The lifecycle of a PEP: From identification to removal

Both industry regulators and the Financial Action Task Force (FATF) consider politically exposed persons (PEPs) to pose a higher risk of corruption and involvement in money laundering and/or terrorist financing. To effectively mitigate the potential risks posed by such activities, financial institutions (FIs) are required to implement enhanced due diligence (EDD) measures. These measures encompass obtaining additional customer identification materials and establishing the source of funds or wealth for each entity. As a result, there arises a need for precise and up-to-date PEP data, readily accessible to banks and FIs. This invaluable resource empowers them to thoroughly screen entities during the onboarding process, ensuring a comprehensive risk assessment and bolstering their overall security framework.

In this article, Madalina Morar, International Affairs Research Analyst, explains how PEP data is collected by ComplyAdvantage, highlighting the seven steps that are involved from initial PEP identification right through to removal. 

The ComplyAdvantage PEP data collection process explained

1. Research local legislation

Since there is no universal definition of a PEP, data ingestion starts with research into local legislation. At ComplyAdvantage, a dedicated research team, called the International Affairs Research Analysts (or IARA), is utilized to perform an in-depth analysis of the legislation in each country.

2. Match requirements to our internal taxonomy

Local requirements are then compared against our internal inclusion criteria. This step is important because each country has its own peculiarities, and getting acquainted with local legislation helps our team to standardize the company’s coverage by matching it to our internal taxonomy. It also provides us with the ability to ensure consistency and predictability across all of our data.

Our team developed an internal classification system to help our customers better understand the risk level of each PEP position that we collect. This is something that sets ComplyAdavantage apart from other data providers as it allows for a quicker analysis on the part of the customer while onboarding new users.

3. Check existing data

Next, we consider the existing data we have for that jurisdiction. Since we don’t want to duplicate data, it is important to check what coverage we already have. This also provides us with the ad-hoc opportunity to double-check the most relevant data sections for each jurisdiction (we have steps and processes in place to periodically check them as well).

Depending on the type of improvement project we are undertaking, we then search for and identify each institution or company relevant to the jurisdiction. A member of the IARA team evaluates each institution to conclude which leadership positions are considered PEPs, in line with the jurisdiction’s legislation and our internal classification.

Most of the time, each jurisdiction comes with additional challenges, most often varying languages and scripts. We have found that the best approach is to tackle each country using its official language and script to provide the highest chance for a correct match, avoiding any translation errors.

4. Conduct a four-eyes check

After a research project is finished, another member of the IARA team reviews the resulting documentation for possible errors or missing information. This part of the process ensures that human error is corrected and provides an extra layer of quality assurance.

5. Ingest data from the source website

For each identified institution, we scrape and store the data available on the source website (the website displaying the best version of the data we are looking for, coming from official sources, covering as many entities as possible with the most data points). 

This process includes several checks along the way to ensure the highest data quality possible. At this point, if any of our customers are monitoring a name we are introducing as PEP, they will be notified of this additional information.

6. Enrich PEP profiles

Thanks to our engineering team, after initial data ingestion, we are able to enrich each new PEP profile with further information available through various search engines. These data points help to make our PEP profiles easier to differentiate, bringing further value to our customers.

The unique structure of our data gives us the ability to update it on a regular basis, as well as intervene with corrections when necessary. Updates are generated through regular automated checks of the source website and specialized teams correct any errors. We have over 40,000 sources checked this way. This is a process that allows us to send notifications to our customers whenever a monitored PEP has a change on their profile, (be it a resignation or an additional PEP position) that could mean the modification of their PEP score.

7. Update profiles to reflect status changes

As soon as the websites we collect data from are updated with new information, we can reflect the changes quickly (prioritizing the most high-risk sources) with minimal human intervention as we implement high quality checks and balances during data ingestion. The teams we have invested in to make our data structures possible work tirelessly to deliver to the highest standards our customers have become accustomed to.

PEP removal can occur when the entity’s mandate expires, or they resign and the entity is removed from the source website. When this happens, we reflect it in our database by adding a ‘removal date’ tag to the PEP position on our platform.

Enhance the PEP screening process 

For compliance teams looking to enhance their PEP screening process, the following principles should be considered: 

• Data quality: The utmost importance lies in the quality of data that firms collect about their customers. This data quality directly translates into the ability to swiftly and accurately determine PEP status.
• Global reach: A truly comprehensive PEP screening process encompasses screening customers against a vast array of live data sources, spanning international, regional, local, and proprietary channels.
• Risk-based approach: Customizable search profiles should be used to apply different search settings to groups of customers based on a firm’s business model and risk appetite.
• Supplementary screening: Augmenting the PEP screening process with additional checks, such as adverse media screening, provides an extra layer of scrutiny, enhancing the overall risk assessment.
• Continuous monitoring: As PEP legislation evolves over time, businesses must proactively monitor regulatory trends to understand their implications and adapt their processes accordingly, ensuring ongoing adaptability and compliance.

By embracing these guiding principles and key considerations, FIs can establish a robust and efficient PEP screening process, bolstering their ability to combat financial risks and safeguard their operations with confidence.