This is the final part of our series on “Managing Politically Exposed Persons” in which we provide an overview of the best practices related to the onboarding and maintenance of politically exposed customers in a sustainable and compliant manner. You can find the other parts here:
Record Keeping Obligations
The proper management of PEPs requires the maintenance of additional records over and above what is required in connection with other client categories. Key additional data points required include:
- Senior management approval: the onboarding and maintenance of PEP customers is subject to mandatory senior management approval under 4MLD. There are various ways of establishing senior management approval, however in all cases record of such approval should be maintained.
- Source of wealth and source of funds: are mandatory data points in connection with PEPs. Sufficiently detailed source of wealth information should be maintained in order to substantiate the customer profile and support the performance of ongoing monitoring
- Information regarding the politically exposed position: the subject person should keep record of the position(s) giving rise to the PEPs political exposure
- Date of appointment and termination of politically exposed position: the subject person should keep record of the start and, if applicable, end dates of the politically exposed position(s) in question. Depending on the customer risk, the subject person may choose to stop treating the customer as a PEP following the lapse of a certain number of years from the termination of the PEP position.
- Customer risk assessment data: including information regarding (i) the services and products provided to the PEP (ii) the key jurisdictions associated with the PEP (including place of residence, jurisdiction associated with the political office and jurisdictions from which wealth and funds are derived) (iii) delivery channels used to service the PEP
- Name screening data: PEPs should be subject to thorough screening against sanctions lists, law enforcement records and negative media. Records of the relevant searches should be retained. Record should also be maintained of screening conducted against PEP lists in order to determine whether the customer is indeed a PEP. As with all name screening processes, adequate records should be retained to demonstrate how any false positives were determined as such.
PEP records should be regularly updated. The legislation is silent on the frequency at which such records should be updated, however a minimum annual review cycle may be prudent given the typically higher risk associated with PEPs.
The management of PEPs presents certain challenges and subject persons should ensure that they have appropriate policies, procedures and governance structures in place in order to be able to appropriately manage the risks associated with this customer segment. However once the appropriate measures are in place subject persons should be able to service PEPs in a robust and sustainable manner.