Fighting financial crime committed by political figures starts with identifying them. It’s easy to identify a head of state or key members of a legislature, but there are many politicians in the world who don’t claim a significant spotlight. Screening for politically exposed persons (PEPs) is a crucial part of a financial institution’s AML program, it’s incredibly challenging to get it right.
The lack of a universally agreed-upon definition for what constitutes a PEP is the first hurdle. The varied and disparate PEPs lists and resources financial institutions (FIs) must consult to identify a PEP further complicate the process. Finally, uncovering an individual’s relatives or close associates (RCAs) adds another big wrinkle, given the nebulousness inherent in these terms and that these relationships change over time.
Nevertheless, FIs must develop processes that screen for and monitor PEPs. They must also be alert to changes in PEP legislation to ensure continued alignment. Otherwise, they face hefty fines from regulators. Here are 6 best practices FIs should follow when fine-tuning their PEPs screening process.
Prioritize High-Quality Data
Too often, compliance officers resort to screening potential and existing customers with ad-hoc Google searches, which are imprecise, time-consuming and costly. Misspellings, transliteration variations and aliases make their already difficult job even harder. But while that single, global PEPs list may forever remain on a compliance officer’s wish list, FIs can invest in the next best thing: a tool that simulates that experience. An automated solution that collects and synthesizes data for you from a wide range of trusted, high-quality sources, as well as continually scans for updates, will significantly streamline your screening process.
Supplement Standard PEPs Screening Process
Given the ambiguity inherent in screening for PEPs and their relatives and close associates, additional due diligence checks during onboarding and throughout the customer relationship may be warranted. Monitoring for adverse media and negative news may surface information about the financial crime or reputational risk a customer poses that official PEPs and RCAs lists may not. Therefore, performing regular adverse media and negative news checks expands the pool of available customer data and provides FIs with additional context.
Take a Risk-Based Approach to Identifying PEPs and RCAs
While all PEPs are vulnerable to corruption, one size doesn’t fit all when it comes to screening them. PEPs exist on a spectrum: heads of state or senior officials of prominent organizations exercise significantly more authority than PEPs who hold middle-level positions. Also, foreign PEPs are generally considered higher-risk than domestic PEPs, given that the FI may not fully understand the foreign PEP’s background and connections. Performing enhanced due diligence measures may, therefore, be necessary for one class of PEPs but overkill (and not the best use of time and resources) for another. FIs must take a risk-based approach to their IDV and KYC processes based on the type of PEP (or, in the case of an RCA, their relationship to the PEP), the PEP’s jurisdiction, the level of corruption in that jurisdiction, among other factors.
Apply that Approach Throughout the Relationship
Nevertheless, it’s important to remember that your risk-based approach mustn’t stop at the point of identification. Deciding the level of risk they pose and whether to do business with them is only the first step. After onboarding, an FI needs to have processes in place to ensure they’re applying an appropriate level of increased scrutiny to all customer activity. Conduct an analysis of the risk level they pose and the nature of their business with you. Then configure rules and set thresholds based on the risk category you’ve assigned them to ensure proper transaction and behavior monitoring. Lastly, establish solid ongoing monitoring processes that apply to your entire client base. As Francesca Dowling, Head of Compliance at Amaiz, reminds us, “a customer could become a PEP or be subject to adverse media reports at any point during the business relationship.”
“A customer could become a PEP or be subject to adverse media reports at any point during the business relationship.”Francesca DowlingHead of Compliance at Amaiz
Re-Evaluate After Changes in PEP Status
While “once a PEP, always a PEP” is a good general rule of thumb, a politician or high-level appointee may not always pose the same level of risk after leaving their post. When PEPs move on from their role, it may be possible to declassify them and place them into a lower risk category, with different alert thresholds, after some period of time. Nevertheless, this decision depends on many factors, including the jurisdiction in which the FI operates — some countries, such as Mexico, don’t allow this at all, while others have specified time limits (usually a year to 18 months). The country’s corruption level, the time spent in their post, the extent to which they’re still politically connected and the degree of influence they still hold are other important factors to consider.
“As new scenarios emerge, it’s critical to make impacted staff aware of those scenarios [right away] so that they can better identify such instances in the future.”Keith SalmonCompliance Director at Caxton FX
Invest Heavily in Proper Training
Investing in an automated solution that relies on high-quality data sources is a good first step toward closing gaps in your PEPs screening strategy. But world-class tools that do the heavy lifting still require compliance officers to clear alerts and take action on the information provided. Therefore, rooting out corrupt activity depends just as much on your employees. To ensure a uniform and regulatorily-sound risk-based approach is being followed, all personnel must be properly trained (and periodically refreshed) on internal processes, risk categories, relevant regulations, and so on. Keith Salmon, Compliance Director at Caxton FX, for example, ensures his employees go through annual training and, afterward, are tested on their knowledge. Equally important, according to Salmon, “as new scenarios emerge, it’s critical to make impacted staff aware of those scenarios [right away] so that they can better identify such instances in the future.” Governments and regulatory bodies worldwide recognize how hard it is to identify and efficiently monitor PEPs, and there have been attempts to bring clarity to the PEP screening process. 5AMLD’s requirement that EU member states make available a functional PEP list is one such example. But ensuring that such attempts are effective in practice is easier said than done. Political shifts — both predictable and unpredictable — trigger changes in PEP status. Further, while there are indeed career politicians who stay in their positions for years, many political figures are transient, with tenures lasting only a short while. So PEP lists must not only be created but also diligently maintained to provide actionable guidance.
“PEP screening will eventually become mandatory for all financial transactions, including those carried out by designated non-financial businesses and professions.”Athma RaiHead of Compliance at Al Fardan Exchange
Putting Practices in Place
Given that identifying PEPs remains the FI’s responsibility — and will remain so for the foreseeable future — FIs must ensure they’re implementing the above best practices and continually tweaking their process for maximum efficiency and effectiveness.
Further, Athma Rai, Head of Compliance at Al Fardan Exchange, predicts that “PEP screening will eventually become mandatory for all financial transactions, including those carried out by designated non-financial businesses and professions.” He, therefore, goes on to emphasize the importance of being “ready with effective tools and technologies” in order to simultaneously ensure compliance and provide a great customer experience.
All that said, your level of readiness starts with a thorough understanding of PEPs — what they are, the challenges around screening for them and everything in between.