Understanding PEPs in banking

While politically exposed persons (PEPs) may transact with banks exactly the way typical clients do, regulators around the world expect firms to manage PEPs with a higher degree of scrutiny.

This article will take a closer look at:

• Who can be considered a PEP;
• The risks banks need to mitigate; and
• What banks should be doing to oversee these relationships.

What is a PEP in banking?

A PEP is anyone who has been appointed to a high-profile position by a government body, usually within the last 12 months. This can include: 

• Ministers of all ranks.
• Heads of government.
• Heads of state.
• Members of parliaments.
• Ambassadors. 
• High-ranking officers in the armed forces.
• Administrators and managers of state-owned enterprises.
• Members of courts and national judicial bodies.
• Those serving on the boards of central banks.

Crucially, PEPs also include the family members of anyone with such positions, their close business associates as well as any beneficial owner of their property.

According to the Financial Action Task Force (FATF), there may be foreign PEPs, domestic PEPs, and those entrusted with prominent functions by state-owned enterprises and international organizations. Notably, any PEP deemed a foreign PEP is simultaneously deemed a de facto domestic PEP in their own country.

In light of this, banks may consider their clients a PEP if:

• They receive funds in retainer form from government accounts.
• Communicate using official stationery from government organizations.
• News reports or conversations suggest they are linked to someone who could be considered politically exposed.

Put simply, if there is reasonably available information that could help identify a client as a PEP – in the public domain, through public registers, or via commercial databases – then regulators expect banks to take additional measures when dealing with them.

The risks associated with PEPs in the banking industry

When working with PEPs, the primary risks are that the proceeds of bribery and corruption can be laundered through banks, and assets from their country of origin can be obfuscated by complex financial misconduct. These clients are considered more risky to work with because of the access they may have to public resources and the influence they often wield over the movement of large sums of money.

Even if they aren’t participating in illicit activities of their own volition, they can often be the target of parties who want to manipulate the outcomes of legislation and contract negotiations.

•  They may try to launder funds acquired illegally through bribery and embezzlement.
• They may participate in financial crimes like wire fraud to hide the source and destination of their funds.
• They may use funds to conduct or hide broader crimes such as extortion and theft.

Given these sizable risks – and the myriad permutations of criminal activity they make possible – banks need to be able to readily identify and investigate any red flags thrown up by politically exposed clients to ensure their organizations aren’t exposed to the risks of economic crime.

The regulatory landscape for PEP management in banks

Even though there isn’t a global definition or regulation that applies to the treatment of PEPs around the world, the 39 member nations of the FATF implement the standards and procedures laid out in the FATF guidance.

More specifically, national legislations and international bodies that lay out rules for the heightened scrutiny expected of PEPs include:

• Australia’s Anti-Money Laundering and Counter-Terrorism Financing Act (AML/CTF Act) of 2006 outlines the identification process banks must undertake for PEPs as well as additional due diligence measures and risk management systems.
• Canada’s Proceeds of Crime and Terrorist Financing Act of 2001 lays out reporting and risk management requirements with domestic PEPs retaining their classification for five years after they leave office and foreign PEPs retaining it forever.
• The Financial Action Task Force of Latin America (GAFILAT) is an intergovernmental organization that oversees the implementation of AML and CTF procedures in 17 Latin American countries across south, central, and North America.
• The Middle East and North Africa Financial Action Task Force (MENAFATF) oversees the implementation of FATF’s 40 recommendations in the region.
• Singapore’s Monetary Authority of Singapore (MAS) Notice 626 similarly requires financial institutions such as banks to apply enhanced due diligence (EDD) of PEPs as well as their relatives and close associates (RCAs).
• South Africa’s Financial Intelligence Centre Act was amended to refer to politically influential people (PIP) to also account for private sector officials who have business dealings with elected officials in public services procurement deals.
• The UK’s Money Laundering Regulations set in 2017 mirror the FATF’s definition and recommendations in important ways, while the Financial Conduct Authority (FCA) and Joint Money Laundering Steering Group publish comprehensive guidance on how to manage PEPs.
• Article 3, Number 9 of the European Union’s Directive 2015/849 sets out the definition of PEPs, and several European nations adhere to the FATF’s recommendations.
• The US’ Financial Crimes Enforcement Network (FinCEN) and Office of Foreign Asset Control (OFAC) implement the regulations set out for ‘foreign officials’ (known elsewhere as PEPs) in the Bank Secrecy Act and the PATRIOT Act with requirements for enhanced due diligence and suspicious activity reports (SAR).

The cost of failing to comply with these regulations and guidelines ranges from financial penalties to reputational damages and even sanctions that place banking organizations on worldwide black and grey lists. In some cases, a bank’s charter may even be threatened. 

Why banks struggle with PEP screening

The process of screening PEPs poses a number of distinct challenges for banks trying to implement the appropriate AML processes:

• Customer onboarding processes can take longer when clients need to undergo EDD. This is particularly problematic for the customer experience when controllers have to oversee many false positives, and compliance officers have to rely on low-quality alerts, old data, and flat file uploads.
• Operationally, EDD activities rely on the integration of multiple data feeds, case management systems, and customer relationship management (CRMs). Without the appropriate connections, workflows become slow, and organizations struggle to report suspicious activity in time.
• Differences in regulations between different countries can also cause a lack of consistency in processes across branches. For instance, while domestic PEP screening isn’t mandatory in the United States, it is required in most other countries around the world. Banks need to be able to comply with local requirements.

How banks can mitigate the risks of working with PEPs

There are a number of best practices banks can adopt to better manage and screen PEPs in a way that tackles the very real risks of working with them while still preserving the customer experience.

Central to these efforts is establishing protocols for EDD that can be applied either to all PEPs as well as their relatives and close associates or, at the very least, to those PEPs known to pose a higher degree of risk.

• Use higher-quality data: Banks need to be able to maintain their own PEPs list based on a synthesis of multiple different data sources because it isn’t always apparent which clients require PEP status.
• Augment the screening process: Banks should also be screening for adverse media coverage and negative news stories which might alert them to hidden risk.
• Implement a risk-based approach: Banks need to be able to offer different degrees of screening and due diligence to PEPs that pose different degrees of risk. This should vary based on the type of PEP and the jurisdiction they’re from. Crucially, banks should be monitoring this status on an ongoing basis.
• Invest in training: Ultimately, banks need to invest heavily in giving their compliance officers the training and education they need to appropriately analyze alerts and act on novel information. It means investing to improve their workflow so they can operate with confidence at speed.

Advanced PEP screening solutions for banks

To effectively and efficiently manage screening PEPs – and more broadly, manage the challenge of anti-money laundering in banking – firms need access to intelligent automation and workflow solutions. Key features of an advanced PEP screening solution to look out for include:

• Access to real-time, global data with reliable processes that use machine learning to monitor more than 7000 structured data sources for PEPs, their relatives, and their close associates.
• Structured entity-based profiles that automatically capture changes in risk so they can be put through a formal process of approval and control that’s intuitive and quick for compliance officers.
• Sophisticated, configurable matching technology that makes it easier to identify typos and changes while also providing the ability to configure screening parameters based on a firm’s risk-based approach.