Challenges in dealing with politically exposed persons

Foreword | Politically exposed persons (PEPs) are individuals who are, or have been, entrusted with prominent public functions. PEPs are potential targets for bribes due to their prominent position in public life. They have a higher risk of corruption due to their access to state accounts and funds. A review of Financial Action Task Force (FATF) and FATF-style regional bodies' mutual evaluation reports reveals that a significant number of jurisdictions are found to be either non-compliant or partially-compliant with the FATF recommendation on PEPs. Corrupt PEPs may exploit the regulatory difference between jurisdictions to facilitate the laundering of corruption proceeds and/or illegally diverted government, supranational or aid funds. To combat money laundering risks posed by PEPs, there is a need for ongoing monitoring of risks by regulated entities. This paper also outlines three policy implications, namely: deciding whether to include domestic public office holders in existing PEP definitions; deciding when to terminate PEP status; and deciding whether to extend PEP monitoring to individuals holding important positions in the private sector, that is, financially exposed persons.

Adam TomisonDirector

Corruption is a universal phenomenon and according to Transparency International, 'bribery levels around the world are still too high: around 10 percent of the general public reported paying a bribe in the previous year, and the most vulnerable appear to be hardest hit' (TI 2009: 19).

There is an increasing focus on criminalising corruption and bribery at both the international (eg UN Convention against Corruption) and domestic levels. For example, in Australia, Australian citizens or residents and legal entities incorporated by, or under a law of, the Commonwealth or of a state or territory found guilty of bribing, or attempting to bribe, foreign public officials are liable to criminal penalties. For an individual, the maximum penalty is a term of imprisonment of up to 10 years and/or a fine of up to 10,000 penalty units (currently $1.1 million). For a body corporate, the maximum penalty is a fine of up to 100,000 penalty units (currently $11m) or three times the value of benefits obtained by the act of bribery, whichever is greater. If the value of benefits obtained from bribery cannot be ascertained, the penalty is a fine of up to 100,000 penalty units or 10 percent of the annual turnover of the company during the period (the turnover period) of 12 months ending at the end of the month in which the conduct constituting the offence occurred, whichever is greater (see Division 70, Criminal Code Act 1995 (Cth), amended in February 2010).

In recent years, there has been increasing concern about money laundering cases involving high net-worth individuals who are, or who have been, entrusted with prominent public functions—commonly referred to as politically exposed persons (PEPs)—where their wealth has been obtained by illegal means, such as bribery and corruption. Although PEPs are not by definition corrupt, and the majority of PEPs do not abuse their position, they are vulnerable in that they have the capacity to control or divert funds and to award or deny large-scale projects for illicit gain.

There are various risks in establishing businesses associated with PEPs (especially if they come from high-risk jurisdictions). This paper examines some of the key challenges in dealing with PEPs. Recent reviews of reported compliance levels in mutual evaluation reports published on or after 2007 indicate a significant number of jurisdictions are either non- or only partially-compliant with the Financial Action Task Force (FATF) PEP recommendation. The reviews highlight the need to minimise PEP risks through regulatory controls, as outlined in this paper.

Politically exposed persons

There is no single, universally agreed upon definition of PEPs. For example, the European Union (EU) Third Money Laundering Directive defines PEPs as 'natural persons who are or have been entrusted with prominent public functions and immediate family members, or persons known to be close associates, of such persons' (EC 2005: np). EU Directive 2006/70/EC further clarifies that public functions exercised at levels lower than national (eg provincial, local) should not normally be considered prominent unless their political exposure is comparable to that of similar positions at the national level.

The EU's definition is similar to that set out in the 2006 Joint Money Laundering Steering Group (JMLSG) guidance, which includes heads of state or of government, senior politicians, senior government, judicial or military officials, senior executives of publicly-owned enterprises and important political party officials. The JMLSG is an organisation made up of leading UK industry associations in the financial services industry.

