A joint statement from regulators Friday seeks to clarify how banks and credit unions can apply a risk-based approach to politically exposed persons (PEPs) – and this is not interpreted to include U.S. public officials – in their customer due diligence under the Bank Secrecy Act, the agencies said in an announcement.
The agencies – the Federal Reserve Board, Federal Deposit Insurance Corp. (FDIC), Financial Crimes Enforcement Network (FinCEN), National Credit Union Administration (NCUA), and Office of the Comptroller of the Currency (OCC) – noted that banks have requested clarification on how to apply a risk-based approach to PEPs consistent with the CDD requirements contained in FinCEN’s 2016 CDD final rule.
The BSA/anti-money laundering (AMLS) regulations do not define PEPs, they noted, but the term is commonly used in the financial industry to refer to foreign individuals “who are or have been entrusted with a prominent public function, as well as their immediate family members and close associates.” By virtue of their public position of relationship, such individuals may present a higher risk that their funds may be proceeds of corruption of other illicit activity. “The level of risk associated with PEPs, however, varies and not all PEPs are automatically higher risk,” the agencies wrote. They added that PEPs “should not be confused with the term ‘senior foreign political figure’ (SFPF) as defined under the BSA private banking regulation, a subset of PEPs.”
“Like all bank accounts, those held by PEPs are subject to BSA/AML regulatory requirements,” the statement reads. “These include requirements related to suspicious activity reporting, customer identification, CDD, and beneficial ownership, as applicable.
“Banks must apply a risk-based approach to CDD in developing the risk profiles of their customers, including PEPs, and are required to establish and maintain written procedures reasonably designed to identify and verify beneficial owners of legal entity customers. More specifically, banks must adopt appropriate risk-based procedures for conducting CDD that, among other things, enable banks to: (i) understand the nature and purpose of customer relationships for the purpose of developing a customer risk profile, and (ii) conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information,” it states.
The agencies reminded institutions of their obligation to identify and report suspicious activity, including transactions that may involve the proceeds of corruption. Financial institutions “must adopt appropriate risk-based procedures for conducting CDD; however, under the CDD rule, there is no regulatory requirement or supervisory expectation for banks to have unique, additional due diligence steps for customers whom the banks consider to be PEPs,” they said.