EDD for PEPs in the UK: the new primer
Chris Hamblin, Editor, London, 2 August 2017
The UK's Financial Conduct Authority has produced guidelines in connection with politically exposed persons or PEPs in line with the Money Laundering Regulations. Its main purpose is to enshrine parts of the European Union's fourth money laundering directive into British law.
Most of the UK's anti-money-laundering law is already in line with the directive because the UK is the EU leader in this area, so the FCA's guidelines represent the remainder. It has released them in accordance with regulation 48(1) Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. The recently released paper, entitled FG 17/6, tackles "enhanced customer due diligence" measures in respect of PEPs. The EU wants to amend its directive further, so its deliberations might change the guidelines once again in due course.
As ever, the regulator expects firms to assess the risk posed by each PEP on a case-by-case basis rather than take a generic approach to all PEPs. It thinks that firms should only treat PEPs in the UK (domestic PEPs are now a category, thanks to the directive) with truly prominent positions as PEPs and not to apply the definition to local government, more junior members of the senior civil service or anyone other than the most senior military officials. Among the British judiciary, only members of the Supreme Court are to be included. Among the military, the yardstick is set at Vice Admiral, Lieutenant General, Air Marshal or anything senior to those positions.
One of the main thrusts of the paper, the regulator says, is to say "how firms should apply the definitions of a PEP in the Money Laundering Regulations in a UK context." It is the FCA's duty to enforce those regulations, which are issued under the Criminal Justice Act 1993, at the firms it regulates.
Not binding legally, but binding in practice
It says that the Financial Ombudsman Service, as before, is open to considering complaints from PEPs, their family members or close associates about being categorised wrongly. The FOS is bound to take the FCA's paper "into account" when deciding what is fair and reasonable in all the circumstances. Indeed, regulation 35(4)(b)(i) goes no further towards making the guidance compulsory than to state that firms should take it into account, but the FCA is hardly likely to treat it as optional when on site visits.
If there is one regulatory phrase that one can confidently state to be stronger than "take account of," it is "refer to." This is the phrase the FCA uses to describe what financial firms must do with its own non-binding pronouncements. It quotes regulation 35(2) which states that in determining whether its systems and procedures are appropriate, a firm should refer to any information the FCA provides, and it opines that this extends to its informal wish-list contained in its "Financial Crime Guide" and even in its annual report, its thematic reviews and its officers' speeches.
Who is a PEP, a close associate or a family member?
PEPs are defined in regulation 35(12)(a) as individuals entrusted with prominent public functions. The FCA thinks that, in the UK, it is not normally necessary to treat public servants below permanent or deputy permanent secretary as 'prominent.' The regulations exclude junior or mid-ranking people from being PEPs, so in those cases the regulator only wants firms to apply what it calls "customer due diligence" - an ugly term that the Basel Committee for Banking Supervision began using in 2001 in place of "know your customer" and which the Financial Action Task Force, the world's AML standard-setter, began using shortly thereafter.
PEPs' relatives and close associates are not themselves PEPs solely as a result of their connection to PEPs. A family member could be a spouse, a civil partner, a child, his spouse or civil partner, or a parent. The FCA, very sensibly, extends this definition to a sibling. The FCA thinks that it may be appropriate to include a wider circle of family members (such as aunts and uncles) in cases where a firm believes a PEP to pose a higher risk, but it does not say how.
A ‘known close associate’ of a PEP is defined in regulation 35(12)(c) as:
- someone with joint beneficial ownership of a legal entity or a legal arrangement or any other close business relationship with a PEP; or
- someone with sole beneficial ownership of a legal entity or a legal arrangement that is known to have been set up for the benefit of a PEP.
What happens to ex-PEPs?
If a PEP ceases to have a prominent public function, he should continue to be subject to risk-based "enhanced due diligence" or EDD for a period of at least 12 months after losing office.
High-risk or low-risk PEPs
A PEP's 'riskiness' as regards money laundering varies according to:
- the prominent public functions a PEP holds;
- the nature of the proposed business relationship;
- the potential for the product to be misused for the purposes of corruption; and
- any other relevant factors the firm has considered in its risk assessment.
