kyccost

Independent reference. Not legal or regulatory advice. Consult a qualified compliance specialist for advice specific to your jurisdiction and risk profile. See methodology.

Cluster 3 / Differential

CDD vs EDD: the cost differential nobody publishes.

Process-level CDD vs EDD content is everywhere. Cost-differential content is not. EDD typically adds £25-£90 per high-risk customer on top of the CDD baseline. The 3-8x multiplier explained, with the trigger list under MLR 2017, FATF and FinCEN costed individually.

CDD baseline: £4 - £18 | EDD overlay: £25 - £90 | EDD fully loaded: £35 - £140

The three tiers.

Low-risk only

Simplified due diligence (SDD)

£2 - £8

Reduced verification depth and reduced ongoing-monitoring cadence. Permitted under FATF risk-based-approach guidance and MLR 2017 Regulation 37 where the underlying risk assessment supports it. Real cost-saving opportunity, but the risk-assessment build is the precondition.

Standard baseline

Customer due diligence (CDD)

£4 - £18

The default tier. Identity verification, beneficial ownership identification, purpose-and-nature understanding, ongoing monitoring. FATF Recommendation 10 sets the baseline; MLR 2017 Regulation 28 implements it in UK law.

High-risk overlay

Enhanced due diligence (EDD)

£35 - £140

On top of CDD. Source-of-funds verification, UBO mapping, enhanced adverse media review, senior-management approval, more frequent monitoring. FATF Recommendation 12 (PEPs); MLR 2017 Regulation 33 (full trigger list).

Why EDD costs 3-8x CDD.

The CDD baseline is largely automated. The EDD overlay is largely manual. Four cost drivers account for the multiplier.

Senior-approval bottleneck

£40 - £180 per case

Senior MLRO time on every EDD customer. Fully-loaded UK rate £85-£180/hour; typical 30-60 minutes per case.

Source-of-funds review

£15 - £55 per case

Manual evidence handling: bank statements, payslips, sale-of-asset confirmations, wealth-source attestation. Average analyst time 45-90 minutes per case.

UBO mapping

£10 - £40 per case

Cross-border ownership chains, document translation, beneficial-owner verification at each layer. Per-layer cost compounds with chain depth.

Adverse media review

£8 - £25 per case

Per-name adverse media check across the verified UBO list. Falls disproportionately on high-risk customers because adverse media generates the bulk of false positives.

The full ops-labour picture sits on the false-positive cost page; the screening-cycle costs sit on the sanctions screening cost page.

EDD triggers under MLR 2017 Regulation 33, costed.

TriggerSourcePer-case cost
Politically exposed persons (PEPs) and family / close associatesMLR 2017 Reg 33(1)(b); FATF Rec 12£45 - £130
Persons established in high-risk third countriesMLR 2017 Reg 33(1)(b)(i); FATF list of jurisdictions£40 - £120
Complex or unusual transactions, no apparent economic purposeMLR 2017 Reg 33(1)(c)£35 - £110
Correspondent banking relationships (where applicable)MLR 2017 Reg 34£90 - £250
Beneficial owners of trusts, foundations and similar arrangementsMLR 2017 Reg 28(3); 5MLD UBO register£45 - £140
Higher-risk transactions identified by the firm's own risk assessmentFirm's risk assessment; SYSC 6.3£35 - £100

Per-case cost is fully loaded (vendor checks + screening + ops labour + senior approval). FinCEN's CDD Rule (31 CFR 1010.230) sets analogous EDD triggers in the US, with cost-loading similar at the upper end due to state-level licensing layers.

Risk mix dominates total cost.

Take a 50,000-customer book at £10 CDD and £55 EDD overlay. Move from a 5% EDD population to a 25% EDD population and blended cost goes from £12.75 to £23.75 per customer. On 50,000 onboardings the absolute swing is £550,000 in onboarding cost alone. The cost of moving to a higher-risk segment is consequently larger than most fintech CFOs assume when planning corporate or VASP product expansion.

Real fintech segments cluster: retail challenger banks at 3-7% EDD, neobanks at 3-7%, BNPL at 2-5%, lenders at 5-20%, EMIs at 8-30%, crypto exchanges at 15-40%, brokers and wealth platforms at 30-60%. See the industry breakdown for the per-segment cost profile.

