ECSH63515 - Regulation 35 - Enhanced customer due diligence: politically exposed persons
The Law
What it means
This sets out that a relevant person must have risk-management systems and procedures in place to determine whether a customer is a politically exposed person (PEP).
Failure to do so is a fundamental customer due diligence (CDD) breach under regulation 35(1).
There must be a requirement under regulation 27 to carry out CDD, before there can be a breach of this regulation. Failure to have CDD procedures at all, or failing to follow them, is a breach of a fundamental requirement under regulation 19.
Regulation 35 defines a PEP, which includes family members (parents, spouses, and children) or a known close associate of a PEP (such as joint ownership in a business venture or other close business relations, or a venture known to have been set up for the benefit of a PEP).
It sets out the additional measures which must be taken, in addition to the enhanced due diligence measures required under Regulation 33 when dealing with a PEP, namely to:
- Have approval from senior management for establishing or continuing the business relationship with that person;
- Take adequate measures to establish the source of wealth and source of funds which are involved in the proposed business relationship or transactions with that person; and
- Where the business relationship is entered into, conduct enhanced ongoing monitoring of the business relationship with that person.
Failure to do this is a fundamental customer due diligence breach under regulation 35(5).
Individuals entrusted with prominent public functions include:
a) Heads of state, heads of government, ministers and deputy or assistant ministers.
b) MPs or similar legislative bodies.
c) Members of the governing bodies of political parties.
d) Members of supreme courts.
e) Members of courts of auditors or of the boards of central banks (those which manage a country’s money supply and monetary policy; not commercial banks).
f) Ambassadors, charges d'affaires (diplomats who take the place in an embassy when the ambassador is away), and high-ranking caseworkers in the armed forces.
g) Members of the administrative, management or supervisory bodies of state-owned enterprises.
h) Directors, deputy directors and members of the board or equivalent function of an international organisation (for example, the UN).
It sets out that domestic (UK) PEPs are considered lower risk than non-domestic PEPs (unless, of course, there are other risk factors present).
Enhanced ongoing monitoring must be carried out for 12 months after the PEP is no longer in post, as long as no additional risks exist. Where the individual was a family member or known close associate of a PEP, the additional measures can be stopped immediately the PEP is no longer in post.
Purpose
To ensure relevant persons manage and mitigate the enhanced risks arising from transactions and business relationships with PEPs.
PEPs carry a high risk of bribery and corruption because of:
1. Access to public/government/taxpayer funds
2. Influence over financial/budgeting decisions
3. Potential susceptibility to blackmail, corruption, manipulation, etc
4. Influence over legislative decisions and whether this could be exploited
5. Potential misuse of their position for illicit gains
6. Potential risks of enabling money laundering, terrorist financing and/or proliferation financing.
7. Use/access/etc to complex ownership structures to disguise source of funds
Time Line
Previously included in MLR 2007 Regulation 14 and Schedule 2 paragraph 4 (although domestic PEPs were not included).
MLR 2017 enhanced and clarified the requirements on PEPs.
The regulation was updated on 10 January 2024 to provide further clarification regarding domestic PEPs.
What to establish
Does the relevant person understand the terms “Politically Exposed Person” and/or “PEP”?
Does the relevant person have procedures in place to identify if a customer and beneficial owner (where appropriate) is a PEP?
Are those procedures relevant to the risk of dealing with a PEP?
Is it consistent with the relevant person’s risk assessment under regulation 18(1) regarding the likelihood and impact of dealing with a PEP?
Has the relevant person used HMRC guidance and sector risk assessments when considering the risk in relation to PEPs? (Use the published guidance in force at the time of the relevant transaction to check the risks are reflected in the regulation 18 risk assessment).
Which members of senior management can approve the business relationship or occasional transaction? - What information will they review to assist their decision making?
Which members of senior management can approve the business relationship or occasional transaction? - What information will they review to assist their decision making?
How is source of wealth AND source of funds established? – what information is gathered, are there any documents and records of this.
How will the risk be monitored?
Is all of the above documented?
How to test compliance & Evidence to obtain
How to test compliance & Evidence to obtain
Documents/evidence should demonstrate what EDD measures were undertaken. It should be clear from the records what has been done differently to a lower risk customer.
Source of funds verification – it would be anticipated that a bank statement would be available (or something similar). Please note the date of issue of any such document.
Check whatever form of publicly available information has been used for verification purposes? Has the relevant person used a third-party identity provider to identify PEP status? If not; does the business have evidence (such as internet searches, etc) to show what checks were completed? (Carry out your own checks to ensure risks have been appropriately managed.)
Similarly, how were family members and/or close associates identified/verified?
How have any “false positives” been resolved? For example, if the customer’s name matched to a current Prime Minister; how was it concluded that it was/wasn’t the same person)?
Who approved the transaction? Was that person at an appropriate level in the business? Did they follow recorded procedures when approving the transaction? If not, why not?
Scenario
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
Best Practice
During client/transaction testing, utilise publicly available sources to identify whether any of the selected clients which are being tested for CDD/EDD match the those who may be PEPs or known close associates.
During client/transaction testing, once the list of clients/transactions have been gathered, conduct an initial review of the customers/clients and any beneficial owners to identify whether their titles, names or salutations match that of a potential PEP (for example HRH, Prince, Dame, Lord, Sir, Lady, Sheikh, Heads of State, MP, general, high ranking officers in the Armed Forces, etc. - see regulation 35(14) for a full list).
AMP
Many art sales involve high net worth individuals and PEPs. There must be appropriate systems and procedures in place to identify whether the seller, or buyer could be a PEP or known close associate.
ASP
No additional best practice
EAB
No additional best practice
LAB
No additional best practice
HVD
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
MSB
Ensure that any customers of MSBs (money transmitters, cheque cashers and currency exchanges) aren't PEPs or known close associates by reviewing the systems and procedures in place to identify whether any of their customer meet the definition of a PEP, and how they do so. For money transmitters, this also includes the beneficiaries and any relationships with intermediary payment service providers.
Review the transactional information for obvious matches where names, titles and salutations appear to match those referenced in best practice.
Whilst it is entirely possible that PEPs and Known close associates may use any MSB services, particular attention may need to be paid to MSBs providing FOREX services owing to the value and volume of transactions which could indicate an increased risk of MLTF risk associated to bribery and corruption.
TCSP
No additional best practice
Further Reading
ECSH82791 Groups of related contraventions
FATF Guidance: Politically Exposed Persons
FAQs
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)