Enhanced Due Diligence (EDD) Simplified How FigsFlow Helps Accountants Stay Compliant
Accountants, Blog

Enhanced Due Diligence (EDD) Simplified: How FigsFlow Helps Accountants Stay Compliant

Last Updated:9 January 2026
13 Min Read
Start using FigsFlow today
  • Professional Proposals
  • Regulatory Compliant LOEs
  • Advanced Pricing Calculator
  • Automation & Integrations
  • Built-in E-Signature
  • AML & ID Verification
Start 30-day Free Trial

Enhanced Due Diligence isn’t complicated. The manual process is.

Fifteen documents across email, portals, WhatsApp, and post. Five PEP databases to screen. Three hours per high-risk client while your pipeline backs up. The Solicitors Regulation Authority found that 83% of enforcement actions involve insufficient customer due diligence. Not fraud, just inadequate systems.

When you handle Politically Exposed Persons, high-risk jurisdictions, or complex ownership structures, standard CDD doesn’t meet MLR 2017 requirements. You need deeper verification, stronger documentation, and complete audit trails.

FigsFlow reduces verification time from three hours to fifteen minutes per client. Every PEP check, sanctions screening, and risk assessment runs automatically with full MLR 2017 compliance built in.

Let’s break down exactly what Enhanced Due Diligence requires, when it applies, and how to implement it without drowning in paperwork.

KEY TAKEAWAYS
  • Manual EDD takes 3 hours per high-risk client with documents scattered across multiple channels and inconsistent screening
  • Enhanced Due Diligence is required for Politically Exposed Persons, high-risk countries, and complex ownership structures under MLR 2017
  • 83% of enforcement actions involve insufficient customer due diligence due to inadequate systems
  • FigsFlow automates the entire EDD workflow in 15 minutes with secure document collection, instant PEP/sanctions screening, and complete audit trails

Enhanced Due Diligence Simplified

Enhanced Due Diligence represents the highest tier of Know Your Customer checks under the Money Laundering Regulations 2017. Think of it as an investigative mode for client onboarding.

Standard Customer Due Diligence asks three questions:

  • Who is this client?
  • Can we verify their identity?
  • What’s the purpose of this business relationship?

Enhanced Due Diligence adds seven more:

  • Where does their money come from?
  • Who ultimately owns and controls this entity? Do they appear on sanctions lists?
  • Are they Politically Exposed Persons?
  • What does public media say about them?
  • Does their transaction pattern make economic sense?
  • How often should we re-verify all of this?

The difference matters because money laundering costs the UK economy £290 billion annually, according to the National Crime Agency. Professional services firms, including accountancy practices, represent attractive targets for criminals seeking to legitimise illicit funds through seemingly normal business relationships.

Enhanced Due Diligence serves three purposes: fulfilling legal obligations under MLR 2017 Regulation 33, protecting your firm from reputational damage and regulatory sanctions, and demonstrating to HMRC and professional bodies that you take anti-money laundering seriously.

When Is Enhanced Due Diligence Required?

MLR 2017 defines specific circumstances requiring Enhanced Due Diligence.

Politically Exposed Persons create automatic EDD requirements.

A PEP holds a prominent public office with access to government resources and decision-making power: cabinet ministers, senior military officers, judges, central bank executives, and ambassadors.

 

Family members and known close associates of PEPs also trigger Enhanced Due Diligence. The spouse. Adult children. Business partners. Close personal friends with financial relationships.

High-risk third countries trigger Enhanced Due Diligence immediately.

The Financial Action Task Force maintains two lists. The blacklist identifies jurisdictions with severe strategic AML deficiencies: Syria, North Korea, Myanmar, and Iran. The grey list includes countries under increased monitoring: Nigeria, South Africa, the Philippines, Bulgaria, and Tanzania.

 

Any transaction or business relationship involving parties established in these jurisdictions requires Enhanced Due Diligence. This extends to countries bordering high-risk territories.

Complex beneficial ownership structures demand deeper investigation.

Multiple layers of offshore companies. Nominee directors with no apparent connection to the business. Trusts nested within corporate entities. Ownership chains running through three different jurisdictions before reaching an individual.

