As we foray into 2024, politically exposed persons (PEPs) continue to produce significant challenges across the globe. This is especially true for financial services organisations, which need to balance the potential risks of dealing with PEPs, as well as protecting the right to access banking service.
While it is clear that organisations need to develop a risk-based approach to address PEP-related risks in the coming year, it is less obvious how they can begin to do this.
Here, both Alia Mahmud, global regulatory affairs practice lead at AI-driven fraud and AML risk detection firm ComplyAdvantage and Justin Fitzpatrick, COO and co-founder of FullCircl, the customer lifecycle intelligence platform, explore shortcomings due to the lack of a globally agreed upon definition for PEPs, as well as how financial organisations can improve their practices regarding this field.
The issue of PEPs was a thorny topic throughout 2023.
With 40 countries worldwide conducting national elections in 2024, many of which have the potential to change the political landscape fundamentally, the issue of PEP screening and monitoring is high on the agenda. Given this backdrop, things are about to become a lot more complex for banks and financial service providers as they seek to onboard new customers and maintain due diligence on existing ones.
When it comes to PEPs, financial institutions (FIs) are walking a tightrope, balancing three key factors: The potential risks of dealing with PEPs, the right to access financial services, and the investment in technology and manpower to meet legal and regulatory obligations.
They’re doing it all under the ever-watchful eye of regulators who are amplifying the need for vigilance and quick to dole out hefty fines for those who get it wrong. Given the high public profile of PEPs, there are also significant reputational risks if a customer feels mistreated.
The implications of onboarding a PEP
Keeping track of who qualifies as a PEP is time-consuming and labour-intensive, as analysts must complete exhaustive checks to answer myriad questions:
Is this person who they say they are? Who are they associated with? Are they a foreign national? What is the nature of their business? Is a local official a PEP in the same way as a national politician? What is their source of wealth, and how can that be verified? How long should they be designated a PEP after leaving office? Does an individual or organisation with significant influence, whilst not being formally political, require PEP status?
Of course, even when a PEP has been successfully identified, FIs still need to weigh up whether the ongoing monitoring associated with having them as a customer is cost-effective.
Given the current economic landscape, it is perhaps no wonder some financial institutions have considered de-risking their approach to PEPs.
A distinct lack of clarity
To make things even more complicated, there’s no globally agreed definition of a PEP.
The Financial Action Task Force (FATF), the global standard setter for anti-money laundering requirements, defines a PEP as ‘an individual who is or has been entrusted with a prominent function. Many PEPs hold positions that can be abused for the purpose of laundering illicit funds or other predicate offences such as corruption or bribery’.
This principles-based approach gives countries latitude with how they interpret the guidance in their territory. The FCA has delivered stronger guidance on PEPs with clear examples of the challenges.
But still, it’s tough to find a definition that works for all jurisdictions, types of public function, relatives and close associates etc, leaving it up to individual organisations to interpret and enact the guidance based on their culture, risk appetite, and compliance framework.
As such, the level of nuance institutions take to dealing with PEP risks varies dramatically. In a recent poll conducted by FullCircl and ComplyAdvantage, only 13.3 per cent adopt a highly nuanced approach, with policies and processes customised to all countries of operation.
The majority adopts a globally standardised approach with some differentiation in PEP levels. Around 17.4 per cent operate a one-size-fits-all approach, a worrying finding given that seven out of 10 FIs view financial crime compliance as one of, if not the, most concerning regulatory challenge they currently face.
Towards a risk-based approach
The purpose of identifying PEPs is to determine the level of risk they pose and the steps that need to be taken to mitigate potential criminal conduct by them, their family members, close ties, and associates. Forming a risk-based approach can help FIs link their methodology back to their wider risk appetite and strategy.
Applying enhanced due diligence that draws upon the wealth of third-party data at an FI’s disposal is vital to the successful identification and classification of PEPs. This can help with undertaking comprehensive risk assessments, delivering efficient onboarding experiences, and achieving continuous due diligence through trigger-based monitoring of individual PEPs and the wider political landscape.
The FIs leading the way in building such a risk-based approach are those harnessing all available data points, including individual and familial insights, customer intelligence/KYC, Ultimate Beneficial Owner and company structure, industry and jurisdictional knowledge, financial background, source of wealth, adverse media screening, as well as relevant indexes.
From financial crime compliance to financial crime prevention
Best practice approaches include:
- Automated screening – Real-time global coverage to pre-screen for political exposure, sanctions, and adverse media to ensure customers are not involved in illegal or prohibited activities.
- Graph data visualisation – Recognising the connections between directors, shareholders, and group companies up to the Ultimate Beneficial Owner to understand any risks associated with PEPs.
- Identity verification – Verify identities in real time with automated document verification and facial comparison technology.
- Perpetual KYC – Event-based alert notifications of changes to watchlists, and financial and credit information.
- Ongoing monitoring: Proactive monitoring of regulatory trends to understand their implications and adapt processes accordingly, ensuring ongoing adaptability and compliance.
There’s no time to waste
The UK government has estimated that money laundering costs the economy more than £100billion each year, with the IMF estimating that financial crime equates to two to five per cent of global GDP. Failing to take action on PEP risks can be punishable by fines of up to £1million, a figure that could more than double with the cost of associated reputational damage
In June 2024, the FCA will also publish its review of the treatment of domestic PEPs by FIs, and will proceed to assess how organisations are conducting risk-based due diligence on their clients – applying the definition, conducting risk assessments, applying enhanced due diligence and ongoing monitoring, and de-risking.
Action will likely be taken where they spot deficiencies in PEP risk handling. Access to the right data and PEP screening tools can ensure FIs don’t just adopt a tick-box exercise to PEP risks but are prepared for the challenges ahead in 2024 and can scale up their response.
