Standard due diligence verifies who you are dealing with. Enhanced due diligence examines where their wealth came from, who ultimately controls their structure, and whether the relationship is what it appears to be. The right level is determined by risk — and getting it wrong exposes you to the very risks diligence was meant to address.
The distinction between standard and enhanced due diligence is not simply a matter of thoroughness. It reflects a risk-based framework: the depth of the investigation must be proportionate to the risk the relationship or transaction presents. Applying the wrong level — either under-scrutinising a high-risk subject or over-engineering a low-risk one — is a failure of the process itself.
Standard due diligence (SDD) is the baseline applied to most business relationships. It is designed to establish that a subject is who they claim to be, that no immediate regulatory flags attach to them, and that the relationship falls within expected parameters. Typical components include:
SDD is appropriate where the risk assessment indicates a lower-risk subject, a straightforward transaction and no elevated indicators. It is efficient and proportionate for the majority of relationships a regulated firm handles.
Enhanced due diligence (EDD) is a qualitatively deeper exercise required when risk is elevated. It goes beyond verification into investigation — asking not just who the subject is, but where their wealth originated, who ultimately controls their structures, and whether the stated relationship withstands scrutiny. See our full guide on what enhanced due diligence means and our due diligence service for how we conduct it. EDD typically includes:
EDD is required — or strongly indicated — in a number of circumstances:
In regulated sectors in the UK — financial services, law, real estate, accountancy — EDD in these circumstances is not merely good practice. It is a regulatory expectation, and in some cases a legal obligation under the Money Laundering Regulations.
The risk-based approach means that the decision between SDD and EDD must be made on the specific facts of each relationship, documented, and defensible if challenged. Applying SDD to save cost where EDD was indicated leaves the firm exposed to regulatory sanction and to the underlying risk the diligence was meant to address. The reverse — applying full EDD to every low-risk relationship — is uneconomic and disproportionate. A clear, documented risk assessment at the outset of each relationship is the foundation of a defensible diligence programme.
Standard due diligence verifies identity and screens for basic risk — sanctions, PEPs, corporate registration. Enhanced due diligence goes further: source of wealth, source of funds, ultimate beneficial ownership and comprehensive adverse media. EDD is not more paperwork — it is a qualitatively different, investigative exercise.
EDD is required when risk is elevated: the subject is a PEP or connected to one; the transaction is large, complex or unusual; the subject or funds originate from a high-risk jurisdiction; or beneficial ownership is opaque. In regulated sectors, EDD in these circumstances is a regulatory expectation or legal obligation.
Source of wealth analysis, source of funds analysis, ultimate beneficial ownership tracing through corporate structures, comprehensive adverse media review, deeper PEP and sanctions screening, and where necessary corroborating intelligence work to verify or challenge the stated picture.
No. SDD is not a substitute for EDD where the risk profile demands it. The standard — regulatory and professional — is that diligence depth is proportionate to risk. Applying SDD to a high-risk subject leaves the firm exposed both regulatorily and to the underlying risk.
One confidential message is enough. We assess the risk profile and scope the right level of investigation.
Make a confidential enquiry