 

These structures aren’t inherently illegal, but opacity enables money laundering. Enhanced Due Diligence cuts through the layers to identify who really owns and controls the entity.

Other triggers include

  • False or stolen identification documents
  • Unusual transactions without a clear economic purpose
  • Non-face-to-face relationships
  • Cash-intensive businesses like gambling operations, art dealers, and precious metals traders

Here's the Key Principle to Apply Enhanced Due Diligence:

Enhanced Due Diligence applies whenever risk factors indicate a higher probability of money laundering or terrorist financing.

Enhanced Due Diligence vs Customer Due Diligence vs Simplified Due Diligence

Money Laundering Regulations establish a risk-based approach with three tiers.

Simplified Due Diligence suits genuinely low-risk situations: public authorities, companies listed on regulated stock exchanges, and banks already subject to equivalent AML supervision. You modify verification measures proportionate to risk. Perhaps verify one director instead of all three. Accept fewer documents for beneficial owner identification.

Customer Due Diligence represents your baseline for normal-risk relationships. You identify the client through official documents, verify their identity using independent, reliable sources, understand the intended nature of the business relationship, and implement ongoing monitoring.

Enhanced Due Diligence escalates every element of standard checks. You still perform all Customer Due Diligence measures, then add multiple layers:

  • Identity verification from wider independent sources
  • Deeper background investigation into the corporate structure and financial situation
  • Source of wealth examination spanning years
  • Intensified transaction scrutiny
  • Continuous monitoring instead of periodic reviews

Need the Full Breakdown?

Our comprehensive guide covers when to apply each due diligence tier, what MLR 2017 requires for each level, and how to determine client risk ratings that trigger EDD requirements.

Read the Complete EDD vs CDD vs SDD Guide

The Enhanced Due Diligence Process: Step-by-Step

Conducting Enhanced Due Diligence follows a systematic approach.

Conduct Initial Risk Assessment

Document specifically which factors triggered the requirement: PEP status, geographic location, business sector, ownership complexity, or transaction characteristics. This assessment informs which additional measures you’ll implement.

Verify Identity Through Multiple Independent Sources

Standard Customer Due Diligence uses a passport and proof of address. Enhanced Due Diligence requires corroboration from additional sources: employer verification, professional licensing checks, credit reference agency reports, comprehensive Companies House data, industry-specific registrations, and banking relationships.

Identify & Verify Ultimate Beneficial Owners

Trace through all layers until you reach individuals holding 25% or more ownership or control. Document every level with corporate registrations, trust deeds, shareholder registers, and passport copies for ultimate individuals.

Establish a Source of Funds & A Source of Wealth

The source of funds asks where the money for this specific transaction originated. The source of wealth asks how this client accumulated their overall assets. Both require documentary evidence, not vague explanations.

Screen Against PEP Databases & International Sanctions Lists

Check the client, all beneficial owners, and relevant associated parties against comprehensive databases: UK sanctions lists, OFAC, United Nations sanctions, European Union restrictions, and Interpol notices. These lists update continuously. Enhanced Due Diligence requires ongoing screening, not just initial checks.

Conduct Adverse Media Searches

Search for negative information across court judgments, bankruptcy filings, regulatory enforcement actions, news articles about fraud allegations, and legal proceedings.

Document Everything With a Clear Rationale

Record your risk assessment logic: why you accepted this high-risk client, what mitigating factors reduced concern, which enhanced measures you applied and why, and how you reached your final risk rating.

Implement Ongoing Monitoring At Increased Frequency

High-risk clients need quarterly or monthly monitoring depending on risk factors. Re-screen PEP and sanctions lists, review transaction patterns, check for adverse media updates, and verify information remains current.

Common Enhanced Due Diligence Challenges

Manual EDD fails at five critical points where human processes break down under volume and complexity.

Multi-Channel Document Chaos

Clients send passports via email, proof of address by post, bank statements through portals, and utility bills via WhatsApp. You’re tracking fifteen documents across six communication channels. One missing item blocks the entire onboarding while you chase the client for the fourth time.

