CDD (Customer Due Diligence) is the standard level of due diligence applied to most customers. It involves identifying and verifying the customer, understanding their profile and assigning a basic risk level as part of KYC and AML obligations.

EDD (Enhanced Due Diligence) is a deeper, more detailed level of due diligence applied to higher-risk customers such as PEPs, complex entities or those linked to high-risk countries or activities. It often includes additional documents, source of wealth checks and closer monitoring.

What is the difference between CDD and EDD?

CDD is the baseline due diligence for low to medium-risk customers, while EDD is reserved for high-risk customers and involves greater scrutiny, more information, and higher-level approval. Both are part of a risk-based approach to KYC and AML.

Home › Compliance Glossary › What is CDD vs EDD?

What is CDD vs EDD? 2025 Beginner Guide

Q: Do CDD and EDD apply in crypto?

Yes. Crypto exchanges and VASPs apply CDD to regular users and EDD to higher-risk customers, such as large traders, complex entities or wallets with high-risk exposure on the blockchain. CDD and EDD are essential parts of crypto KYC and AML frameworks.

CDD (Customer Due Diligence) and EDD (Enhanced Due Diligence) are two levels of due diligence used in KYC and AML programs. They help banks, fintechs, and crypto platforms decide how much effort to apply when assessing a customer’s risk.

In simple terms: CDD is standard due diligence for normal-risk customers, while EDD is deeper, more detailed due diligence for higher-risk customers. Both are core to a risk-based approach to financial crime compliance.

What is CDD (Customer Due Diligence)?

CDD is the baseline due diligence you perform on most customers. It aims to:

Identify the customer: Collect ID, address, and key personal information.
Verify the identity: Confirm that documents are genuine and belong to the person.
Understand the customer profile: Occupation, expected activity, geography, and product usage.
Assign a risk level: Decide if the customer is low, medium, or high risk.

CDD is applied to the majority of customers in banks, fintechs, payment institutions, and VASPs.

What is EDD (Enhanced Due Diligence)?

EDD is applied when a customer presents higher risk of money laundering, terrorist financing, sanctions breaches or other financial crime.

Examples of high-risk factors include:

PEPs (Politically Exposed Persons)
High-risk industries or business models
High-risk or sanctioned-adjacent countries
Complex corporate structures and layered ownership
Unusual transaction behaviour or previous suspicious activity
Crypto-related activity in a traditional bank context

EDD typically includes deeper questions, extra documents and closer monitoring.

CDD vs EDD – What Is the Difference?

The core difference between CDD and EDD is the level of scrutiny and depth of information collected.

Aspect	CDD (Customer Due Diligence)	EDD (Enhanced Due Diligence)
Risk level	Low to medium risk	High risk
Purpose	Standard identification and basic risk understanding	Deep assessment of source of funds, intent and risk
Information collected	Basic ID, address, occupation, expected activity	Additional documentation, source of wealth, deeper background checks
Approval level	Standard KYC review level	Senior compliance / MLRO involvement
Monitoring	Regular monitoring	Closer, more frequent monitoring and periodic reviews

In a risk-based framework, you start with CDD and escalate to EDD when risk indicators justify it.

How Do CDD and EDD Apply in Crypto?

For VASPs and crypto exchanges, CDD and EDD combine both off-chain identity data and on-chain behaviour.

CDD for regular retail users with normal trading activity.
EDD for:
- High-value traders and OTC clients
- Customers with links to high-risk jurisdictions
- Entities with complex ownership structures
- Wallets interacting with high-risk or illicit tags

Crypto platforms use blockchain analytics to support EDD decisions – for example, checking if a wallet has exposure to mixers, darknet markets, scams or sanctioned entities.

Who Performs CDD and EDD in a Compliance Team?

KYC / CDD Analysts
EDD / High-Risk Review Analysts
Compliance Officers / Managers
MLRO (Money Laundering Reporting Officer)
Crypto KYC / AML Officers in VASPs

These professionals must understand regulations, risk indicators, documentation quality and when to escalate to EDD.

How to Build Strong CDD & EDD Skills (Traditional + Crypto)

Employers increasingly look for professionals who can apply CDD and EDD in both traditional banking and crypto / VASP environments. AC3O’s certifications are designed precisely for that crossover.

AC3O – KYC, AML & Crypto Compliance Certifications

C3O – Certified Crypto Compliance Officer (Gold Standard): Covers the full crypto compliance lifecycle — KYC, CDD/EDD, AML, Travel Rule, VASP compliance and investigations. View C3O →
C2KO – Certified Crypto KYC Officer: Focused on KYC, CDD, EDD and onboarding for crypto customers on exchanges and VASPs. View C2KO →
C2AO – Certified Crypto AML Officer: Connects CDD/EDD decisions with crypto AML, transaction monitoring and SAR/STR reporting. View C2AO →

Build Your CDD & EDD Expertise with C3O →