additional steps were taken, who approved the decision and why the outcome was considered appropriate.

EDD and Professional Judgment

AML compliance is not purely mechanical. Professional judgment still matters. Two firms may assess the same client differently depending on risk appetite, transaction context, client history, jurisdiction exposure and available evidence.

The key issue is whether the decision-making process was reasonable, documented and defensible.

A Practical Approach for Smaller Firms

Smaller firms often worry that EDD requires expensive enterprise systems or investigative teams. In reality, effective EDD often comes down to structured workflows, consistent escalation processes, documented reasoning and appropriate oversight.

A practical and well documented process is usually far more valuable than an overly complex one that staff do not consistently follow.

As a rule of thumb, good EDD starts with a structured onboarding process and a clear governance model for how risk decisions are made.

By Amira Ward and Daniel Ward

Flagship AML

Published May 2026 • Estimated reading time: 4 minutes

What Is Enhanced Due Diligence (EDD)?