Incomplete Financial Evidence

Bank statements show account balances without transaction origins. That £100,000 deposit displays as “Transfer” with no explanation. Your source of funds verification hits a wall because the client doesn’t understand what you actually need.

Time Consumption at Scale

Manual EDD takes three hours per high-risk client minimum. For a practice with fifty high-risk clients, that’s 150 hours of pure compliance work before you’ve billed a single advisory hour.

Inconsistent Application

One manager conducts thorough adverse media searches across multiple databases. Another does a quick Google search and moves on. This inconsistency creates compliance vulnerabilities that auditors will find.

Missed Screening Updates

You screen on Monday morning with clean results. Sanctions list update on Tuesday afternoon. On Wednesday, your client’s business partner gets designated. You don’t know because you’re not monitoring in real-time between manual checks.

EDD simplifies and removes these failure points through automation that ensures consistency and completeness by default.

How FigsFlow Simplifies Enhanced Due Diligence

FigsFlow centralises Enhanced Due Diligence management, eliminating the document chaos and screening hassles that consume hours of compliance time.

Streamlined document collection through a secure KYC portal.

Send clients automated onboarding emails with verification links. They upload identity documents, proof of address, and source of funds evidence directly into the platform. No more chasing passports through email, bank statements via WhatsApp, and utility bills through postal mail. Everything arrives in one secure location.

Trust ID verification for identity confirmation.

FigsFlow integrates Trust ID for document verification, allowing clients to verify their identity documents securely. UK nationals select passport type. Non-UK nationals provide nationality details. The verification process happens within the platform, maintaining centralised documentation.

PEP and sanctions screening in 30 seconds.

Click “Start AML Check”, and FigsFlow screens against comprehensive PEP and sanctions databases instantly. Results appear showing any matches with position details or restriction information.

Pre-built risk assessment templates for MLR 2017 compliance.

FigsFlow includes ready-to-use Enhanced Due Diligence templates for companies and individuals. The structured questionnaires cover Client Identification & Verification, Geographical Risk, Industry/Transaction Risk, and Service/Product Risk. Real-time completion tracking shows exactly which sections need attention, preventing incomplete assessments.

Customer Risk Rating based on comprehensive assessment results.

After completing Enhanced Due Diligence procedures and screening, assign risk ratings directly in the platform. Document your rationale for accepting high-risk clients and what mitigating factors applied. The system maintains a complete history showing when ratings were assigned, by whom, and with what justification.

Complete audit trails are automatically maintained.

Every document upload, screening result, risk assessment, and rating decision gets timestamped and stored. When HMRC reviews your files, you have documented evidence of your Enhanced Due Diligence process from initial onboarding through ongoing monitoring.

The Result: Enhanced Due Diligence becomes organised workflow management instead of scattered manual chaos. Documents centralised. Screening automated. Risk assessments are structured. Audit trails maintained. Everything needed for MLR 2017 compliance in one platform, reducing hours of administrative burden to streamlined process execution.

EDD Is Just the Beginning

FigsFlow handles complete practice management: client onboarding, engagement letters, time tracking, invoicing, workflow automation, and compliance, all in one platform built specifically for UK accountants.
Explore All FigsFlow Features →

Enhanced Due Diligence Red Flags to Watch

Recognising warning signs during Enhanced Due Diligence helps you identify when clients present elevated money laundering risk. These red flags signal the need for deeper investigation or, in some cases, declining the engagement altogether.

Client's reluctance to provide documentation.

The prospective client hesitates when you request source of funds evidence or delays sending identity verification documents. They offer vague explanations about business activities or can’t provide clear answers about who owns the company.

Geographic complexity without business rationale.

The client operates a London consulting firm, but banks in Cyprus, or they’re purchasing Manchester property, but all funds originate from Cayman Islands accounts. International structures without an obvious business explanation warrant scrutiny.

Information inconsistencies that don't reconcile.

Companies House registration shows three directors, but the client mentions five people on the management team. Their business registration certificate says manufacturing, but their website describes consulting services. Multiple discrepancies suggest deeper problems.

Cash usage is inconsistent with the business model.

