New regulations in Money Laundering Directive 4 will require extra diligence on politically exposed people, explains John Marsden, head of fraud and identity at Equifax.
The enforcement of the fourth Money Laundering Directive (MLD4) will be significant to all regulated businesses, not least lenders based in the UK, for a number of reasons.
One especially significant challenge will be the extended requirements regarding politically exposed persons (PEPs). Firms in regulated sectors in the UK will need to review their processing and diligence efforts to be in line with the new directive.
So what is this challenge and why is it so important to the prevention of corruption and financial crimes? Some organisations are already doing what’s necessary, but I wholly expect that a raft of changes will happen in every business’ processes and systems.
Politically exposed persons
MLD3 introduced the definition of a PEP but excluded domestic politicians. The Joint Money Laundering Steering Group (JMLSG) guidance notes provide a further definition of a PEP, which breaks down to a political figure, including organisational involvement (outside of politics) at a national or international scale, their close relatives and associates. This has been practiced for some years, albeit, under a risk-based approach and excluded UK politicians.
Going forward, under MLD4, we cannot ignore UK PEPs, their close associates and relatives. In the UK, we have a relatively simple identity without a key reference number, such as those available across nearly all other European countries.
We do not have a national ID scheme and government access to core identifiers, such as passport numbers (which changes on new issue of the document) or NI numbers, as these are not identity verifying documents.
A UK legal identity is best classified around name, address and date of birth. Of course, address and even date of birth is not always available on the lists internationally and nationally, so a screening process for sanctions and PEPs needs to be designed around the matching of name, residency, nationality and date of birth, but not too tight that you miss legitimate ‘hits’.
Finding the balance
This means working in a ‘fuzzy’ match world, where the definition of what data is used and how the data is matched becomes the single biggest concern from a compliance perspective. Are we hitting the right people all of the time?
And then operationally, of foremost concern is, are we hitting the wrong people too often? After all, the cost of a false positive review is estimated by several organisations as between £15-£35 per case, so some will run into thousands of pounds of resource and spend.
Consider this, most UK political figures and their relatives have names commonly found across the UK and they all have associates, who will largely be names which are commonly found within the UK population. This means that, to search properly and by the regulations, you are going to hit many UK people, create more false positives and spend more time and resource dealing with this aspect of the regulation.
Even if you had the systems and processes locked down to do this already, the risk-based approach should, and probably did, mean that a UK politician was of lower risk. This individual was therefore easier to dispel, or you may have lowered the levels of enhanced due diligence practiced, which means that your processes and risk assessments need to adapt to the new regime.
The key to staying compliant and avoiding sinking your business into undue costs is great technology and access to great data. We have reacted with the Equifax Watchlist Check proposition to support an extensive understanding of individuals and corporate entities, through which we are working with our lenders to manage their ability to work within the new regulations.
Screening for sanctions and PEPs is no longer a ‘tick box’ exercise. The processes you have in place for checking your customers against sanctions, PEPs, RCAs and SIPs/SIEs, need to be compliant and appropriate.