FATF's 40 Recommendations (updated October 2004) and the 9 Special Recommendations on Terrorist Financing (updated February 2006) have a similar definition and comprise:

  • current or former senior officials in the executive, legislative, administrative, military, or judicial branch of a foreign government (elected or not);
  • a senior official of a major foreign political party;
  • a senior executive of a foreign government-owned commercial enterprise, being a corporation, business or other entity formed by, or for the benefit of, any such individual;
  • an immediate family member of such individual (ie spouse, parents, siblings, children, and spouse's parents or siblings); and
  • any individual publicly known (or actually known by the relevant financial institution) to be a close personal or professional associate (FATF 2004).

Among the top 10 job roles with the greatest perceived risk of involvement in money laundering, illicit payments, corruption and other illegal activity, as included on the Dow Jones Watchlist, are:

  • heads and deputies of state/national governments;
  • senior members of the armed forces;
  • national government ministers;
  • senior members of the secret services;
  • heads and deputy heads of regional government;
  • political pressure and labour group officials;
  • city mayors;
  • political party officials;
  • state corporation executives; and
  • senior members of the police services.

Only city mayors were not considered PEPs in any of the PEP definitions presented in this paper.

There is no 'one size fits all' PEP definition. The FATF and EU PEP guidelines, and the complementary list of PEP categories designed to assist in the interpretation of the PEP definitions, are non-exclusive and somewhat vague for the following reasons:

  • there is no universally agreed definition of when someone ceases to be classified as a PEP; and
  • if a global and all-inclusive list of PEPs were produced, criminals and terrorists would be better placed to target PEPs or others not under the additional scrutiny of enhanced due diligence and to engage them in corruption.

Rather than simply creating a prescriptive- or checklist-based PEP definition and seeking to apply it, regulated entities (REs) and regulators should undertake a risk-based evaluation of the types of monitoring and prevention strategies that are likely to be most effective in mitigating the (money laundering) risks posed by PEPs in their respective jurisdictions over time. It is likely REs are better equipped than regulators to effectively assess and mitigate the particular money laundering risks REs face.

The locations in which REs conduct their business and the nature of their products and services will also determine the level of risk and the appropriate response. REs conducting businesses in high-risk jurisdictions should perform additional due diligence measures. For example, in jurisdictions known to be evading gem-targeting sanctions by laundering precious stones in other jurisdictions before being shipped to developed economies, REs should determine whether the customer and their known associates are PEPs and take reasonable measures to establish the source of the gems. A shift towards targeted risk-based screening may enable the RE to adopt a more efficient PEP screening process.

Due diligence obligations

PEPs now face closer scrutiny. At the Sommet Evian Summit in 2003, the G8 member nations (Canada, France, Germany, Italy, Japan, Russia, the United Kingdom and the United States), supported the adoption of the OECD convention which requires financial institutions in G8 jurisdictions to establish procedures and controls to conduct enhanced due diligence on the accounts of PEPs and thereby detect and report transactions that may involve the proceeds of foreign official corruption. The Basel Committee on Banking Supervision and the EU's Directive 2005/60/EC also mandate designated businesses and professionals to apply, on a risk-sensitive basis, specific rules of customer due diligence (CDD) concerning financial transactions and business relationships with PEPs and the management of their assets and financial affairs (EU 2005).

The EU Third Money Laundering Directive and FATF Recommendation 6 also require REs to perform the following additional due diligence measures:

  • Have appropriate risk management systems (eg implementing appropriate internal policies, procedures and controls) to determine whether the customer or beneficial owner in relation to the customer (if any) is a PEP.
  • Obtain senior management approval for establishing business relationships with such customers.
  • Take reasonable measures to establish the source of wealth and source of funds.
  • Conduct enhanced ongoing monitoring of the business relationship (eg monitor customers' accounts and scrutinise transactions to ensure that they are consistent with its knowledge of the customer, their business and risk profile and where appropriate, the source of funds).

In addition, FATF member jurisdictions may take risk into account when deciding to limit the application of certain FATF Recommendations. These include:

  • when a financial activity is being carried out on an occasional or very limited basis (having regard to quantitative and absolute criteria) such that there is little risk of money laundering or terrorist financing activity occurring; or
  • in other circumstances on a strictly limited and justified basis where there is a proven low risk of money laundering and terrorist financing. It should be noted that member jurisdictions are not allowed to opt out of Recommendation 6 on the basis of a risk-based approach.