The FCA links lower risk to situations where the customer wants access to a product the firm has assessed to pose a lower risk - perhaps a product to which it applies "simplified due diligence" or SDD. The regulator also thinks that a British PEP poses low risk, unless other factors not linked to his PEP status push his riskiness up on their own. According to Regulation 18 and various pronouncements from the EU, he may also pose a lower risk if his country is:
- associated with low levels of corruption;
- political stable with free and fair elections;
- the possessor of "strong state institutions";
- the possessor of credible anti-money laundering defences;
- the venue for a free press with a track record for probing official misconduct;
- one with an independent judiciary and a criminal justice system free from political interference;
- one with a track record for investigating political corruption and taking action against wrongdoers;
- strong traditions of audit within the public sector;
- one that legally protects informants or 'whistleblowers'; and
- one with well-developed registries for the ownership of land, companies and equities.
A relationship with a PEP should have approval from senior managers at the outset or when the continuation of the relationship is to be considered. For these purposes, senior managers perform the CF11/SMF17 Money Laundering Reporting Officer job. When 'low risk' PEPs are involved, however, 'sign-off' may come from a lower level.
When dealing with a PEP a firm should also establish the source of wealth and source of funds involved and conduct "enhanced, ongoing monitoring" of the business relationship.
The FCA deems a PEP to pose a higher risk if the product in question is "capable of being misused" to launder the proceeds of large-scale corruption. He may also do so if his country:
- is associated with high levels of corruption;
- is politically unstable;
- has weak state institutions;
- has weak anti-money laundering defences;
- takes part in armed conflict;
- has non-democratic forms of government;
- has "widespread organised criminality," presumably a pointed reference to Italy;
- has a political economy dominated by a small number of people/entities with close links to the state;
- lacks a free press;
- has a criminal justice system vulnerable to political interference;
- lacks expertise and skills related to book-keeping, accountancy and audit, particularly in the public sector;
- has law and culture that is antagonistic to the interests of 'whistleblowers';
- has weak or opaque registries of ownership for companies, land and equities; and
- is a place where people abuse human rights.
The PEP might also be highly risky if:
- his personal wealth or lifestyle is inconsistent with his known legitimate sources of income or wealth;
- his country has laws that do not generally permit the holding of a foreign bank account, because then it is important for the firm to satisfy itself that he has permission to do so;
- there are credible allegations of financial misconduct, including bribery;
- he is responsible for, or able to influence, large public procurement exercises;
- he is responsible for, or able to influence, the allocation of scarce government licenses such as mineral extraction concessions or permission for significant construction projects.
Risky relatives and chancy cronies
By a similar token, the FCA says that the following characteristics might suggest that a family member or close associate of a PEP poses a higher risk.
- Wealth derived from the granting of government licences.
- Wealth derived from preferential access to the privatisation of former state assets.
- Wealth derived from commerce in industry sectors associated with high barriers to entry or a lack of competition, particularly where these barriers stem from law, regulation or other government policy.
- Wealth or lifestyle inconsistent with known legitimate sources of income or wealth.
- Credible allegations of financial misconduct, including bribes.
- Appointment to a public office that appears inconsistent with personal merit.
Lower risk situations
In the FCA’s view, in lower risk situations a firm may do the following:
- skip enquiries about the PEP's family or known close associates, except to see whether there are any;
- take less intrusive and less exhaustive steps to establish his (or his relative's or associate's) sources of wealth and funds;
- let oversight and approval of the relationship take place at a level less senior than the board of directors - the MLRO might do;
- subject a business relationship with a PEP or a PEP’s family and close associates to less frequent formal review.
Higher risk situations
In the FCA’s view, in higher risk situations a firm may take the following measures:
- take more intrusive and exhaustive steps to establish the sources of wealth and funds;
- use a more senior level of management to oversee and approve the relationship;
- subject a business relationship to more frequent and thorough formal reviews.
Beneficial owners of legal entities who are PEPs
If a PEP is a beneficial owner of a corporate customer-firm, the bank in question should know it. The FCA is, however, at pains to say that a legal entity need not be treated as a PEP just because a PEP might be a beneficial owner.
Once the financial firm is satisfied that a PEP is a beneficial owner, it should assess the risks. CDD will do if the PEP is just a prestigious figurehead for an organisation; EDD might be more appropriate if he has significant control or the ability to use his own funds in relation to it.