Updated Wolfsberg Guidance on PEPs 17/9
13th June 2017
Updated Wolfsberg Guidance on PEPs
The Wolfsberg Group (the Group) has published an updated guidance as to how Financial Institutions (FIs) should handle the money laundering risks posed by Politically Exposed Persons (PEPs). The guidance lays out what the Group considers to be the most effective way of managing PEP risk, with a focus on FIs establishing and implementing a PEP control framework as part of a risk based approach (RBA) that identifies and manages financial crime risk. The guidance makes clear that not all PEPs are necessarily high risk. Comparatively, the Financial Action Task Force (FATF) guidance recommends that all foreign PEPs should automatically be classified as high risk.
Key features of the guidance include:
- An outline of the procedures a PEP Risk Management Framework should follow
- A strong focus on encouraging financial institutions, governments and competent authorities to adopt a risk based approach in defining, identifying and managing the risks and due diligence associated with PEPs rather than a ‘tick box’ exercise
- A recommendation that governments issue PEP lists relevant to their jurisdiction to improve ease of screening PEPs
- The notion “once a PEP, always a PEP” is not useful and does not follow a risk based approach
- the definition of a PEP should focus on those in senior, prominent political positions, who have substantial authority over policy, operations or the use or allocation of government-owned resources and are therefore more vulnerable to grand corruption
Definition of a PEP
The Group’s guidance recommends that the definition of a PEP should focus on those in senior, prominent political positions, who have substantial authority over policy, operations or the use of allocation of government-owned resources and are therefore more vulnerable to grand corruption. FIs should take into consideration local or regional regulations when determining their PEP categorization standards.
Some examples of specific functions that would likely give rise to PEP status are:
- Heads of State, heads of government and ministers
- Senior judicial officials who sit on bodies whose decisions are not subject to further appeal
- Heads and other high-ranking officers holding senior positions in the armed forces
- Members of ruling royal families with governing responsibilities
- Senior executives of state-owned enterprises, where the state owned enterprise has genuine economic or political importance
- Senior officials of major political parties
The following may also be considered to fall within the definition but may be excluded in countries or organisations where there is a low risk of corruption.
- Heads of supranational bodies, e.g. UN, IMF, WB
- Members of parliament or national legislatures, senior members of the diplomatic corps e.g. ambassadors, chargés d’affaires or members of boards of central banks
- City mayors and governors or leaders of federal regions
- Holders of public functions not meeting the above standards of seniority, prominence
Classification of a PEP
A range of factors may be considered in categorising a PEP, including:
- assessment of the nature of the relevant country’s political and legal system and its vulnerability to corruption as per various publicly available, independent indices
- the official responsibilities of the individual’s function
- the nature of the title (honorary or salaried political function)
- the level of authority the individual has over governmental activities and over other officials
- whether the function affords the individual access to significant government assets and funds or the ability to direct the awards of government tenders or contracts
- whether the individual has links to an industry that is particularly prone to corruption
Defining “Close Family” and “Close Associates”
The Group regards close (immediate) family and close associates of PEPs as potential money laundering risks as PEPs may use them to mask illicit funds. Close Family are defined as: a PEP’s direct family members, their spouse, their children and their spouses, parents and the siblings of the PEP. Close Associates are defined as: a PEP’s widely and publicly known close business colleagues or personal advisors, in particular persons acting in a financial fiduciary capacity. Circumstances that may warrant exemption from a PEP control framework may include separation, estrangement or the end of a business relationship between the PEP and the close associate.
Foreign vs Domestic PEPs
Typically, foreign PEPs pose a higher risk compared to domestic PEPs. However, the greatest risks appear to be present where a PEP seeks to establish a relationship with an FI beyond their country of political exposure and where there is no obvious rationale for holding an account outside of that jurisdiction. Consideration should also be given to the fact that certain countries prohibit certain government officials from holding bank accounts outside the country where they hold office.
Developing a PEP Risk Management Framework
The Wolfsberg Guidance reiterates the importance of financial institutions having systems and procedures in place that effectively deal with the identification and continued monitoring of PEPs, including regular training of staff. The Wolfsberg Group regards the below components, though not exhaustive, as essential to developing a robust PEP risk management framework.
Identification – New Customers: financial institutions should have risk-based procedures in place to determine whether a customer is a PEP. Upon classification as a PEP, a risk assessment should be undertaken and subsequent due diligence applied in an expeditious.
Identification – Existing Customers: upon discovering that an existing customer has become a PEP, risk based due diligence and controls should be applied.
Customer Risk Assessment: upon identification of a PEP, a subsequent risk assessment should determine the level of financial crime risk and the commensurate levels of due diligence and monitoring required. Within such risk assessments the following should be taken into account:
- Geography – considering information from independent and reliable sources as to the levels of systemic corruption in the country of political exposure (i.e. Transparency International)
- Business type
- Delivery channel
Due Diligence: Once a PEP has been subject to risk assessment, risk based due diligence procedures should be applied which may include:
- Understanding and documenting the length of time, the title or position and country in which the PEP holds, or held, political exposure. For close family members or close associates, the relationship of the person to the PEP must be documented.
- Understanding and documenting the nature and purpose of the relationship/account, the source of funds (where appropriate) and the anticipated levels of account activity.
- Understanding and documenting the customer’s source of funds and source of wealth (e.g. salary and compensation from official duties and wealth derived from other sources). Where the financial crime risks are high or doubts exist as to the veracity of information provided, independent and reliable sources should be used to validate such information. Examples include internet and media searches to determine and/or validate this information, giving due consideration to the potential limitations of such sources.
- Negative News/Adverse Media screening
- When the due diligence on a close family member or close associate of a PEP indicates that the source of funds originates from the PEP, then the PEP’s sources of funds and wealth should be documented.
Approval: PEP relationships should be approved by senior management who understand the AML idiosyncrasies of their firm. The level of seniority should be proportionate to the nature of the financial institution and the money laundering risk posed by the PEP.
Enhanced Monitoring(manual or automated): PEP accounts should be subject to enhanced monitoring to detect unusual and potentially suspicious activity. Such monitoring should be proportionate and utilise a risk based approach.
Periodic reviews for existing PEP customers: due diligence information should remain current, therefore existing PEP customers should be periodically reviewed to ensure risk assessments and controls remain appropriate. The frequency of periodic reviews should be determined by the risks associated with the PEP. Where risk is deemed to have changed, consideration should be given for potential re-approval by senior management.
PEP Risk Exposure (Financial Institution/Portfolio wide): overall exposure to PEP risk should be reviewed by financial institutions. Senior management should confirm explicitly that the risk exposure of a PEP remains within the defined risk appetite.
Training & Education: It is vital that risk, policies, procedures and processes associated with PEPs are communicated to relevant employees and their managers as part of a regular AML training programme.
Given that the Joint Money Laundering Steering Group (JMLSG) cites the Wolfsberg Group as a useful resource for developing an AML/CTF strategy, it would be prudent for firms to re-assess their current systems, procedures and controls in relation to PEPs to ensure they are appropriate in light of this guidance.
© CPA Audit LLP 2019.