FATF Recommendation 6 compliance

Mutual assessment is based on information obtained and observations made during a visit by a small team of selected experts from the legal, financial and law enforcement fields of other FATF member countries. Other than assessing member countries compliance in implementing FATF 40 Recommendations and Nine Special Recommendations, the mutual evaluations also highlight areas of concern which fall short of FATF standards (Johnson 2008).

As illustrated in Table 1, compliance levels with FATF Recommendation 6 vary between member jurisdictions and only one out of 37 jurisdictions is deemed to be fully compliant with FATF Recommendation 6; a further two jurisdictions are largely compliant. No particular geographical region was found to have better compliance performance.

A large number of jurisdictions are deemed either non-compliant (26 out of 37 jurisdictions) or only partially compliant (8 out of 37 jurisdictions). Common factors underlying a rating of non-compliance or only partial compliance that were highlighted by the assessors were:

  • No measures in relation to PEPs, or an absence of enforceable measures concerning the establishment of business relationships with PEPs (evident in at least 19 of the reviewed jurisdictions).
  • No specific requirements to obtain senior management approval to continue the business relationship when a customer or a beneficial owner is found to be, or subsequently becomes, a PEP (in at least 6 of the reviewed jurisdictions).
  • No specific requirements to determine the source of wealth for PEP-related business (in at least 4 of the reviewed jurisdictions).
  • No specific requirements to conduct enhanced ongoing monitoring of business relationships with a PEP (in at least 4 of the reviewed jurisdictions).

Two-thirds of the jurisdictions reviewed (24 out of 36 jurisdictions) were also found to have excluded domestic public office holders from the PEP definition; and a number of these jurisdictions had signed and/or ratified the UN Convention Against Corruption (UNCAC; UNODC 2004). Australia, for example, signed and ratified the UNCAC on 9 December 2003 and 7 December 2005 respectively, but has yet to include domestic public office holders in the PEP definition.

Chapter III of the UNCAC requires signatories to adopt legislative and other measures to prevent the bribery of national public officials, foreign public officials and officials of public international organisations (Articles 15 and 16); embezzlement, misappropriation or other diversion of property by a public official (Article 17); abuse of functions by a public official (Article 19); and illicit enrichment of a public official (Article 20). Article 52(1) of the UNCAC also requires signatories to adopt legislative and other measures to 'require financial institutions within [the respective] jurisdiction to verify the identity of customers, to take reasonable steps to determine the identity of beneficial owners of funds deposited into high-value accounts and to conduct enhanced scrutiny of accounts sought or maintained by or on behalf of individuals who are, or have been, entrusted with prominent public functions and their family members and close associates' (UNODC 2004: 42).

It may be observed that these Articles do not distinguish between foreign and domestic public officials. Domestic PEPs are considered no less of a risk than their international counterparts and should not be automatically exempted from enhanced due diligence. Jurisdictions (including Australia) that have signed and ratified the UNCAC should consider learning from jurisdictions such as Malawi (who signed and ratified the UNCAC on 21 September 2004 and 4 December 2007 respectively) and Mexico (who signed and ratified the UNCAC on 9 December 2003 and 20 July 2004 respectively) and include domestic public office holders in their PEP definition.

Risk mitigation by regulated entities

Reputational, legal and operational risk mitigations are, and will continue to be, key priorities for regulated service providers who rely on a good reputation to remain in business. REs have an interest in not being associated with criminal activity. Any employee in the RE involved in money laundering activities, even if acting on their own, could subject the entity to civil and criminal penalties, which may result in reputational risks for the entity concerned. The detrimental consequences of exposure to reputational and legal risks should not be overlooked as 'PEP risk is the very real possibility that over breakfast tomorrow morning, you will read that your bank holds the accounts of one of the world's most corrupt leaders—and you had no idea, and you are being held responsible' (World-Check 2008: 6).

Although it may not be possible to fully anticipate regulatory requirements, REs should follow a standard process to identify and assess risks, apply the optimal set of controls and monitor the results to ensure that all significant risk exposures are addressed.

