Just one month before the International Consortium of Investigative Journalists began reporting on what has been dubbed the “FinCEN Files”—an investigation of thousands of suspicious activity reports and government documents highlighting global financial corruption—Financial Crimes Enforcement Network (FinCEN) dropped an important guidance document on August 3 that highlights the serious, ongoing national security and criminal threats posed by politically exposed persons (PEP) who engage in illicit activity as a top priority for U.S. regulators. The guidance document was followed by a joint statement from U.S. financial regulatory bodies on August 21 further highlighting the need for compliance with customer due diligence (CDD) with a focus on identifying and monitoring high-risk PEP customers.
The two guiding documents released in August both highlight the need for proper CDD and further exploration of concerns with PEPs. The new guidance issued by FinCEN on August 3 furthers the existing CDD regulations requiring financial institutions to verify the identities of potential account holders who own or run a business, keeping a watchful eye on PEPs. According to FinCEN, a PEP “is a term commonly used in the financial industry that refers to a foreign individual entrusted with prominent public functions” and often includes close associates and family members.
In a given year, between 2 and 5 percent of global GDP is laundered globally. That equates to about $800 billion to $2 trillion U.S. dollars, according to Deloitte, and while the gap between the two numbers is vast the lower estimate should be eye-widening to the seriousness of the issue that financial institutions and regulators must address. Under FinCEN’s existing anti-money laundering (AML) rules for banks, Section 1020.210, regulated financial institutions’ AML programs must—in addition to maintaining internal controls independently tested for compliance and overseen by designated individuals—include “appropriate risk-based procedures for conducting ongoing customer due diligence, to include, but not be limited to: (i) Understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and (ii) Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.”
The August 3 guidance takes this rule a step further, clarifying that in order for a financial institution to develop a customer risk profile, the firm needs an understanding of the financial crime risks of its customers such as association with money laundering or terrorist financing—distinguishing various risks of bank customers and actively updating risk profiles. According to the guidance document, “Should the financial institution become aware as a result of its ongoing monitoring of a change in customer information (including beneficial ownership information) that is relevant to assessing the risk posed by the customer, the financial institution must update the customer information accordingly.”
A few weeks later, on August 21 FinCEN released the Joint Statement on Bank Secrecy Act Due Diligence Requirements for Customers Who May Be Considered Politically Exposed Persons with the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Office of the Comptroller of the Currency. According to the joint statement, “In high-profile cases over the years, foreign individuals who may be considered PEPs have used banks as conduits for their illegal activities, including corruption, bribery, money laundering, and related crimes. Banks are reminded of their obligation to identify and report suspicious activity, including transactions that may involve the proceeds of corruption. The Agencies recognize that PEP relationships present varying levels of money laundering risk, and those risks depend on the presence or absence of numerous factors.”
While not all PEPs are higher risk customers, banks must employ appropriate risk-based policies for performing CDD to understand the purpose and nature of customer relationships for compiling a customer risk profile, and perform ongoing monitoring that allows for the identification and reporting of suspicious activity that should be noted in the customer’s risk profile. There are various factors government regulators suggest considering when developing customer risk profiles, including:
- Position of public office or public trust held by the customer (or that of their family or close associates)
- Indications that the customer may misuse the authority granted via public office or trust for personal gain
- Types of products and services used by the customer
- Nature and volume of transactions made by the customer
- Geographical locations associated with the customer’s authority and/or activity
- Designated governmental responsibilities to the customer
- Nature and level of authority the customer has over governmental activities or officials
- Access the customer possesses to government assets or funding
For years, Vcheck Global has been a trusted partner assisting banks and financial services firms with conducting comprehensive due diligence of their customers, with a focus on identifying PEPs and other potential risks, to ensure they can effectively root out potential risks and mitigate hefty fines and negative brand exposure.