UK regulators are set to embark on a review of banks’ so-called PEP lists, rosters of people who, because of their political profile, are potential money-laundering risks. The agency’s review caps off a summer of scandal in UK banking as Brexit leader Nigel Farage claimed his bank dropped him over his political views, eventually leading to the ouster of the bank’s CEO. Rory Doyle, head of fincrime policy at Fenergo, explores the regional nuances of PEP policies.
With news that the UK’s Financial Conduct Authority (FCA) has initiated a review looking carefully at firms’ arrangements for dealing with politically exposed persons (PEPs) based in the UK, there is no greater time than now for banks to have a PEP talk.
PEP generally refers to people who may be more susceptible to bribery or corruption and are important for banks to identify due to their greater potential to be implicated in money laundering. Moreover, failure to identify them can be costly — not just from a reputational perspective. In 2020 alone, global financial institutions including the likes of Goldman Sachs received $10.6 billion in enforcement actions for financial crime violations, spanning breaches of anti-money laundering (AML) and know your customer (KYC) regulations — up 27% from 2019.
With the pandemic giving rise to increasing levels of fraudulent activity, financial firms are now being urged by regulators to be ever more vigilant, particularly when it comes to adequately identifying PEPs, which is a crucial component of KYC and AML compliance. But PEP management can pose many difficulties, not least relating to the accurate categorization of an individual as a PEP due to jurisdictional variances in definitions.
The PEP definition dilemma
The definition of a PEP varies from jurisdiction to jurisdiction, but it is generally accepted to include individuals that hold a prominent public function, including presidents, prime ministers and other senior politicians. The definition also extends to members of royal families, senior executives of state-owned entities and heads of international organizations like the United Nations, World Health Organization and International Monetary Fund. Most jurisdictions consider individuals with the ability to direct and control government funds or influence decisions to be politically exposed, and thus susceptible to external influence, bribery or corruption. It is important to note that identifying an individual as a PEP is not a suggestion of previous or future criminal behavior.
The purpose of identifying a PEP is to ensure the appropriate level of due diligence is applied in accordance with a risk-based approach. In determining the acceptability of higher-risk accounts, a bank should be able to obtain sufficient information to evaluate whether an individual is or is not a PEP, whether domestic or foreign.
However, there is a problem with the definition of a PEP globally. The U.S., as well as some other jurisdictions, is at odds with EU standards and FATF Recommendation 12, as U.S. authorities only define foreign PEPs under the PATRIOT Act. But in recognition of the increased risk posed by what others would call domestic PEPs, a joint statement was issued by multiple U.S. agencies including FinCEN, FDIC and the Office of the Comptroller of the Currency outlining how financial institutions should deal with the increased risk profile of those with increased due diligence needs under the Bank Secrecy Act.
In the EU, the definition of PEP was extended under the 4th AML Directive (4AMLD), enacted in 2015, to include all national/domestic PEPs and categorizes them as higher risk. In the U.S., it’s also not a regulatory requirement that would demand obligated entities to apply specific measures, which again, differs vastly from the EU approach. This disjointed approach highlights the need for regulators to strengthen cross-border collaboration and offer a single framework reflecting both foreign and domestic PEPs.
Financial organizations should be vigilant when assessing the risk of doing business with PEPs. Extra care must be taken when determining whether an individual is a PEP and whether their financial activity requires additional scrutiny. Banks have an obligation to identify the source of wealth as well as sources of funds that belong to PEPs, which will give a sense of the kind of activity a financial organization could expect from that PEP throughout their relationship with them. And, of course, institutions will have to keep a close eye throughout the relationship to identify any behavior that may give rise to suspicious activity, including transactions that may be related to bribery, corruption or money laundering.
Emerging digital onboarding solutions that incorporate graph data visualization software, financial institutions can visually map company structures and more easily identify ultimate beneficial owners, controllers and other individuals that have an interest in an entity.
This technology can also help financial institutions to manage PEPs and high-risk individuals more efficiently, enabling the collection of enhanced due diligence information and documentation in line with regulatory requirements. Indeed, as stories like the recent Farage-Coutts battle and surging levels of financial fraud bring AML and KYC regulations top of mind for financial institutions across the globe, the FCA’s review, expected to be completed by June 2024, is a crucial step in addressing PEP identification gaps. As they embark on this review, financial institutions must be ready to adapt their PEP identification processes to meet the evolving demands of compliance and risk management.