An effective risk-based approach will allow REs 'to exercise reasonable business and professional judgement with respect to customers and counterparties. Application of a reasoned and well-articulated risk-based approach will justify the judgments made with regard to managing potential money laundering and terrorist financing risks' (FATF 2008: 4).

Applying a higher standard of customer due diligence

Although anti-money laundering/counter-terrorism financing (AML/CTF) legislation in some jurisdictions includes specific legislative or other enforceable obligations regarding the identification and verification of PEPs, PEP definitions may differ between jurisdictions. In Taiwan, for example, financial institutions are required to exercise 'extraordinary diligence toward non-resident clients to understand why they open accounts in a foreign country' (Bankers Association of the Republic of China 2007: 6). There is, however, no specific mention of exercising enhanced due diligence to determine whether the customer is a PEP or to establish the source of wealth and source of funds.

The conflicting definitions of PEPs compound the difficulties for REs with overseas branches and subsidiaries in complying with laws in multiple jurisdictions (eg conflicting disclosure laws between jurisdictions). It is contended that REs should seek to apply the higher standard to the extent permitted by the law of the host jurisdiction and ensure that they are properly compliant with the obligations in respect of the jurisdiction(s) in which they operate.

In the event that overseas branches and subsidiaries are unable to comply with certain AML/CTF measures mandated by the AML regulator in their home jurisdiction due to conflicting legislation in the host jurisdiction, legal advice should be obtained from the home jurisdiction AML regulator. Additional measures to effectively handle the risk of money laundering can be undertaken by the REs.

Commercial watch lists

Sanction and commercial PEP watch lists contain information on PEPS compiled from available open-source information worldwide. Identifying PEPs and ongoing monitoring of their assets and financial affairs are not, however, without challenge. For example, REs (especially non-financial institutions) may not have the resources to obtain a sufficient level of knowledge on the new or existing customers most at risk due to a lack of transparency in the political landscape in some jurisdictions. Criminal records and information on civil or criminal litigation may also not be readily available publicly, unless the case is reported in the media (World-Check 2008). In addition, REs need to decide to what extent open source information including media reports is to be trusted or should be subjected to further review.

There is no single correct answer when it comes to deciding which watch lists to use. There is a need for REs to have in place a procedure to establish criteria to automate processes and decision alerts, and to understand how specialised compliance software for exposure ranking can streAMLine workflow and facilitate filtering and to identify pre-emptive measures that can be taken to prepare for regulatory reviews (Schiffer 2008).

Compliance cost

PEP screening can be a costly exercise and REs should decide the level of screening (eg percentage of the customer database to match against and the fields and client attributes to use in the search) based on the perceived risk faced by the entity. For example, de Ruig (2008) estimated that approximately 208 to 375 eight-hour working days is required to match 500,000 to 900,000 records in a commercial PEP watch list against a client base of one million.

It is important for current and prospective REs to continue to appreciate that, given the proven propensity for money laundering to impact across their institutions, there will inevitably be costs and inconvenience incurred in establishing effective countermeasures.

Costs (and level of inconvenience) greatly depend on the sophistication of the AML/CTF controls adopted and the requirements of AML/CTF legislation. One possible way of reducing the AML/CTF compliance cost for some businesses is to avoid repetition in ongoing compliance projects. Businesses can identify any compliance overlap by:

  • mapping the identified controls onto existing control requirements; and
  • leveraging off existing projects (Pinder 2006). The appetite for operational efficiency has also driven financial services companies to 'combine the traditionally separate disciplines of crime and compliance management' (Duffy 2008: 6).

Monitoring risks

The private sector plays a pivotal role in fighting corruption, as corrupt dealings may involve banks or other financial intermediaries whose involvements may be involuntary and unknowing. A strong partnership is needed between the REs and regulators to combat risks posed by corrupt PEPs.

This can be achieved, in part, by conducting ongoing environmental scans of the risk of money laundering posed by PEP clients. For example, REs should monitor developments in business that might lead to the creation of funds that will be laundered. An example is the increasing prevalence of new and more complex banking and financial products involving high net-worth customers. In today's increasingly global financial markets, services involving high net-worth customers (eg private banking and investment services) can be tailored to a customer's particular needs and may be provided from a wide range of facilities available to the customers. These include current account banking, high-value transactions, non-standard investment solutions, facilitating the conduct of business across different jurisdictions or via offshore and overseas companies, and the use of trusts or personal investment vehicles.

