The lack of a universally agreed-upon definition for what constitutes a PEP is the first hurdle. The varied and disparate PEPs lists and resources financial institutions (FIs) must consult to identify a PEP further complicate the process. Finally, uncovering an individual’s relatives or close associates (RCAs) adds another big wrinkle, given the nebulousness inherent in these terms and that these relationships change over time.
Nevertheless, FIs must develop processes that screen for and monitor PEPs. They must also be alert to changes in PEP legislation to ensure continued alignment. Otherwise, they face hefty fines from regulators. Here are 6 best practices FIs should follow when fine-tuning their PEPs screening process.
Prioritize High-Quality Data
Too often, compliance officers resort to screening potential and existing customers with ad-hoc Google searches, which are imprecise, time-consuming and costly. Misspellings, transliteration variations and aliases make their already difficult job even harder. But while that single, global PEPs list may forever remain on a compliance officer’s wish list, FIs can invest in the next best thing: a tool that simulates that experience. An automated solution that collects and synthesizes data for you from a wide range of trusted, high-quality sources, as well as continually scans for updates, will significantly streamline your screening process.
Supplement Standard PEPs Screening Process
Given the ambiguity inherent in screening for PEPs and their relatives and close associates, additional due diligence checks during onboarding and throughout the customer relationship may be warranted. Monitoring for adverse media and negative news may surface information about the financial crime or reputational risk a customer poses that official PEPs and RCAs lists may not. Therefore, performing regular adverse media and negative news checks expands the pool of available customer data and provides FIs with additional context.
Take a Risk-Based Approach to Identifying PEPs and RCAs
While all PEPs are vulnerable to corruption, one size doesn’t fit all when it comes to screening them. PEPs exist on a spectrum: heads of state or senior officials of prominent organizations exercise significantly more authority than PEPs who hold middle-level positions. Also, foreign PEPs are generally considered higher-risk than domestic PEPs, given that the FI may not fully understand the foreign PEP’s background and connections. Performing enhanced due diligence measures may, therefore, be necessary for one class of PEPs but overkill (and not the best use of time and resources) for another. FIs must take a risk-based approach to their IDV and KYC processes based on the type of PEP (or, in the case of an RCA, their relationship to the PEP), the PEP’s jurisdiction, the level of corruption in that jurisdiction, among other factors.
Apply that Approach Throughout the Relationship
Nevertheless, it’s important to remember that your risk-based approach mustn’t stop at the point of identification. Deciding the level of risk they pose and whether to do business with them is only the first step. After onboarding, an FI needs to have processes in place to ensure they’re applying an appropriate level of increased scrutiny to all customer activity. Conduct an analysis of the risk level they pose and the nature of their business with you. Then configure rules and set thresholds based on the risk category you’ve assigned them to ensure proper transaction and behavior monitoring. Lastly, establish solid ongoing monitoring processes that apply to your entire client base. As Francesca Dowling, Head of Compliance at Amaiz, reminds us, “a customer could become a PEP or be subject to adverse media reports at any point during the business relationship.”