3.2.5. PEP Risk Rating
Effective from 1/8/2022Under article 15.1.First.d) of the AML-CFT Decision, LFIs must conduct enhanced ongoing monitoring over relationship with foreign PEPs and Related Customers. This does not mean however that such customers should all be automatically assigned the same risk rating. In addition, as per article 15.1.Second.b), for domestic PEPs and HIOs, and their Related Customers, the EDD requirements in section 3.2.6 below are mandatory when there is a high-risk business relationship accompanying such persons. Therefore, it is important to appropriately risk-rate all PEP customers, customers whose beneficial owners are PEPs, and customers that are direct family members and close associates of a PEP. PEP-specific factors to consider in risk rating include:
| • | The nature of the PEP’s position. As discussed in section 2 above, where a PEP has greater ability to control or influence consequential government decisions, the corruption risk is greater. LFIs should consider, among other factors: | |||||
| o | The nature of the issues or decisions over which the PEP has or had control; | |||||
| o | The extent to which the PEP had control over the disbursement of funds; | |||||
| o | The degree of autonomy or independence the PEP has or had in decision-making; | |||||
| o | The PEP’s rank or status within the government or international organization. | |||||
| • | The controls in place in the PEP’s own country jurisdiction to prevent corruption, including: | |||||
| o | The country’s position on widely adopted global corruption or transparency ratings; | |||||
| o | The extent to which the country investigates and prosecutes high-level corruption; | |||||
| o | Whether the country has a free and empowered political opposition and a free press; | |||||
| o | Whether the agency, body, or organization in which the PEP holds his or her function has an internal audit/inspector/comptroller function; | |||||
| o | Whether asset disclosure requirements or similar requirements apply to PEPs in that country or jurisdiction. | |||||
For Related Customers, LFIs should consider the risk of the PEP to which the customer is connected, and also the nature and extent of the connection, in determining the risk rating.
The risk-rating process should also take into consideration not just features specific to PEPs but also all the standard elements of customer risk rating, such as the nature of the customer’s business and the products and services the customer intends to use. For example, a PEP who owns a cash-intensive business and seeks to make bulk cash deposits would likely be considered higher risk than a PEP whose only income is his salary, even if the two customers hold similar positions within a similarly high-risk jurisdiction.
In those cases where a natural person customer has PEP status from two sources, or where more than one PEP is involved in a legal person customer, LFIs should always use the higher risk rating. For example, if a single natural person customer has been appointed to prominent public functions by both the government of the UAE and a foreign government, that customer should be treated as a foreign PEP. Similarly, if a legal person customer has two domestic PEP owners, one high risk and the other medium risk, the legal person customer should be subject to EDD requirements.