Blended cost vs EDD population
3% EDD (retail bank)£11.65
5% EDD (neobank)£12.75
10% EDD (lender)£15.50
15% EDD (EMI mid)£18.25
25% EDD (crypto low)£23.75
40% EDD (crypto high)£32.00
55% EDD (broker)£40.25
CDD £10, EDD overlay £55. Excludes ongoing monitoring.

The SDD saving, with caveats.

Where the firm's risk assessment supports it, simplified due diligence (SDD) reduces verification depth and ongoing-monitoring cadence for genuinely lower-risk customers. The FATF February 2025 amendment swapped "commensurate" for "proportionate", with the June 2025 risk-based-approach guidance explicitly encouraging SDD in lower-risk scenarios. The cost saving is meaningful: SDD typically lands at £2-£8 per customer fully loaded, vs CDD £4-£18.

The catch is the risk-assessment build cost. SDD without a defensible risk assessment is regulatory exposure, not cost saving. JMLSG Guidance and FCA SYSC 6.3 both require the risk-assessment file to demonstrate proportionality. Firms that try to retrofit SDD onto a previously-uniform CDD population without risk-assessment investment usually end up paying for both: the SDD reduction is unwound at the next supervisory visit.

CDD vs EDD cost questions

What is the difference between CDD and EDD?+
Customer Due Diligence (CDD) is the baseline identity verification, beneficial ownership identification, and risk-based monitoring required for all customers under FATF Recommendation 10. Enhanced Due Diligence (EDD) is the heightened review required for higher-risk customers: PEPs, high-risk third-country relationships, and complex / unusual transactions. EDD adds source-of-funds verification, UBO mapping for cross-border chains, enhanced adverse media review, senior-management approval, and more frequent monitoring.
How much does enhanced due diligence cost?+
EDD typically adds £25-£90 per high-risk customer on top of the CDD baseline of £4-£18, with a fully-loaded total of £35-£140 per EDD customer. The 3-8x multiplier reflects senior-management approval bottlenecks, manual evidence handling for source-of-funds and source-of-wealth, document translation across cross-border UBO chains, and enhanced adverse media review per beneficial owner.
When is enhanced due diligence required?+
Under UK MLR 2017 Regulation 33, EDD is required for: politically exposed persons (PEPs) and their family members and known close associates; relationships with persons established in high-risk third countries; complex or unusual transactions with no apparent economic or lawful purpose; any other situation presenting higher money-laundering or terrorist-financing risk. FATF Recommendation 12 covers PEPs; Recommendation 22 extends to designated non-financial businesses and professions. FinCEN CDD Rule (31 CFR 1010.230) sets the analogous US baseline.
What does the FATF February 2025 amendment change?+
The FATF amendment replaced 'commensurate' with 'proportionate' in the risk-based-approach guidance. The June 2025 follow-up explicitly encourages simplified due diligence (SDD) in lower-risk scenarios, provided a rigorous risk assessment supports the tiering. For UK and EU fintechs over-indexed on uniform CDD across a low-risk consumer book, the amendment opens a defensible cost-saving lever without departing from the FATF baseline.
How does the EDD population mix shift blended cost?+
Risk mix is the dominant cost variable on a fintech compliance budget. A 5%-EDD book vs 25%-EDD book lifts blended fully-loaded per-customer cost by 2-4x. Crypto exchanges (15-40% EDD), brokers (30-60% EDD), and EMIs with corporate books (8-30% EDD) sit materially above retail challenger banks (3-7% EDD). Modelling a realistic risk mix for the segment is more important than vendor selection in determining total spend.
Can simplified due diligence save money?+
Yes, where the underlying risk assessment supports it. SDD allows reduced verification depth and reduced ongoing monitoring frequency for genuinely lower-risk customers. The FATF February 2025 update is explicit: 'proportionate' replaces 'commensurate' precisely so SDD is encouraged, not merely permitted. The catch is that a rigorous risk-assessment build cost is the precondition; firms that under-invest in risk assessment cannot defend an SDD population to a regulator.

Sources cited on this page

  1. Money Laundering Regulations 2017 Regulation 33
  2. FATF Recommendations 10, 12 and 22 (Feb 2025 amendment, June 2025 RBA guidance)
  3. FinCEN CDD Rule 31 CFR 1010.230
  4. JMLSG Guidance current edition
  5. FCA Handbook SYSC 6.3 financial crime systems and controls
  6. ComplyCube and Sumsub published vendor pricing pages (2025)