The client runs an online software company but insists on cash payments, or they operate a professional services firm serving corporate clients but maintain unusually high cash reserves. When cash use doesn’t match the business model, question why.

Transaction patterns that don't make economic sense.

Transaction patterns that don’t make economic sense.
The client’s stated business generates £100,000 annual revenue, but they’re investing £2 million in property. When transaction reality doesn’t match stated facts, Enhanced Due Diligence needs to explain the discrepancy, or you should decline the engagement.

Third-party payment arrangements without a clear rationale.

The client wants to pay your fees from someone else’s account with vague explanations about shared finances or business partnerships. Anonymous third-party payments present layering risk where criminals distance illicit funds from themselves.

Pressure to bypass normal procedures.

The client demands immediate completion with statements like “We need this finished tomorrow” or “Don’t worry about the documents, just start the work now.” Rushing you to skip Enhanced Due Diligence steps is itself a red flag.

Trust your professional judgment. If something feels wrong during Enhanced Due Diligence, pause and investigate further before proceeding.

Additional Resources

Conclusion

Enhanced Due Diligence protects UK accountancy practices from money laundering risk, regulatory enforcement, and reputational damage. When you handle Politically Exposed Persons, high-risk third countries, or complex beneficial ownership, standard Customer Due Diligence isn’t enough.

Manual Enhanced Due Diligence consumes three hours per high-risk client through scattered document collection, multiple screening platforms, and inconsistent risk assessments.

FigsFlow centralises the entire workflow: secure KYC portal, Trust ID verification, one-click PEP and sanctions screening, pre-built risk assessment templates, and Customer Risk Rating with complete audit trails.

Streamlined Enhanced Due Diligence that protects your firm while eliminating compliance chaos.

Frequently Asked Questions (FAQs)

What is Simplified Due Diligence in the UK?

Simplified Due Diligence is a streamlined verification process for genuinely low-risk clients under MLR 2017. You apply reduced checks for public authorities, regulated stock exchange companies, or financial institutions already subject to equivalent AML supervision. This might mean verifying one director instead of three or accepting fewer beneficial ownership documents.

What is the difference between Simplified and Enhanced Due Diligence?

Simplified Due Diligence uses reduced checks for low-risk clients. Customer Due Diligence is your standard baseline for normal-risk relationships. Enhanced Due Diligence escalates every check for high-risk clients by adding source of wealth examination, continuous monitoring, and intensified transaction scrutiny beyond standard CDD measures.

What is Enhanced Due Diligence in the UK?

Enhanced Due Diligence is the highest tier of Know Your Customer checks under MLR 2017. It requires deeper investigation when clients present elevated money laundering risk through PEP status, high-risk jurisdictions, or complex ownership structures. EDD adds source of wealth examination, comprehensive screening, and continuous monitoring beyond standard Customer Due Diligence.

When should EDD be applied?

Enhanced Due Diligence is required for Politically Exposed Persons and their family members or close associates. It applies to business relationships involving Financial Action Task Force high-risk countries, complex beneficial ownership structures, or unusual transactions without a clear economic purpose. Any situation where risk factors indicate a higher money laundering probability triggers EDD requirements.

What is an example of Simplified Due Diligence?

A UK accounting practice onboarding a local council might apply Simplified Due Diligence since public authorities present a low money laundering risk. You could verify identity through fewer documents and accept reduced beneficial ownership checks. The measures must remain proportionate to the genuinely low risk presented under MLR 2017.

Is Enhanced Due Diligence required for all customers?

No. Enhanced Due Diligence applies only to high-risk situations identified through your risk assessment. You must apply EDD for foreign Politically Exposed Persons, clients from high-risk third countries, and situations where your controls identify an elevated money laundering probability. Standard Customer Due Diligence remains appropriate for normal-risk relationships.

Don’t forget to share this post!

The Future of Proposals, Pricing & Engagement is Here!
Sign Up
Book a Demo
figsflow demo & trial

Related Articles

3 Forms of ID in the UK

Max20 Min Read
Ever had a client insist their gym membership should count as valid ID? It sounds ridiculous, but it highlights the real problem: […]
Read More
Log In
Book a Demo
Start 30-day free trial