Enhanced Customer Due Diligence
As regulators worldwide roll out stringent new rules amid surging financial crimes, enhanced customer due diligence emerges as a critical shield, with non-compliance risking fines in the hundreds of millions by mid-2026.
Key takeaways
- •Major regulatory overhauls in the EU and Australia, effective from 2026, mandate deeper scrutiny of high-risk clients, driving up compliance costs but curbing money laundering flows estimated at trillions annually.
- •Fines for inadequate due diligence reached $48.5 million in a single New York case in 2025, signaling escalating penalties that could cripple mid-sized banks without updated systems.
- •The shift to AI-driven perpetual monitoring reveals trade-offs: faster risk detection versus privacy concerns, as institutions grapple with false alerts overwhelming compliance teams.
Regulatory Escalation
Global financial regulators are intensifying requirements for enhanced customer due diligence (ECDD), driven by persistent threats from money laundering and terrorist financing. In the European Union, the new Anti-Money Laundering Regulation demands less mandatory data for low-risk clients but triggers dynamic enhanced checks for high-risk ones, with full implementation slated for 2027. Australia's Tranche 2 reforms, starting July 1, 2026, extend obligations to lawyers, accountants, and real estate agents, modernizing transaction tracing to combat illicit flows.
These changes stem from recent spikes in sophisticated crimes, particularly in digital assets and cross-border transactions. The Financial Action Task Force updated its high-risk jurisdictions list in February 2026, urging intensified monitoring for countries like Iran and North Korea. In the US, FinCEN's February 2026 relief streamlines some due diligence for existing clients but maintains rigorous standards for new accounts, reflecting a push toward risk-based efficiency amid 2025 enforcement actions that imposed over $100 million in penalties.
Businesses face tangible impacts: financial institutions must invest in AI and digital identity systems, with setup costs potentially exceeding $10 million for larger firms. Real estate sectors, newly regulated in Australia, risk operational halts if unprepared, while investment advisers get a reprieve until 2028 but still need to enhance programs. Non-compliance has led to restrictions, as seen in a 2025 New York settlement requiring $22 million in remediation.
Less obvious tensions include balancing automation's speed with accuracy—AI reduces false positives by up to 70% but raises data privacy issues under GDPR. Stakeholder conflicts arise: regulators demand transparency, yet businesses worry about competitive disadvantages from uneven global enforcement. Surprising data shows perpetual KYC catching 40% more risks than periodic reviews, but at the cost of higher ongoing expenses.
Sources
- https://www.ey.com/en_lu/insights/financial-services/how-to-prepare-your-cdd-and-onboarding-for-the-eu-aml-overhaul
- https://amlwatcher.com/blog/aml-checks
- https://www.fatf-gafi.org/en/publications/High-risk-and-other-monitored-jurisdictions/Call-for-action-february-2026.html
- https://www.gibsondunn.com/2025-year-end-developments-in-anti-money-laundering
- https://www.csiweb.com/what-to-know/content-hub/blog/aml-compliance-outlook-2026
- https://www.bakertilly.com/insights/aml-financial-crimes-compliance-2026-trends
- https://smartkyc.com/kyc-regulatory-trends-to-watch-in-2026
- https://www.austrac.gov.au/amlctf-reform/reforms-guidance/amlctf-program-reform/customer-due-diligence-reform/enhanced-customer-due-diligence-reform
- https://www.anaptyss.com/blog/aml-and-kyc-trends-to-look-for-in-2026-for-banks-and-financial-institutions
- https://www.dentons.com/en/insights/alerts/2026/january/29/current-reporting-entities-gear-up-for-imminent-aml-ctf-reforms
- https://alessa.com/blog/enhanced-due-diligence-in-2026
- https://www.plantemoran.com/explore-our-thinking/insight/2026/01/q4-2025-compliance-updates-for-financial-institutions