The risks involved for financial institutions in doing business with PEPs
At the core of the recent international and regional initiatives addressing the financial activities of what have come to be known as ‘Politically Exposed Persons’ is the desire to curb corruption and prevent fraud among some of the poorest nations and peoples of the world.
There is an ongoing global demand for greater control to criminalise corruption and the associated economic crimes on both international and regional levels, eg from the Caribbean Financial Action Task Force (CFATF). This has resulted in a number of international and regional agreements to implement common countermeasures to address the problem of criminal money laundering.
Should banks be concerned?
Yes! The reasons for this are succinctly described in CIMA’s Guidance Notes 2010 on the Prevention and Detection of Money Laundering and Terrorist Financing in the Cayman Islands, in the following terms:
“Business relationships with individuals holding important public positions and with persons or companies clearly related to them may expose Financial Service Providers to significant reputational and/or legal risk [eg under the Cayman Money Laundering Regulations (2009). The risk occurs when such persons abuse their public powers for either their own personal benefit and/or the benefit of others through illegal activities such as the receipt of bribes or fraud.”
While PEP status in and of itself does not and cannot incriminate individuals or entities, it does – and justifiably so, in my view – result in the classification of the existing or potential customer as ‘higher risk’.
Financial Institutions currently spend millions of dollars on the services of companies such as World Compliance and Dow Jones Watch list (formerly Factiva Public Figures & Associates) in order to comply with the legal and compliance framework which now applies with a surprising degree of uniformity throughout the world. This expenditure is justified on the basis that due diligence is a crucial aspect of the day-to-day banking business, without which penal sanction and heavy fines may well be imposed.
For example, heavy fines were imposed on FIs such as Riggs Bank for conducting business with PEPs without following adequate “Know Your Customer” procedures and enhanced due diligence processes.
Riggs Bank or the Swiss banks indicted for their dealings with the Chilean dictator Pinochet provide excellent examples of the type of reputational damage that results when PEP risk management practices fall short of what is required.
In the relatively recent past, several former top FIs in the world have learned the value of PEP due diligence the hard way. For example, the case of Ferdinand Marcos illustrates how failure to conduct adequate PEP risk assessments can have disastrous consequences. The former president of the Philippines and his family had banking relationships with several Swiss banks. When it transpired that the dictator and his wife had defrauded the Philippines government of millions of dollars and deposited the proceeds in Swiss bank accounts, the resultant financial scandal and lingering bad publicity created shock waves throughout the banking world.
Perhaps the banks were naïve; after all, who would imagine that someone in such a position of trust and power would abuse that trust and power so shamefully and openly? The more realistic interpretation is that the banks either simply shut their eyes to the obvious or did not care. The Marcos affair in Switzerland is generally seen as the first case that prompted PEP recognition and assessment insofar as FIs were concerned.
Defining a PEP
In order to be in a position to identify a PEP the customer or entity must be considered as a whole, as opposed to by reference to a list of characteristics or a ‘ticking all the boxes’ approach.
The glossary annexed to the FATF (Financial Action Task Force) 40 Recommendations defines Politically Exposed Persons as:
“Politically Exposed Persons” (PEPs) are individuals who are or have been entrusted with prominent public functions in a foreign country, for example Heads of State or of government, senior politicians, senior government, judicial or military officials, senior executives of state owned corporations, important political party officials. Business relationships with family members or close associates of PEPs involve reputational risks similar to those with PEPs themselves. The definition is not intended to cover middle ranking or more junior individuals in the foregoing categories”.
This definition clearly illustrates just how wide ranging the concept of a PEP is and the risks involved in doing business with persons or entities who are not – according to this definition – in themselves PEPs but who may be used as conduits or nominees for PEPs involved in concealing illicit wealth.
Under the CIMA Guidance Notes PEPs include “heads of state, ministers, influential public officials, judges and military commanders”.
Identifying a PEP – what are the bank’s duties?
Identification of a PEP can be difficult, particularly if the customer fails to provide important information or provides false information. FIs generally do not have the necessary powers, means or information to detect PEPs because banks are restricted in what information they can obtain. It is suggested that the following guidelines should be applied – in addition to the standardised KYC procedures – in the PEP assessment program for FIs. In summary, staff should:
- Quickly establish whether the clients or other persons involved in the business relationship perform a political function.
- Increase due diligence for clients from high risk countries1.
- Utilise up to date country information and, if possible, develop specialist ‘region specific knowledge’.
- Receive regular due diligence and PEP recognition training, and be provided with regular briefs and updates.
- Receive training in, and have at their disposal, databases listing names of PEPs ( and their associates).
In conducting PEP risk assessments, it is important that the category of closely associated persons be cast widely, to include family members, close business colleagues and personal advisors/consultants to the politically exposed person, as well as persons who obviously benefit significantly from being close to such a person.
Dealing with PEPs – an overview of the Cayman Islands
The main development arising from the introduction of the CIMA Guidance Notes is that approval from a senior manager within an FI is now required in order to continue a business relationship with a customer or beneficial owner who is, or has become, a PEP.
With respect to customer due diligence, the CIMA Guidance Notes state that, in addition to performing normal due diligence measures, financial service providers should:
a) Have appropriate risk management systems to determine whether the customer is a politically exposed person.
b) Obtain senior management approval for establishing business relationships with such customers.
c) Take reasonable measures to establish the source of wealth and source of funds.
d) Conduct enhanced ongoing monitoring of the business relationship.
Interestingly, no distinction is made between domestic and foreign PEPs in the Cayman Islands. This recognises the fact that, as in most offshore jurisdictions, most of the business transacted in the Cayman Islands is derived from outside the territory.
Developing a programme for mitigating PEP risk
It is vital for FIs to develop a comprehensive program to mitigate PEP risk. Any basic programme should have at least 10 components, which include the following:
- A coherent policy of defining and identifying a PEP.
- A filter to immediately highlight and identify actual or potential PEPs.
- Procedures to verify a PEPs true identify, address, and network of associates.
- Procedures to document and verify source of wealth and source of funds.
- Procedures to monitor a PEP account’s transaction activity effectively.
- A list of “red flag” transactions unique to PEPs (in addition to the standard AML ‘red flag’ indicators).
- A PEP approval process – management approval or a PEP committee for account acceptance/approval.
- A trained group of account officers to manage PEP accounts.
- A demanding compliance testing and internal audit testing PEP program.
- Procedures for periodically reporting PEP accounts and transaction activity to the board of directors.
While some of these components are not mandated in local regulations, for example, the management approval for new accounts, such safeguards increase the likelihood of detection of suspicious activity.
PEPs are not a new phenomenon. Their designation as ‘high risk’ is not likely to curb the appetite of those who seek to use their positions for improper personal gain in the near future. The Annual Meeting of the World Economic Forum in Davos warned that the global financial crisis could lead to even more public corruption. FIs, particularly those in offshore jurisdictions, should therefore be prepared for an increased risk of PEPs using their services to launder bribe payments and/or other criminal proceeds.
Thus despite the recent – and quite justifiable – claim by the Attorney General that Cayman’s AML regime is “one of the most rigorous in the world”, the due diligence must continue.
Note: The author specialises in international fraud litigation. He is not admitted to practice in the Cayman Islands; this article does not constitute legal advice and may not be relied upon as such.
1. Transparency International Corruption Perceptions Index ranks approximately 180 countries according to their perceived level of corruption – see <www.transparency.org>.
2. 2007 Ministerial Report (Mutual Evaluation / Detailed Assessment Report, Anti-Money Laundering & Combating the Financing of Terrorism)