The recent release of the Pandora Papers has shone a light on the sometimes unethical or corrupt practises of the politically connected and the super-rich.
For those in financial services the Papers highlight the importance of having access to politically exposed persons (PEPs) data as part of their anti-money laundering (AML) checks. In the UK, banks have a legal requirement to undertake enhanced checks of
both domestic and foreign PEPs. Undertaking such screening ensures financial institutions avoid the possibility of hefty fines and the brand damage that could result. Nobody wants the negative publicity associated with having a potentially well-known customer
using their account for fraudulent purposes.
However, it’s not easy to identify PEPs because there’s a lack of a universally agreed definition of what constitutes one. The Financial Action Taskforce (FATF) defines a PEP as ‘an individual who is or has been entrusted with a prominent public function’.
Most commonly, they are heads of state, government ministers, MPs, senior members of the judiciary, those on the boards of state-owned companies and central banks, and senior civil servants.
But it’s not just about PEPs. It’s also important that financial institutions screen the relatives or close associates (RCAs) of PEPs, as these people may be involved in abetting possible fraudulent behaviour.
There are number of best practices for monitoring PEPs and their RCAs:
Obtain data from trusted global sources
To effectively screen for PEPs and RCAs use an automated tool that collects and synthesises data from a wide range of trusted sources worldwide, such as from credit and government agencies. It must also continually scan for updates. Such a solution will
significantly streamline the PEP screening process and ensure those with access to it are constantly updated on any changes to a customer’s status.
Carry out adverse media checks
To keep on top of any new information on the status of an existing PEP customer or prospect, it’s critical to supplement the standard PEP screening process with adverse media and negative news checks. Such an approach enables those in financial services
to scan the global news media and source the names mentioned in the likes of the Pandora Papers, as well as news on those with new sanctions against them and where there’s legal cases pending.
Undertake a risk-based approach to PEP screening
It is essential to take a risk-based approach to screening PEPs and RCAs at a time when budgets and resources are tight. It’s a good idea to focus checks on foreign PEPs, which are considered a greater risk than domestic ones, because the financial institution
is unlikely to understand their background and connections fully. It’s also important to factor in the incidence of corruption within countries, as it’s higher in some states than others. And don’t forget the more senior the individual the greater the scope
for fraud. Therefore, it’s worth implementing enhanced due diligence measures for high-ranking PEPs and their RCAs in those territories where there’s a greater prevalence of corruption.
A number of countries, like the US, do not require domestic PEP screening. However, it’s strongly recommended that financial services businesses headquartered in those markets undertake some level of domestic screening to lessen their overall risk.
PEP monitoring must never stop
Monitoring of the level of risk posed by a PEP must be continuous. Beyond investment in a global PEP database there must be budget set aside for training for those in compliance who are charged with making decisions around risk and monitoring the business
relationship once a PEP has been identified. To ensure a uniform and regulatory-sound risk-based approach, all employees must be adequately trained – and periodically refreshed – on internal processes, risk categories, and relevant regulations.
Continue to evaluate risk when a PEP leaves office
‘Once a PEP, always a PEP’. It’s a good mentality to have. While someone who has left the political world may not pose the same level of risk they once did, it’s worth considering risk factors such as their time in the post, extent to which they remain politically
connected, their continuing degree of influence and their country’s level on a corruption index. It may be appropriate to place them in a lower risk category with different alert thresholds.
Use an automated PEP solution as part of a wider automated AML approach
An automated PEP solution that identifies PEPs and RCAs in real time works best as part of a more comprehensive automated approach to AML. Use electronic identity verification (eIDV) that can cross-check – in real time – the details provided by the prospective
customer against reputable data streams to ensure they are who they say they are. Also, when onboarding, document scanning with optical character recognition (OCR) and machine readable zone (MRZ) technology should be used to enable financial institutions to
instantly determine the authenticity of the ID documents provided online.
The Pandora Papers have highlighted the importance to those in financial services in scanning for PEPs. To do so effectively they must use best practice monitoring methods. For instance, the PEP list sourced must have access to high-quality data sources,
at a global level, with PEP customers and their RCAs regularly evaluated to identify risk. Additionally, it should also have automated functionality so it can be easily used in conjunction with automated eIDV and document scanning technology for an accurate,
fast, and cost-effective AML process.