Don't Miss CSI Customer Experience - Nashville Save the Date

Blog / June 16, 2021

How to Optimize Your PEP Screening Process

Politically exposed person (PEP) screening is a critical component of an institution’s Know Your Customer (KYC) and anti-money laundering (AML) programs. Due to the digital nature of modern transactions, financial institutions are under increased scrutiny to ensure that every transaction and interaction with a PEP is identified, examined and monitored on a continuous basis.

What Are Politically Exposed Persons?

According to the Financial Action Task Force (FATF), a politically exposed person is one who has been entrusted with a prominent public function. Politically exposed persons generally present a higher risk for involvement in money laundering, bribery, terrorist financing and corruption by virtue of their position and the influence that they may hold. Thus, doing business with politically exposed persons increases the risk of your organization’s involvement in illegal activities.

The types of positions that define a politically exposed person include:

  • Government officials
  • Senior executives or board members of state-run or state-owned entities
  • Judges and other top-level judiciary positions
  • Financial regulators and auditors
  • High-ranking military officers

Article 52 of the United Nations Convention against Corruption (UNCAC) further defines PEPs by including family members and close associates of individuals with a prominent public function. This expansion of the PEP definition multiplies the burden of organizations to identify these individuals and account for their increased level of risk.

Is PEP Screening Required Under Federal or International Law?

There is no “all encompassing” international regulation, nor any universal requirement for PEP screening, even though each country has adopted various guidelines set forth by FATF.

This lack of consensus around how to effectively identify and navigate business with politically exposed persons leads to complexities and discrepancies for international organizations that span borders. And because international guidance varies, there is no set list of “reasonable measures” to take when screening for PEPs. Therefore, your organization’s compliance team is ultimately responsible for setting forth proper internal guidelines. For these organizations, it is best to make sure that the global policy meets the most stringent standards for PEP due diligence. And for regulatory organizations with operations in the European Union, the much-anticipated 4th European Union Anti-Money Laundering Directive will include additional requirements for PEP due diligence.

FATF’s recommendations 12 and 22 make it clear that PEP screening and other efforts to mitigate risk associated with politically exposed persons should be preventative in nature. This means that businesses should not refuse to do business with PEPs, but should rather exercise extended due diligence—including KYC protocols—to minimize the risk that relationship could yield. Remember, those found on a PEP list are not immediately guilty by association.

What Types of Organizations Should Screen for PEPs?

Banks, credit unions and other financial institutions that are subject to AML regulations should undertake PEP screening during the client onboarding process as a part of their KYC program. These organizations should ultimately take a risk-based approach to PEP screening: meaning they should assign unique risk scores to each PEP once they’ve been identified.

For organizations that choose not to identify and score PEPs, the risk of OFAC and other sanctions penalties become more likely. And these fines are steep. According to OFAC, 25% of all individual fines levied against organizations in 2020 were over $1 million.

Where Can You Find a PEP List?

PEP data can be gathered manually from a variety of publicly available sources, such as government-issued PEP lists, the internet and media sources, internal sources or information shared among financial groups.

Although these methods are useful, manually pulling data makes PEP screening a labor-intensive process that can quickly drain a company’s resources. Further, an organization taking a manual approach places a hefty amount of faith in the validity and freshness of the data gathered, which opens the organization up to potential risks.

It’s also worth noting that although some (not all) governments issue PEP lists, the FATF recommendations state that these are not complete, and solely relying on these lists will not be compliant under any PEP programs. Therefore, most banks and larger financial institutions will tend to use a commercial database, like the Dow Jones PEP list.

Relying on commercial databases for PEP screening allows your organization to leverage distinct advantages, including:

  • Consolidation of various international and domestic PEP lists
  • Frequent updates
  • A “hands off” approach to data storage and upkeep

What Are PEP Screening Best Practices?

The PEP screening process might seem like an enormous risk and compliance burden on the surface. But with an organized and streamlined approach, PEP due diligence and screening can integrate with your current process and lessen your organization’s risk.

Use these three best practices to maximize efficiency in PEP screening:

Step 1: Run a PEP Check

The first move your institution may take to manage the increased risk associated with politically exposed persons is identification through a PEP check. A PEP check can be conducted manually or through an automated PEP screening software. Automated PEP screening tools are usually an extension of sanctions screening software and serve to provide in-depth and up-to-date information on domestic and foreign PEPs. In addition, automated PEP screening software leverages commercial databases like the Dow Jones PEP list to flag both foreign and domestic PEPs, and these lists are updated frequently.

Step 2: PEP Due Diligence

Once a PEP has been identified, your organization must perform due diligence. But not all PEPs are created equal. Use a risk-based model to identify any persons who require enhanced due diligence. For these individuals, take special care to:

  • Confirm the PEP’s identity via accuracy of documents, including date of birth, country of origin and other documents linked to identification
  • Dig into the PEP’s history for illicit activity or suspicious behavior
  • Verify the source of their funds
  • If further due diligence is needed, utilize FinCEN’s 314(b) network to discover any illegal activity perpetrated at other institutions

Although this is a manual process—ultimately requiring a significant time investment from your compliance team—the increased risk of OFAC violations and other fines related to money laundering can be devastating. Thus, front-end due diligence must be viewed as a critical investment to control your level of risk.

Step 3: Monitor PEP Activity

Even if a politically exposed person is cleared, the fact remains that they are still an increased risk for money laundering, terrorist financing or other illicit activities. Further, individuals who were not PEPs yesterday might reach “PEP status” tomorrow. Do not rest on your laurels. Ensure that AML best practices are followed, continue to monitor the relationships and activities of current PEPs and regularly check for new names on PEP lists. File a Suspicious Activity Report (SAR) immediately if any illegal activity is suspected.

Take a Risk-Based Approach to PEP Screening

While regulations vary around politically exposed persons, one truth rings clear: doing business with PEPs increases the risk of fines to your institution. Ensure that your compliance team considers this threat seriously by taking an automated, risk-based approach to PEP screening.

To learn more about PEP screening and how organizations can effectively screen against PEP and other sanctions lists, read our Understanding OFAC: A Best Practice Compliance Guide for Businesses.

Dave Moggio serves as the director of product strategy for CSI. 

Get In Touch

Are you looking for the edge to outperform the competition? CSI is a full-service technology and compliance partner.

Let’s Talk