KYC Portal allows any customer to predefine the entire compliance process based on the ever evolving nature of guidelines set by regulators. The FCA issued the latest guidelines on PEPs (FCA’s Guidance Document - FG 17/6) It took our customers a total of 4 hours to apply the following changes within their configuration of KYC Portal to have everything in line with such guidelines. Even better… the instant that this is set up KYCP automatically trails through all past subjects sitting in your system to re-evaluate their new risk.
We expanded the guideline requirements into data that needs to be collected against the entity UBO in this case. Screenshot above shows a snapshot of such data.
One of the new field requirements to take notice of is the ‘Involvement in company’ since the FCA expects firms to understand what level of involvement the PEP has in the client company (i.e. PEP with limited involvement would pose a lower risk). KYCP risk engine allows you to set this automatically based on the value of this field.
We have also included a field ‘Source of Funds’ which is usually never included as a field with the UBO entity, but rather with the new company being formed. But since the guidelines talk about the importance of understanding Source of Funds and Source of Wealth of the PEP it is being added to be able to collect such information at UBO level.
The document also mentions the importance of risk assessing individual PEPs rather than applying a generic approach to all PEPs. KYCP allows you to apply risk scores depending on whether an individual is a direct PEP or Indirect and also the PEP jurisdiction type (i.e. where the PEP was based, since the document states that all UK PEPs are on the lower end of the risk spectrum, but PEP from some other specific countries would be very high risk).
Other important aspects of the regulation that KYCP allows you to cover are:
- If a person who is a (direct) PEP is no longer entrusted with a prominent public function, that person should continue to be subject to risk-based enhanced due diligence for a period of at least 12 months after the date they ceased to be entrusted with that public function. Firms may apply measures for a longer period to address risks of money laundering or terrorist financing in relation to that person, but the FCA consider this will only be necessary in the cases of PEPs where a firm has assessed that PEP as posing a higher risk. KYCP allows you to automate this by setting a workflow rule to diminish risk automatically once the 12 months have passed from the field ‘date of resignation’.
- Also handled automatically through dynamic workflows and risk association, indirect PEPs should be treated as ordinary customers, subject to customer due diligence obligations from the point that the PEP leaves office. System would allow you to revise scoring as soon as date of resignation is filled in.
- One of the EDD measures needed for PEPs is to ‘have approval from senior management for establishing or continuing the business relationship with that person’, again another automated function using the workflows of KYCP.
- Another EDD measures needed for PEPs is ‘conducting enhanced ongoing monitoring of the business relationship with that person’. This is an out of the box feature of KYCP whereby ongoing monitoring is automatically handled by the system on a daily basis.
- The FCA expects an assessment of the extent to which the risk would be increased by a business relationship with a PEP, family member or close associate. The FCA would expect that this is a case-by-case assessment and not an automatic assessment that a relationship creates a high risk of money laundering. KYCP can consider a variety of risk factors not just whether a person is/isn’t a PEP, thus also allowing you set this within the parameters of the system to be automatically notified.