Ng (2008), for example, noted that an increasing number of private banks in Singapore are creating new specialist units to cater to Asia's super wealthy. Further, that the ultra-high net worth clients in Asia who book assets in Singapore are reportedly to largely be comprised of entrepreneurs from high corruption risk jurisdictions. These services can be exploited by corrupted PEPs and establishing business relationships with this wealthy group of clients involves varying degrees of risk.

Consequently, the private sector has a responsibility to combat corruption and they have the potential to detect corrupt money flows. When dealing with PEPs, professionals and businesses should, at a minimum, understand the nature of the business, the source of funds of the account, the source of wealth of the account owner and beneficial owner, the typical volume and value of transactions in the particular industry of that size and the financial profile of the customers.

Challenges for the future

This paper has highlighted some of the key challenges in dealing with PEPs and risks when entering into financial transactions and business relationships with PEPs. Although there is a practical need, as well as a philosophical need, for REs to be mainly responsible for evaluating their level of risk, an important tool in the fight against corruption and money laundering is 'the creation of a set of rules/incentives finalized to direct and constrain economic agents' behavior' by government and regulatory bodies (Arnone & Padoan 2008: 363). To minimise the risk of regulatory arbitrage (criminals taking advantage of a regulatory difference between two or more jurisdictions to facilitate their money laundering activities), there is a continuing need for Australian and international regulatory bodies to address issues in the definition of PEPs—including a lack of clarity in the definition and the failure to develop an accepted uniform definition. Arguably, there is also a need to harmonise legally-enforceable obligations targeting PEPs.

Domestic politically exposed persons

The rate of bribery and corruption in developed economies might not be as high as in some other jurisdictions, but no jurisdiction including Australia is corruption-free. For example, a former Queensland Government minister was recently sentenced to seven years imprisonment on '36 charges of corruptly receiving $360,000 in secret payments from two Queensland businessmen…when he was a cabinet minister in the Beattie government' (Marriner 2009).

Reviews of the mutual evaluation reports (Table 1) indicated that only three jurisdictions—Malawi, Mauritius and Qatar— were evaluated to be fully compliant with the domestic PEP requirement. While in jurisdictions such as Hong Kong, Mexico, Bulgaria, Indonesia and Thailand, only the banking and financial sector is required to perform enhanced CDD for domestic PEP customers. The low compliance level on FATF Recommendation 6, combined with the lack of a uniform PEP definition across jurisdictions (and between entities), could create a favourable situation for criminals and corrupt PEPs, particularly domestic PEPs, who do not have to look far to infiltrate the global financial system.

