The UK Government has made it clear that they are committed to stamping out corruption within financial markets and the wider economy.
To that end, large amounts of money are being invested in the continuing fight to secure UK markets from money laundering and financial crime. Firms need to be contributing to this effort by effectively responding to the risks of politically exposed persons (PEPs).
On the 31st October 2018, the National Crime Agency will commence its new National Economic Crime centre — with an initial budget of £6 million and 55 staff — to tackle the threat of corruption. This renewed crackdown is in line with the powers introduced through the Criminal Finances Act 2017. The Act allows law enforcement authorities to apply for an Unexplained Wealth Order from the High Court that instructs non-EEA PEPs, or individuals suspected of being involved in serious crime, to explain their source of wealth.
Firms need to be forward thinking in their approach to onboarding PEPs and how they manage the associated risks. Each PEP will be unique in their role, domicile and background, so firms need to remain flexible, take a risk-based approach and implement robust controls.
However, managing the risk of PEPs can cause disruption to genuine customers. Organisations must learn to balance customer experience with their international regulatory obligations. This is best done by properly defining who is considered a PEP in the first place.
Defining political exposure
One of the biggest difficulties faced by firms’ anti-money laundering functions is that there is no agreed global definition of a PEP. However, the Financial Action Task Force (FATF) does provide a short definition that is widely regarded as the general, most essential standard: a person ‘entrusted with a prominent public function’. This definition also extends to the family and associates of a PEP.
Adding to the complexity of the situation is the fact that there is no official list of PEPs as there are lists of other potential money laundering risks such as sanctioned entities. The complicated reality of each PEP’s role, associations and circumstances are unlikely to be easily organisable into a single database.
The FCA provides a few examples of roles that could be considered as being held by a PEP, including:
- Heads of State
- Members of Parliament
- Members of supreme courts or other high-level judicial bodies
However, it is essential that firms also have their own definition of a PEP in-line with their risk appetite.
Screening customers for political exposure
The goal of PEP regulations is to prevent individuals in positions of power abusing the trust of the public and financial institutions in order to benefit personally. Requiring firms to perform necessary due diligence on potential PEPs is a regulatory obligation predicated on the prevention of corruption.
Understanding that a corrupt customer is likely to be operating under a veil of secrecy and deception should have an impact on any firm’s strategy and implementation of controls. Firms should have automated screening systems in place with ‘fuzzy matching’ capabilities.
Fuzzy matching technologies allow the detection of data matches that are not a perfect 100% match. For example, fuzzy matching could detect a PEP even if they provided an alternate spelling of their name, whereas rules-based detection could only identify PEPs if the data they supply directly matched an existing list — something they are unlikely to do if they are genuinely corrupt.
It should also be noted that PEPs are still considered such for up to one year after leaving their position of influence, as individuals are constantly moving into new politically exposed roles.
The FCA has highlighted that firms may wish to extend this period (appropriate to risk appetite) when dealing with higher risk PEPs, but family members and associates who are not PEPs themselves should be treated as ordinary customers from the point the related PEP leaves office. Therefore, having systems that can scan customer data in real-time will be most effective in analysing and identifying potential PEPs and keeping their data up-to-date.
Source of wealth and beneficial ownership
The Money Laundering Regulations 2017 require firms to establish the source of wealth and funds used in a business relationship or transaction, as well as beneficial ownership. Not only are certain PEPs in a position to obtain massive amounts of wealth as a result of corrupt actions, they could be the owner of a far-removed parent company, have controlling influence over a board or otherwise control the property of a business entity.
Though it is certainly not illegal to set up a complex business structure — operating through a number of corporate identities and across jurisdictions often being a logical step for global businesses — they can be an effective way for both sanctioned entities and PEPs to circumvent controls. That is, unless proper scrutiny and due diligence is applied.
Without a holistic and risk-appropriate approach to data management, the due diligence required to understand the ownership of said structures and detect potential abuses are often duplicated, wasting both company resources and causing disruption to genuine customers.
Monitoring the risk
The risk level of a PEP will be in continuous flux throughout their ‘customer lifecycle’. They will need to be constantly monitored and placed under appropriate due diligence to provide an understanding of relationships, beneficial ownership, sources of wealth, and other factors. The position of the individual may give them the power to make major procurement decisions or access public funds with executive decision-making powers.
Scanning and understanding any adverse media on customers is also essential. PEPs may have been implicated in publicised scandals or made prominent in the media for misconduct. In addition to the regulatory risks, a firm could suffer reputational damage. Firms will need to be constantly monitoring news and other media to determine the risk of a PEP. This can be accomplished with automated tools — for example, setting up ‘alerts’ for newly released stories based on inputted criteria such as mentions of a certain name — but will require some manual monitoring.
Finally, it must be noted that PEPs, like any other customer, can change address or make other material changes to their accounts. Risks associated with material changes are heightened wherever PEPs are involved, largely because they are more likely to be able to move into jurisdictions and industries that are considered to be of higher corruption risk than the average customer.
The changing nature of a PEP’s business and political interests can make manual periodic reviews a challenging prospect for many firms. An annual review of a PEP’s status may be unachievable for some firms or prove inadequate for high-risk PEPs. However, the risk could be managed more effectively with a real-time automated solution that can regularly scan for material changes to a PEP’s account or file.
Ultimately, managing PEPs will come down to constant and consistent due diligence. Firms that employ innovative tech-based screening solutions with up-to-date data, fuzzy matching capabilities and appropriate human supervision will be those best prepared to manage this ever-fluctuating corruption risk.