PEP & Sanction Screening: Key Differences & How They Work Together
Melissa AU Team | |
Competition between an increasing number of Fintech organizations and other financial institutions is growing. Firms are under pressure to deliver a great customer experience while managing costs, risks, and compliance and ensuring operational resilience. Thus managing customer KYC compliance becomes critical for these financial institutions and it is a legal requirement to establish the customer’s identity and minimize fraud related risk.
According to the Australian Transaction Reports and Analysis Centre (AUSTRAC), as part of KYC, companies must be able to identify politically exposed persons (PEP) and screen customers against sanctions lists before providing them any designated services. Non-compliance can put the company at risk of facing fines and damage to its reputation.
Who Are Politically Exposed Persons (Peps)
Any individual who holds a prominent public position in a domestic or international government body is considered a PEP. This includes heads of state, ministers, politicians, judges, high-ranking military officers, etc.
These individuals need to be identified before they are onboarded since they have considerable power over government budgets and spending as well as development approvals, grants and procurement processes. Given the extent of their power and influence, they may be targeted for corruption and bribery or money laundering and terrorism financing activities. That said, being recognized as a PEP does not automatically link them with criminal activities.
What Is PEP Screening?
PEP screening is the process of identifying and conducting due diligence on customer data belonging to politically exposed persons and their relatives. This activity is usually part of an account opening process. If the individual is a PEP, the company may or may not choose to do business with him/her depending on the risk profile, jurisdiction, etc. In most cases, enhanced due diligence and ongoing monitoring are warranted in such cases.
PEP Requirements In Australia
In Australia, PEPs can be identified as domestic PEPs, foreign PEPs and International Organization PEPs. PEPs may be identified by asking them the same during the onboarding, checking their background on the internet and checking against databases from third-party vendors specializing in analyzing corruption risks.
Not all PEPs have the same risk level. For example, foreign PEPs are typically assumed to have a higher risk as compared to domestic PEPs. For high-risk PEPs, the company may choose to conduct an enhanced customer due diligence program (ECDD). This includes:
- Getting senior management approval before providing a designated service
- Taking reasonable measures to establish the individual’s source of wealth
- Verifying and analyzing transactions to comply with ECDD requirements
Any transaction suspected of being linked to corruption or any kind of criminal activity must be reported to AUSTRAC as a suspicious matter report (SMR).
What Are Sanctions Lists?
Sanctions are preventative measures adopted by governments to curb undesirable activities performed by certain high-risk individuals/ groups. Countries as well as international organizations like the UN maintain a sanctions list of individuals, groups and companies that are known to have been involved with fraud in the past. These lists are compiled with inputs from various regulatory and due diligence lists and are constantly evolving.
What Is Sanction Screening
Sanction screening refers to checking the individual’s or organization’s details against known sanctions lists and global law enforcement lists to determine their risk of being involved in fraudulent financial activities.
There are two aspects to designing a sanction screening program; account screening and transaction screening.
Account screening refers to matching the account information against lists to evaluate the degree of risk posed. This can be a complex process given that sanctions lists are constantly changing and the data set may contain false positives, omissions and other such errors. Data may also vary by language, culture, abbreviations, spellings, etc.
Transaction screening is the process of monitoring customer transactions. This is done to understand the trend of transactions. I.e., average amounts, mode of payment, preference of web vs app, etc. Once this pattern is understood, deviations may be highlighted for a second look. This can be a very effective tool in the fight against financial crimes.
Best Practises For PEP And Sanction Screening
Some of the best practices you can adopt for PEP and sanction screening are:
- Maintain A Consolidated Database
Companies gather customer data from multiple sources. To minimize the risk of missing out on an individual and other such errors, all data must be consolidated and held centrally.
Note that business databases are believed to decay at a rate of around 30% annually. Hence, in addition to verification checks during customer onboarding, all data must go through regular verification checks to ensure that it is valid and current.
- Take A Risk-Based Approach
Many requirements under the Austrian government’s Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) and AML/CTF Rules are risk-based. Hence, you need to take a risk-based approach to identify and assess individual risk levels and act accordingly. This needs to account for customer types, type of products and services offered, location and delivery channel. This risk assessment must be documented and senior management must be aware of it.
- Automate Verification
Screening names manually is next to impossible for firms dealing with a large customer base. To make more efficient use of resources and minimize the risk of human error, it is best to integrate identity verification and screening APIs into your onboarding process and databases. You can also rely on machine learning algorithms and AI to reduce false positives and make your screening process more effective.
Given Australia’s evolving PEP ad Sanctions list, companies must stay up to date with compliance obligations and risk exposure. It comes down to the quality of customer data available to the company. This is where an identity verification tool like Melissa is helpful.
Check your data against reliable, global databases to verify identities and assess individual risk levels. Data can be evaluated during onboarding as well as at regular intervals to ensure that you don’t store decayed data and have updated customer profiles at all times. Doing so not only protects you from having to pay fines but builds a positive brand reputation.