Table 1 Summary of compliance with FATF PEP recommendation (based on published mutual evaluation reports on or after 2007)—jurisdictions evaluated to be partially, largely or fully compliant
Jurisdiction Rating (based on measures in place as of month year)/summary of factors underlying rating Domestic PEPs?
a: C=compliance, LC=largely compliant, NC=non-compliant, PC= partially compliant and FIs= financial institutions
b: In the Insurance Guidelines, the definition adopted is the same as that used by the FATF, thereby limiting it to foreign individuals, although insurance institutions are encouraged to extend the relevant requirements to domestic PEPs. The Bank Supplement defines it in very similar terms, but does not draw any distinction between domestic and foreign PEPs
Source: Published mutual evaluation reports (in English) from Asia/Pacific Group on Money Laundering (APG), Eastern and South African Anti Money Laundering Group (ESAAMLG), Financial Action Task Force on Money Laundering (FATF),3343,en_32250379_32236982_ 35128416_1_1_1_1,00.html, Middle East & North Africa Financial Action Task Force (MENAFATF) Type=train, and Select Committee of Experts on the Evaluation of Anti-Money Laundering Measures (MONEYVAL)
Hong Kong PCa (Nov 2007). No explicit requirement in the banking and insurance guidelines that senior management approval is needed to continue a business relationship with a customer subsequently discovered to be a PEP. No enforceable provisions regarding the identification and verification of PEPs for remittance agents and money changers. No formal assessment undertaken to justify exclusion of money lenders, credit unions, the post office and financial leasing companies from CDD requirements. Partiallyb
Israel PC (Nov 2007). Limited PEP definition (excluding family members and known associates) applicable only to FIs. Establishing business relationships with PEPs by banking corporations only limited to account opening. Senior management approval for establishing business relationships with PEPs only partly covered in respect of FIs. No provisions for FIs to seek senior management approval to continue the business relationship when a customer is subsequently found to be, or becomes a PEP. No
Liechtenstein PC (Apr 2007). No explicit requirement for enhanced due diligence for PEP-related business. No specific requirement to obtain senior management approval to continue the business relationship when a customer or a beneficial owner is found to be, or subsequently becomes a PEP. No explicit requirement to determine the source of wealth for PEP-related business. No
Malawi PC (Mar 2008). Determination of beneficial ownership and source of wealth are significant deficiencies and only banks comply with this requirement. Yes
Malaysia PC (Feb 2007). Specific requirements on PEPs not provided in the securities industry guidelines. Uncertainties about current level of implementation. No
Malta PC (Nov 2005). No adequate measures concerning PEPs, which are enforceable. No
Mauritius PC (Oct 2007). Not all financial institutions are covered. Definition of PEPs does not apply in all circumstances (eg family and associates in all circumstances beneficial owners and obtaining their source of wealth and funds of beneficial owners). Senior management approval not required for persons who become a PEP after the commencement of a relationship. Does not cover close associates and beneficial owners—including obtaining their source of wealth and funds. Yes
Mexico LC (Jan 2008). No explicit requirement in some regulations to obtain senior management approval for existing PEP accounts and relationships. Need to define the scope of 'origen de recursos' to include source of wealth for PEPs in addition to source of funds. Yes (FIs only)
Russian Federation PC (Nov 2007). PEPs definition does not extend to individuals entrusted with public functions. No requirement for obtaining approval from senior management for existing customers found to be PEPs. Lack of clarity relating to establishing source of wealth and enhanced ongoing due diligence. Beneficial ownership is not covered. No information on effectiveness. No
Singapore LC (Sep 2008). Commodity futures brokers will only be covered in 2008. No
Zimbabwe C (May 2006). Not mentioned

To minimise the risk of criminals seeking to corrupt public office holders in jurisdictions with no domestic PEP regulation, FATF and other international bodies should consider exerting their influence on jurisdictions, particularly jurisdictions perceived to have relatively high risks of corruption who have signed/ratified the UNCAC to extend PEP monitoring to domestic PEPs and other individuals exercising functions not normally considered prominent, but with political exposure comparable to that of similar positions at a prominent level (see EU 2006/70/EC).

In jurisdictions with no specific legislative or other enforceable obligations regarding the identification and verification of domestic PEPs, REs should consider applying enhanced CDD for all PEP customers, domestic or foreign, based on their risk assessment.

Cessation of politically exposed person status

When and how to remove PEP status also requires consideration by Australian and international regulatory bodies. The UK Money Laundering Regulations 2007, (based on EU Third Money Laundering Directive) states that an individual should no longer be considered a PEP 12 months after leaving office. Sohn (2008: 4) questions how quickly the influence of a former politician wanes and suggests that 'former heads of state, at a minimum, cast a shadow significantly longer than 12 months'. REs should, therefore, consider performing a risk-based evaluation to determine whether PEP monitoring should be extended beyond the minimum period for individuals deemed to have a higher money laundering risk.

Financially exposed persons

Australian and international regulatory bodies should also consider extending PEP monitoring to individuals holding important positions in the private sector. These individuals—financially exposed persons (FEPs)—are no less vulnerable to being corrupted. The recent Australian Wheat Board's Oil-for-Food scandal (see Botterill 2007 for a detailed analysis) demonstrates the genuine financial risks bribery and corruption pose to the jurisdiction's reputation as well as a company's operations.


All URLs correct at 6 January 2010

About the authors

Dr Kim-Kwang Raymond Choo is a senior research analyst at the Australian Institute of Criminology