Why PEPs are High Risk and a Threat To Your Business?
In the Financial and Trade industry, you may have often heard the term PEPs and the importance of early-stage PEP detection in order to combat money laundering and terrorist funding.
Politically Exposed Person(s) (PEPs) are profiled individuals who currently hold a public office or are associates of such personnel. The global approach by regulatory and financial bodies limit doing business with PEPs. Owing to the likelihood of money laundering, bribery, and terrorist funding that may result due to the influence of such individuals. Financial institutes view PEPs as a compliance risk. EU, UN, FINCEN, SECO and other regulatory bodies have strict rules when it comes to interacting with potential customers who are not vetted to assess their risk status. This a key component of AML compliance.
Organizations are supposed to assign a risk rating against each individual to identify how much an identity could be responsible for the loss. Organizations are subject to hefty fines and legal actions in case of non-compliance with local and global regulatory obligations.
FATF defined PEPs
The Financial Action Task Force (FATF) is an intergovernmental organization. It was established as an initiative by G7 to create practical policies for anti-money laundering and due diligence. It acts as a supervisory body and formulates recommendations to assist the legal framework of global financial space. Global institutions consider FATF’s guidelines as International Standards.
The latest definition of PEPs provides with four categories:
High Risk – Level I PEPs
- Heads of state and government
- Members of government (national and regional)
- Members of Parliaments (national and regional)
- Heads of the military, judiciary, law enforcement and board of central banks
- Top ranking officials of political parties
Medium – High Risk – Level II PEPs
- Senior officials of the military, judiciary, and law enforcement agencies
- Senior officials of other state agencies and bodies and high ranking civil servants
- Senior members of religious groups
- Ambassadors, consuls, high commissioners
Medium Risk – Level III PEPs
Senior management and board of directors of state-owned businesses and organizations – e.g. Chairman of a Bank
Low Risk – Level IV PEPs
- Mayors and members of local county, city and district assemblies
- Senior officials and functionaries of international or supranational organizations
PEPs and Compliances
Financial Authorities and Regulatory bodies translate FATF’s guidelines into practical rules. Compliances define risk involved according to the nature of businesses. How and when to apply Customer Due Diligence. These compliances at international or state-level monitor security measures taken by organizations. They identify and loopholes that maybe there. As per compliance rules, it is a requirement for certain Institutes to perform Enhanced Due Diligence when it comes to PEPs.
In order to implement AML compliance for PEP identification, businesses and financial institutions must have procedures in place to effectively identify and restrict a PEP. To do this two questions are of importance:
(i) When do you check for a PEP?
(ii) How do you check for a PEP?
Customer screening needs to be done to identify the risk associated with it. For this, the updated PEP record should be integrated with the system that automatically verifies the onboarding identity against it. This helps you catch the malicious entity beforehand.
EU and FINCEN regulations state that strict Customer Due Diligence must be applied before establishing any business relationship with a potential customer. This indicates that PEP screening must be done during the on-boarding process.
Financial Action Task Force (FATF) establishes a standardized “list” of known entities and profiles updated on a daily basis with new data extracted from global sources. This enlists all individuals on the basis of their personal information (Name, DoB, Country of Residence) which satisfies FATF’s definition of a PEP. All potential customers must be screened against these lists to ensure that they are not present in the PEP record lists.
Is there such a thing as good PEP?
The answer is no. The concept of PEPs is not defined on moral grounds. All PEPs are not inherently “bad”. Not in terms of morals. The risk of a PEP is relevant to the possibility to commit illegal activities under the Risk-Based Thinking model. A risk-based Thinking approach means to ensure practices in place to proactively address future disasters. Based on the history that gave birth to various ruinous circumstances for business, each onboarding identity should be screened against security parameters using a pre-defined risk-based thinking model. This helps deter the rate of fraudulent activities in a legitimate system.
As per FATF’s definition of a PEP, four distinct categories are mentioned. Businesses can apply restrictions and train their systems as well as employees accordingly. A low-risk PEP may be allowed performing transactions while a high-risk PEP may not be allowed entry in the system altogether. Keeping all such parameters in place, businesses can ensure high-end security and prevent their system from the criminal entities and therefore, regulatory penalties.