Major national elections occur every year – but 2024 is shaping up to be of particular significance. Three of the world’s largest economies – the United States, the United Kingdom, and India – are among those set to hold votes to determine their countries’ leadership. This includes not just presidents and prime ministers but national legislatures, too, alongside some regional and state offices. Taking just national office holders in the US Congress, UK parliament, and India’s Lok Sabha alone, more than 1,600 seats will be contested.
This pace of change creates a significant challenge for financial crime compliance teams, who need to ensure they can process these changes effectively without creating undue friction or missing important new risks. Our annual global compliance leaders survey shows many teams anticipate these pressures. 61 percent of firms said they will be more risk-averse when managing politically exposed persons (PEPs) in the next 12 months by, for example, applying greater due diligence at onboarding and through ongoing monitoring.
In a challenging year, understanding whether changes to the risk-based approach firms take to PEPs seems reasonable – but only if they have the people and technology in place to do this effectively. In our survey, 73 percent of firms said they must reduce their reliance on manual processes to manage this volume of PEPs. Just one in four said their existing technology could reasonably handle the volume of PEP changes they’re expecting in 2024.
Put simply, many compliance leaders recognize the unprecedented challenge that 2024 will bring regarding PEP management. But most also acknowledge that they need to change their processes to accommodate these risks. This article will outline five core areas where firms must assess their PEP programs.
#1 Review and stress test approaches to corruption
The predicate crime for money laundering most closely tied to PEPs and their networks is corruption. It’s listed as one of the European Union’s 22 core predicate offenses. It is also one of the national priorities outlined by FinCEN in the US, making it a major priority for regulatory bodies worldwide. 44 percent of financial crime leaders worldwide said tackling corruption is a ‘major priority,’ with a further 44 percent saying it is somewhat of a priority.
Given the large number of PEP changes, the number of firms treating corruption as a major focus will likely rise through 2024. While there are a range of red flags related to corruption firms should be familiar with, several are notable for their increased risk around elections:
- Using political contributions to influence official actions, win favors, or win lucrative public contracts.
- Attempting to hide the nature or extent of a party’s relationship with a company it is doing business with.
- Large or suspicious payments for government services that may benefit the ruling party.
- Transactions occurring in countries or jurisdictions known to be high risk for corruption.
As political leaders seek to influence electors to retain power or hand out favors before an expected loss, any of these red flags above – and more besides – could become more prominent in specific locations. Given the large volume of elections firms will face, compliance teams should plan well ahead, reviewing their business-wide risk assessments, in particular, the jurisdictions they operate in where elections are taking place and specific historical and inherent risks in those locations.
#2 Understand how relevant countries organize their political apparatus
Inevitably, compliance officers will be most familiar with their home country’s political system and processes. But many often overlook how different systems, legislatures, and power distribution can be, even in countries that may share a common language or a large degree of regulatory alignment.
Data on PEP classifications in ComplyAdvantage’s market-leading, proprietary PEP database illustrates this. For example, the US PEP ecosystem is dominated by local-level officials, reflecting the large volume of elected officials at the state level. By contrast, the UK has a more 50/50 split based on the higher degree of power held by the central government. In Singapore, a small country with a high level of centralized power, almost all PEPs are national.
Beyond political structures, jurisdictions also define PEPs differently. For example, while ‘once a PEP, always a PEP’ applies in Hong Kong, this isn’t the case in the UK or Australia.
Firms must approach each country they operate in without expecting similar processes or behaviors. Screening and monitoring measures that work in one context may not, for example, apply well in another – either letting PEPs through without additional checks or creating unnecessary friction disproportionate to an individual’s risk.
#3 Ensure you have multiple technologies in place to conduct comprehensive monitoring
By nature of their roles, PEPs are not simple individuals to screen and monitor, a challenge exacerbated by elections when individuals will take on different responsibilities that may create or eliminate risks. So, how do firms apply unified technology and systems worldwide while allowing for flexibility? A suite of technologies and artificial intelligence (AI) are critical.
This requires firms to use a range of information from multiple sources. These should include information directly from the customer, information gathered from a customer’s banking activity, adverse media identified through negative news screening, third-party sources, and other behavioral data. Adverse media is an integral part of this mix, especially for enhanced due diligence as part of initial onboarding and ongoing monitoring. Analysts must also ensure they clearly understand the purpose of a customer’s account, the source of their wealth, and funds, including the expected inflows and outflows from that account.
#4 Develop a comprehensive approach to de-classification a PEP and offboarding
Many financial institutions neglect to develop comprehensive de-classification and offboarding policies, focusing their AML policies largely on onboarding alone. However, it is also essential to consider when – and how – a customer should be offboarded in alignment with a firm’s risk appetite. Regulators have, for example, criticized banks for not offboarding clients with dormant accounts, given the risk this created for clients who should have been offboarded to process transactions. As a result, firms need a detailed process for when clients should be offboarded, including criteria based on risk, to ensure a uniform process across the organization.
Comprehensive onboarding policies are especially critical for PEPs, given their higher-risk status and the likelihood that their roles will change at short notice. Firms must also ensure that where applicable, once a PEP leaves public office (and is considered to no longer hold influence and control), they are de-classified to ensure the right level of due diligence is applied to avoid excessive operational burden (as enhanced due diligence processes are time-consuming and manually intensive.)
#5 Participate in data and information-sharing schemes
Finally, it’s important to acknowledge that, even with comprehensive onboarding, ongoing monitoring, de-classification, and offboarding processes, there is a limit to the depth and scale of information one firm can amass alone. That’s why public-private data-sharing partnerships are critical for firms to broaden their perspective and more quickly identify emerging risks. This could include, for example, how PEPs in a jurisdiction one firm doesn’t operate in are using digital currencies to evade due diligence measures. Knowledge of such a change upfront may help that firm put efforts in place to detect this behavior among its client base before this activity occurs.
Our survey suggests firms see great value in public-private partnerships. 56 percent are already involved for data and information sharing purposes, with a further 39 percent intending to join in the next 12 months. Firms not participating in such schemes risk being left behind, with incomplete information and a limited ability to tackle new risks proactively.
Webinar: The Challenge of PEPs in 2024
This on-demand webinar with compliance experts and practitioners covers best practices for managing PEPs and RCAS, the regulatory environment, and how to identify broader patterns of suspicious behavior.
Watch now