Money laundering scandals involving politically exposed persons (PEPs) have become all too common in recent years, exposing the involvement of some of the world’s most powerful and wealthy individuals in illicit financial activity. These scandals, including the 1MDB scandal, the Panama Papers, the Pandora Papers, and the involvement of Russian oligarchs in masking the ownership and source of funds as they moved capital out of Russia in the run up to and after the invasion of Ukraine, highlight the pervasive and far-reaching problem of money laundering.
PEPs, individuals with prominent public functions or positions of influence, are at a higher risk of corruption and money laundering. The involvement of PEPs in these scandals emphasizes the need for financial institutions to have a strong PEP compliance program in place. This program should identify and conduct enhanced due diligence on PEPs to mitigate financial crime risk and protect the integrity of the financial system.
As an anti-money laundering (AML) compliance officer, understanding the risks, regulations, and expectations related to PEPs is critical for setting up an effective anti-money laundering program that manages PEP-related risks and ensures compliance with regulatory requirements. In this article, we will explore the key components of an AML program that addresses PEPs and the challenges related to PEP due diligence. Our goal is to provide you with the knowledge and tools necessary to manage PEP-related risks and meet regulatory expectations in the fight against money laundering.
What is the definition of a politically exposed person (PEP) and why are they considered high-risk?
A politically exposed person (PEP) is defined as an individual who holds or has held a prominent public function or a position of influence, such as current or former government officials, politicians, judges, military personnel, or senior executives of state-owned enterprises. The US only defines PEP as Senior Foreign Political Figure (SFPF), i.e. people outside the US with political influence.
PEPs are considered high-risk for money laundering primarily through bribery and corruption, and even terrorist financing in some jurisdictions, due to their potential access to public funds, ability to influence government contracts or policies, and potential involvement in illegal activities. As a result, businesses that deal with PEPs must take additional steps to ensure that they are not inadvertently facilitating financial crime. It is important to note that this does not imply that all PEPs are involved in criminal activity.
Additionally, PEPs may use family members and close associates to avoid being caught conducting illegal activities. For example, they may transfer money to them or use their names to hide their assets. It is important to identify family members or relatives and close associates (RCAs) of PEPs to detect potential risk and any illegal activities in which they may be involved on behalf of the PEP. Identifying and understanding these relationships can help organizations get a better understanding of the risks associated with the PEP and to more effectively monitor transaction activity for potentially illicit activity.
How long does an individual remain classified as a PEP?
The duration of PEP status is not fixed and varies per jurisdiction. Regulators recommend a risk-based approach by considering possible risk factors like the level of informal influence that the individual could still exercise, the seniority of the position that the individual held as a PEP, and whether the individual’s current or previous function is linked in any way.
We recommend reviewing the guidelines provided by regulators in the jurisdictions where you operate. Below are the recommendations from some of the regulators in the US, UK, and EU:
Financial Action Task Force (FATF) – Regarding Politically Exposed Persons (PEPs), FATF recommends a risk-based approach without predetermined time limits on how long a person should be considered a PEP. Refer to FATF recommendations 12 and 22 along with the related FATF guidance.
Financial Conduct Authority (FCA) – Refer to paragraph 2.19 of FG 17/6 for the treatment of PEPs for anti-money laundering. The FCA advises that even if a PEP is no longer in a public position, they should still be subject to extra careful investigation for at least 12 months. However, some firms may choose to continue these measures for a longer period if they believe the risk is higher for that specific PEP.
EU Directive – Under article 22 of Directive 2015/849 of the European Parliament and of the Council, organizations must consider the continuing risk posed by a politically exposed person for at least 12 months after they are no longer entrusted with a prominent public function by a Member State or a third country, or by an international organization. They must also apply appropriate and risk-sensitive measures until the person is deemed to pose no further risk specific to politically exposed persons.
What are the regulatory requirements regarding PEPs?
AML regulations require financial institutions to implement enhanced due diligence (EDD) measures when dealing with PEPs to mitigate the risks of money laundering or terrorist financing. These measures include:
Identification and risk assessment: Organizations must identify PEPs, including their relatives and close associates. Screening is a control that facilitates the identification of PEPs. Organizations may screen their customers against specialized PEP databases during onboarding and on a regular basis. They must then perform a risk assessment taking into account factors such as the nature of the PEP’s position, the level of influence they have, and their geographical location.
Enhanced Due Diligence (EDD): Organizations must conduct enhanced due diligence when dealing with high-risk PEPs. This includes conducting ongoing monitoring of the PEP, reviewing the source of their wealth, and establishing the purpose of the account opening or transaction.
Approval and monitoring: Organizations should obtain approval from senior management before establishing a business relationship with a PEP. They must also continuously monitor the relationship and update their risk assessments as necessary. Some organizations also take the extra precautionary step of monitoring their PEP accounts against real-time adverse media for more proactive risk mitigation efforts.
Record-keeping: Organizations must keep records involving PEPs and maintain these records for at least five years.
Reporting: Organizations must report any suspicious transactions involving PEPs to the relevant authorities and cooperate with law enforcement agencies as necessary.
How to obtain PEP lists for screening
Many specialized data providers offer PEP data, such as Dow Jones, World-Check, LexisNexis WorldCompliance and NominoData that can easily be plugged into screening software. These lists are often updated regularly and include details such as the PEP’s name, position, and country of origin.
We recommend you consider the quality of data on both your customer list and the PEP databases.
Setting up a PEP screening process
Setting up a PEP screening process involves several steps, including:
Determine your PEP risks and obligations: Identify the risk associated with your business and the PEP lists relevant to your business based on the jurisdictions in which you operate. Seek advice from experts in the field.
Choose PEP screening software: Choose PEP screening software that can screen against the PEP lists you’ve identified.
Customize your PEP compliance and screening program: Customize your internal controls and procedures as well as your screening tools and configurations to effectively identify and manage PEP risks.
Integrate the software: Incorporate the PEP screening software into your existing systems and workflows to ensure a seamless and efficient process.
Educate your team: Train your personnel on how to utilize the screening software and the significance of adhering to PEP compliance requirements.
Regularly screen against PEP lists: Conduct PEP screening during your KYC process and on a routine basis for all customers with whom your business interacts.
Keep up to date with changes: Keep up to date with any changes or revisions to PEP lists and adjust your screening program accordingly.
Monitor and evaluate the program’s effectiveness: Develop procedures for assessing and analyzing the program’s effectiveness and ensure that it is adaptable and can adjust to changes in your business or the regulatory environment.
Challenges to PEP screening
Businesses may encounter several hurdles that can impact the effectiveness of PEP screening. Some common obstacles include:
Keeping PEP data up to date: PEP lists are frequently updated, and businesses must ensure their screening software is up to date to identify new risks.
Compliance: Implementing a comprehensive PEP screening program requires significant investments in terms of resources, time, and money.
Keeping up with regulations: PEP regulations and requirements can differ across various jurisdictions globally, making it difficult for businesses to remain informed and compliant, thus avoiding potential violations.
Data quality: The accuracy of PEP screening results can be impacted by the quality of the data used in the screening process. Poor data quality can result in false negatives, leaving the business exposed to the risk of substantial fines.
Volume of data: For businesses with large customer bases and high transaction volumes, processing significant amounts of customer data quickly while reducing false positives can be a challenging task.
False positives: Sanctions screening software may produce alerts that are not valid, resulting in unnecessary delays and increased costs in review processes.