What is PEP risk, and why is it so critical to your AML/CFT compliance that you need to effectively screen for it?
In the previous article of the KYC 2020 Guide to PEP Screening, we learned about the many uncertainties surrounding PEPs, including how to even define them. In this article, we are going to take a closer look at PEP risk.
The Challenge of Serving PEPs
In Ontario, Sanjay Madan, a Ministry of Education computer specialist was recently fired after an alleged fraud involving $11.6 million in COVID-19 funds. Madan is also being accused of running an elaborate kickback scheme that stole at least $30 million more from the Canadian government.
Meanwhile, in the US, Tennessee state senator Katrina Robinson was recently charged with theft and embezzlement. According to court records, Robinson stole more than $600,000 in federal funds while serving as the director of a health care company. She then used this money to pay for her wedding, a new vehicle for her daughter, entertainment and various other personal expenses.
In the US and Canada and throughout the world, there are countless high-profile examples of PEPs using financial institutions as conduits for their illegal activities.
For this reason, PEPs and their relatives and close associates (RCAs) generally present a higher level of risk to your financial institution. When people are in positions of influence and power and have access to insider information, there is a greater chance that they will abuse their privileges. PEPs can end up leveraging their status for personal gain through bribery, money laundering, and corruption instead of benefiting those they are meant to serve.
PEP corruption undermines the rule of law. If left unchecked, corrupt PEP behavior can be detrimental to the overall health of the economy. It can drain a state or a country’s assets, compromise judicial and governmental systems, hurt fair commerce, and extinguish open competition.
It also can spell the end of your financial institution. Banks, credit unions and money services businesses (MSBs) that conduct business with dishonest PEPs face substantial reputational risk, additional regulatory scrutiny, and potential regulatory action.
Mitigating PEP Risk Through Red Flags
In the context of KYC and BSA compliance, identifying a client as a PEP or RCA is not the goal in and of itself. A PEP designation also does not mean the individual is necessarily involved in corruption or other forms of criminal activity. It is merely a call for extra vigilance. PEP screening and monitoring is thus one piece of a bigger process to discover and assess client risk.
The truth is that not all PEPs present the same level of risk. This risk will vary depending on numerous factors, including: the PEP’s geographic location, industry, sector, and position as well as the level or nature of the authority invested to this individual. Other factors, such as the type of account and its purpose, the transactional activity, and the complexity of the account, can all influence the risk to your institution when servicing a particular PEP.
PEP screening is a standard part of a risk-based approach to AML compliance. Though this process is usually performed as part of KYC and on-boarding procedures, account monitoring should continue periodically throughout the customer relationship. After determining that a customer is a PEP, your institution is responsible for conducting ongoing due diligence that is specifically tied to the individual’s current PEP status.
If your organization needs to assess PEP risk, then there are several red flags and indicators you can use to detect suspicious behavior and potential financial abuse.
PEPs that exhibit the following behavior or characteristics, should be approached with caution:
- Attempting to shield identity and obscure ownership through the use of corporate vehicles, intermediaries, or family members/associates as legal owners
- Exhibiting odd or suspicious behavior, for example: showing difficulty discussing the source of funding or wealth, providing incomplete or inaccurate information, asking questions about your institution’s AML/CFT policy
- Being involved with an industry or sector that is high-risk, such as arms trade and defense, banking and finance, businesses that sell or work with the government, healthcare, and mining
- Having a position in or an involvement with a business or organization that is operating in a high-risk sector
- Having a high-ranking position with significant authority, such as control over or access to state assets and funds, policies, and operations, as well as control over regulatory permissions like being able to approve an operating license
- Conducting suspicious transactional activities, such as payments and transactions that are anonymous
When on-boarding a client who possesses one or more red flags such as these, you need to proceed with caution. Your AML/CFT systems and procedures should kick in to protect your institution against unscrupulous individuals while verifying legitimate transactional activity and creating a positive customer experience.
To make this possible, you first need to be able to detect and identify PEPs and RCAs. This has traditionally been an expensive and time-consuming undertaking that greatly slows down customer onboarding. As a result, compliance for PEP screening has been lax and irregular across the financial markets. Now, thanks to AI and other advancements in regulation technology (RegTech), screening for PEPs in global watchlists, government sources, and in adverse media is not only effective and fast, but also affordable.
We’ll address the solutions helping to mitigate PEP risk in the next article.
