It's Time for a PEP Talk: Managing PEPs and Risk in the Fight Against Financial Crime
Non-compliance is a costly business. Throughout 2022, financial institutions (FIs) around the globe received $4.2 billion in enforcement actions for anti-money laundering (AML) violations, including breaches of sanctions and know your customer (KYC) regulations— up 52% from 2021. With economic turmoil leading to an acceleration of fraudulent activity, FIs are being urged by regulators to be ever more vigilant, particularly when it comes to adequately identifying a politically exposed person (PEP), a crucial component of KYC and AML compliance.
PEPs can trigger money laundering and corruption concerns, and therefore require an additional level of scrutiny. However, PEP management can pose many difficulties, not least relating to the accurate categorization of an individual as a PEP due to jurisdictional variances in definitions. Despite an evolution of these definitions in recent years, PEPs remain a challenge to identify.
Making Headlines: De-banking Politicians and Public Figures
At the end of June 2023 Nigel Farage, the former leader of the UK Independence Party (UKIP), said that a bank had decided to stop doing business with him after forty years. Farage claimed that the bank, gave him “no explanation or recourse as to why this is happening to me” and called it “serious political persecution.”
The reason given for the account closure on March the 10th 2023 was that the relationship has been “below commercial criteria for some time” and that his past publicity meant that the perceived reputational risks - and associated monitoring costs - outweighed the benefits of keeping him on as a customer. A Iegitimate reason for a private bank, not linked to Farage's PEP status as he was on course to being declassified as a PEP entirely if he did not engage with politics for a further 12 months.
The case triggered a lot of questions around what PEP management is and what banking and de-banking politicians entail. We will try to provide some light in the rest of the blog.
Managing and onboarding PEPs as clients can result in volatile financial arrangements for FIs’ to handle. Notable examples over the past year include, Roman Abramovich, oil billionaire and former owner of Chelsea football club whose net worth dropped nearly 60% to $7.51 billion and energy billionaire Gennady Timchenko who saw his net worth drop by over 45% to $14.1 billion. This was due to the uptick in sectoral sanctions across the Russian oligarchy in response to the war in Ukraine. These sanctions saw $126 billion lost in wealth across all Russian oligarchs, people who bank worldwide and across multiple institutions.
Of course, one of the most infamous financial crime stories involving PEPs in recent years was the 1Malaysia Development Berhad (1MDB) scandal, which implicated Goldman Sachs in a massive corruption scheme. Off the back of the high-profile scandal, several regulators in Malaysia and around the world issued fines to the leading investment bank totaling $6.8 billion.
So, what (or rather “who”) is a PEP, and why should FIs be vigilant when assessing the risk of doing business with one? How can they mitigate exposures to sanctions and PEP risk, and the potentially devastating cost of non-compliance?
Discover how identifying PEPs and sanction lists is a crucial step in the KYC journey here.
The Problematic Definition: What Makes a Person a PEP?
The definition of a PEP varies slightly from jurisdiction to jurisdiction but is generally accepted to include individuals that hold a “prominent public function”, including presidents, prime ministers, and other senior politicians. Therefore any politician, domestic or foreign, could be classified as a PEP. The definition also extends to members of royal families, senior executives of state-owned entities, and heads of international organizations such as the United Nations, World Health Organization, International Monetary Fund and the World Bank.
Most jurisdictions consider individuals with the ability to direct and control government funds, or the ability to influence decisions, to be politically exposed, and thus could be susceptible to external influence, bribery, or corruption.
It is important to note that identifying an individual as a PEP is not a suggestion of previous or future criminal behavior. In addition, it is necessary for FIs to adequately identify individuals that not only hold prominent public functions, but also those who are considered to be closely connected to senior politicians, like family members and business associates, i.e., “known close associates”.
The purpose of identifying a PEP is to ensure the appropriate level of due diligence, in particular around source of wealth, is applied in accordance with a risk-based approach. This is due to the public nature of the function or office held by politically exposed individuals, which naturally increases their exposure to corruption, bribery or money laundering. In determining the acceptability of higher-risk accounts, a bank should be able to obtain sufficient information to evaluate whether an individual is or is not a PEP – whether domestic or foreign.
The decision to establish or continue a customer relationship with a PEP is guided primarily by an assessment of ML/TF risks, even if other considerations, such as regulatory risk, reputational risk or commercial interests, are considered in line with the bank internal policies. Ultimately, acceptance or discontinuation of a business relationship with a PEP requires specific approval, generally through a dedicated structure composed of AML/CFT head, compliance officers and business representatives.
However, there is a problem with the definition of a PEP globally. In the US (as well as some other jurisdictions), it is at odds with EU standards and FATF Recommendation 12, as the US authorities only define foreign PEPs under the PATRIOT Act, but in recognition of the increased risk posed by what others would call domestic PEPs, a joint statement was issued by multiple US agencies including FinCEN, FDIC, and the OCC outlining how financial institutions should deal with the increased risk profile of those with increased due diligence needs under the Banking Secrecy Act.
In the EU, the definition of PEP was extended under the 4th AML Directive (4AMLD), enacted in 2015, to include all national/domestic PEPs and categorize them as higher risk. In the US, it’s also not a regulatory requirement that would demand obliged entities to apply specific measures—which again, differs vastly from the EU approach. This disjointed approach highlights the need for regulators to strengthen cross-border collaboration and offer a single framework reflecting both foreign and domestic PEPs.
Mitigating Exposures to Sanctions and PEP-related Financial Crime Risk
FIs should be vigilant when assessing the risk of doing business with PEPs. Extra care must be taken when determining whether an individual is a PEP, and whether their financial activity requires additional scrutiny. FIs have an obligation to identify the source of wealth as well as source of funds that belong to PEPs, which will give a sense of the kind of activity an FI could expect from that PEP throughout their relationship with the financial institution. And of course, institutions will have to keep a close eye throughout the relationship to identify any behavior that may give rise to suspicious activity, including transactions that may be related to bribery, corruption, or money laundering.
Yet many FIs struggle to untangle complex entity hierarchy structures during onboarding due to manual, paper-based processes and operational silos. But with digital onboarding solutions incorporating graph data visualization software, financial institutions can visually map structures of companies and identify ultimate beneficial owners (UBOs), controllers and other individuals that have an interest in an entity. Using these solutions, FIs can also address the challenge of continually understanding the relationship with a client. Meaning that there is no need to wait for a trigger event. FIs can monitor when clients become PEPs, move across risk thresholds as a PEP or need to be declassified as a PEP entirely.
This technology also helps FIs to manage PEPs and high-risk individuals more efficiently, enabling the collection of enhanced due diligence information and documentation in line with regulatory requirements.
What’s in Store for the Future of Customer Onboarding, Verification, and PEP Management
It has never been more important for FIs to enhance and digitalize client due diligence measures in order to identify stakeholders or UBOs who are considered to be politically exposed.
Though being a PEP is not a crime, it is critical for FIs to be alert to potential criminal financial activity when doing business with one. Knowing how to identify a PEP, or identify individuals that have close associations with one, is a crucial element of financial crime prevention and automation is key to its timely success.
In the UK specifically, banks and other FIs should prepare for an update to the rules around account closures, although some work will need to be done to ensure this doesn’t break tipping off rules. The widespread media coverage resulted in the summoning of executives from Barclays, HSBC, Lloyds, NatWest, Santander, and Nationwide to meet with the Treasury. The meeting saw these top UK banks agree to overhaul their account closure procedures and better protect their clients, to restore confidence in the banking sector ahead of the new policies coming into effect.