8 tips for PEP dealings
I am at a client meeting explaining how StartKYC can increase the efficiency of the customer due diligence process. I reach the PEP (Politically Exposed Person) topic and the client stops me midway to ask a question which seems to have been nagging him for a long time “Can I really do business with a PEP?”. Others told me “…you can skip this part. PEPs are out-rightly declined. I don’t want to get into trouble!”
But why are PEPs regarded as a sinister being which can only bring down a veil of doom and gloom on the business?
The heightened AML (Anti-Money Laundering) risk associated to PEPs is due to their position and influence, which can be abused for purposes of money laundering, corruption, bribery and terrorist financing involvement. Being a PEP does not inherently mean that they are high profile criminals with a hidden agenda but simply an individual that has the means and status to do so. With this prospect in mind, one immediately reasons out that such a predisposition is definitely not limited only to PEPs. A PEP is a prized client and the prospect of working with a PEP should not be turned down simply because the associated risks are not clear and as a result blown out of proportion.
The guidelines provided by the FIAU Implementing Procedures (issued 20 May 2011) together with the FATF recommendations provide a clear overview of what actions to take when the client is a PEP. Below are a few tips that may help when dealing with PEPs. They provide a general idea of the extra effort one may take to be able to accept a PEP as a client.
Step 1: Client declaration
Obtain a signed self-declaration from the client on their PEP status. This can either form part of the client application form or a questionnaire with specific reference to the client’s PEP status. It is important to point out that this does not shift the obligation to the client. The client might lie or might not even be aware of their PEP status and give a false declaration.
Step 2: Identifying a PEP
With the fourth money laundering directive expanding the definition of a PEP, the identification of whether a prospective client is a PEP can be a challenging task, particularly when dealing with foreign PEPs. An internet search is a good start, but the information retrieved may not always be reliable and the number of hits for review turn out to be time consuming. Commercial databases alleviate this labour intensive task by providing only alerts in scope of the AML & FT regulations.
Step 3: Risk Classification
The PEP should be assigned a risk classification based on the risk-based approach being adopted. This will in turn determine the extent of the EDD (Enhanced Due Diligence) measures. The risk classification and the additional due diligence required should take into consideration factors such as the PEP’s country of residence and its respective risk index, the PEP’s position and potential exposure to corruption and bribery.
Step 4: Senior management approval
Whenever a potential client is politically exposed, senior management approval should be mandated, documented and available for inspection. No single person in your organisation should have total control over PEP customers or PEP matters. A four-eye approach should be adopted via counter-signatures on approval documents or records.
Step 5: Establish source of wealth & funds
It is mandatory to take adequate measures to establish the source of wealth and funds involved. This will eventually be used for ongoing due diligence purposes to ensure that the level and type of transactions are consistent with the information shared or identified on the PEP’s source of funds and wealth. During the course of the relationship one should consider the income of the PEP, the source of wealth and funds from previous positions, business undertakings and family estates.
Step 6: Monitoring
When the client is identified as a PEP the enhanced monitoring adopted is dependent on the Risk Classification assigned. In general, enhanced monitoring would include a more frequent and thorough analysis on the transactions’ origin and destination. It also has to be ensured that all KYC / CDD documentation held remains relevant and reflects the ongoing AML/FT risk exposed.
Non-PEPs can eventually become PEPs. These changes should be captured in the monitoring process adopted for all the client list to ensure that once a client becomes a PEP, EDD is applied and the risk reflected in the Risk Category assigned.
Step 7: Record Keeping
It is important that at all times an audit trail is maintained on the due diligence measures and actions taken. This will facilitate your recollection of events of the business relationship with the PEP and making it easier to provide documentation as and when required by the authorities or higher management for review.
Step 8: Training
The clear understanding of the definition of a PEP by all involved parties is crucial in ensuring that all necessary actions have been taken. The PEP classification is not limited to office holders but also exposed persons such as relatives, business associates or high-ranking officials in government agencies. The actions to be taken when dealing with a PEP are to be clearly defined internally thus making it easy for all involved parties to understand the course of action to be taken.
After exhausting all these steps you might consider working with PEPs not to be worthwhile. However it is crucial to note that the majority of the steps and tips listed above are applicable to all clients irrespective of whether they are PEPs or not. Working with a PEP requires enhanced due diligence, but customer due diligence and monitoring is mandatory for all client types.
StartKYC provides a number of solutions to assist with the tips outlined above:
• StartKYC has partnered with Accuris a trusted and independent provider of data intelligence for Anti-Money Laundering, Anti-Corruption and Cyber Security professionals. Accuris sources data from over 14,000 global sources to produce a comprehensive list of PEPs, SOEs, REPs, Sanctions and Adverse Media Data and access to over 130 corporate registries around the globe.
• Each individual or entity name added into the system can be assigned a unique Risk Classification based on the Risk Based Approach adopted. This allows the user to divert time and resources to the red flags.
• StartKYC allows its customer to have more than one username at no extra cost. The client profile can be assigned to different users as required whilst at the same time keeping an audit trail of the actions taken by each user.
• Monitoring frequency can be customised for every client name added to the database. Alerts on changes in the client profile are raised via email notifications and also highlighted in the StartKYC portal.
• Each search done is logged on the system with a time stamp and the name of the user performing the search. Report results are also time stamped and available to download as a pdf format.
Be it via API integration or through our web-portal, StartKYC can help in your due diligence processes. You may easily have a look for yourself by using our 10-day trial package.
Contact us to know more!