Regulatory Alerts2023-06-22 | FPR/DIR/PUB/CIR/007/075Guidance Note on Politically Exposed Persons (PEP)
The Central Bank of Nigeria (CBN) issues a guidance note to financial institutions on identifying and managing risks associated with Politically Exposed Persons (PEPs). The note outlines customer identification, verification, and due diligence procedures, emphasizing enhanced due diligence for PEPs and their associates. It also provides a risk management framework, including screening, risk assessment, and monitoring, with specific considerations for domestic and international PEPs. Compliance is mandatory for financial institutions under CBN's regulatory purview.
Central Bank Of Nigeria Financial Policy and Regulation Department Central Business District, Cadastral Zone AO, P.M.B 0187, Garki, Abuja Telephone: +234 (0) 9 462 37401 fprd@cbn.gov.ng E-mail: Website: www.cbn.gov.ng Ref: FPR/DIR/PUB/CIR/007/075 June 22, 2023 Circular to all Banks and Other Financial Institutions GUIDANCE NOTE ON POLITICALLY EXPOSED PERSONS (PEPs) The Central Bank of Nigeria (CBN) AML/CFT/CPF Regulations 2022 requires banks and other financial institutions to amongst others, establish measures for mitigating potential money laundering, terrorism financing and proliferation financing (ML/TF/PF) risks posed by high-risk customers, including Politically Exposed Persons (PEPs). In furtherance of the required measures, the CBN has developed a GUIDANCE NOTE ON POLITICALLY EXPOSED PERSONS FOR BANKS AND OTHER FINANCIAL INSTITUTIONS to assist the financial institutions in the assessment as well as mitigation of ML/TF/PF risks associated with business relationship with PEPs.
Consequently, the Guidance Note is hereby released for immediate compliance by all financial institutions.
CHIBUZO A. EFOBI DIRECTOR, FINANCIAL POLICY AND REGULATION DEPARTMENT
Central Bank Of Nigeria
GUIDANCE NOTES ON POLITICALLY EXPOSED PERSONS FINANCIAL POLICY AND REGULATION DEPARTMENT JUNE 2023
| Contents | |
|---|---|
| 1 | INTRODUCTION . |
| 1.1 | Objectives |
| Applicability | |
| 1.2 | |
| 2 Definition of Terms | |
| 3 | CUSTOMER IDENTIFICATION AND VERIFICATION PROCEDURES FOR PEPS .......... 5 |
| 3.1 | New Customers . |
| 3.2 | Existing Customers: . |
| 4 | CUSTOMER DUE DILIGENCE |
| SOURCES OF INFORMATION FOR THE DETERMINATION OF PEPS, THEIR FAMILY | |
| 5 | |
| MEMBERS & CLOSE ASSOCIATES. | |
| 6 | RISK MANAGEMENT SYSTEM |
| PEPs Screening | |
| 6.1 | |
| 6.2 | Customer Risk Assessment. |
| 6.3 | Approval For Relationship With PEP. |
| 6.4 | Enhanced Monitoring For PEP Relationships/Accounts. |
| Time Limit For PEP Status . | |
| 6.5 | |
| 7 | PEPs AS BENEFICIAL OWNERS |
| 8 | DOMESTIC/INTERNATIONAL ORGANISATION PEPS WHEN NOT HIGHER RISK .... 13 |
| 9 | PERIODIC REVIEW FOR PEP CUSTOMERS . |
| 10 RECORD KEEPING . | |
| 11 REPORTING | |
| 12 TRAINNING AND EDUCATION |
Acronyms
| AML | Anti-Money Laundering | ||||||
|---|---|---|---|---|---|---|---|
| AML/CFT/CPF | Anti-Money | Laundering | / | Countering | the | Financing | of |
| Terrorism/Combating Proliferation Financing of Weapons of Mass Destruction | |||||||
| CBN | Central Bank of Nigeria | ||||||
| CDD | Customer Due Diligence | ||||||
| EDD | Enhanced Due Diligence | ||||||
| FATF | Financial Action Task Force | ||||||
| FIs | Financial Institutions | ||||||
| ML/TF/PF | Money Laundering/Terrorist Financing/ Proliferation Financing | ||||||
| MLPPA | Money Laundering Prohibition & Prevention Act | ||||||
| NFIU | Nigerian Financial Intelligence Unit | ||||||
| PEPs | Politically Exposed Persons | ||||||
| RBA | Risk-Based Approach | ||||||
| STR | Suspicious Transactions Report |
1 Introduction
Financial institutions (FIs), in the ordinary course of their businesses, establish business relationships with Politically Exposed Persons (PEPs) whom may be vulnerable to corruption thus may portend reputational and financial crime risks to the FI. PEPs pose a high risk of money laundering, financing of terrorism and proliferation financing (ML/FT/PF) due to the possibility that individuals holding such positions may misuse their power and influence for personal gain or advantage to themselves, close family members and/or associates. Such individuals may also use their families or close associates to conceal illicit funds and assets. In addition, they may also seek to use their power and influence to gain representation and/or access to, or control of, legal entities for similar purposes. Consequent upon the foregoing, the Central Bank of Nigeria (CBN) mandates financial institutions (FIs) to comply with the provisions of the CBN Anti-Money Laundering, Combating Financing of Terrorism and Countering Financing of Proliferation of Weapons of Mass Destruction (AML/CFT/CPF) Regulations, 2022 to mitigate the potential risks posed by PEPs. Amongst these obligations is the requirement to apply a risk-based approach to identifying Politically Exposed Persons (PEPs) and to apply appropriate Enhanced Due Diligence (EDD) measures when dealing with those that pose higher AML/CFT/CPF risks. In view of the corruption levels in Nigeria, domestic PEPs are rated highly vulnerable to financial risks, therefore, by default, most domestic PEPs are considered high risk. Foreign PEPs and PEPs with prominent functions in international organizations should be categorized based on the level of risk as assessed by financial institutions. Consequently, the CBN issues this Guidance in line with CBN AML/CFT/CPF Regulations 2022, FATF Recommendations, FATF Guidance on PEPs (2013) and Wolfsberg Guidance on PEPs (2017), to assist FIs in the identification and management of risks associated with PEPs. This Guidance provides minimum standards for FIs in their relationships with PEPs and does not limit measures to be taken by FIs to meet their statutory obligations. The Guidance Notes will be revised from time to time, as necessary.
1.1 Objectives
The objective of this Guidance is to assist FIs in the identification and management of risks associated with PEPs in the course of business relationships. 1.2 Applicability This Guidance applies to FIs under the regulatory purview of the Central Bank of Nigeria.
2 Definition Of Terms
-
Politically Exposed Persons (PEPs): This is as defined in the CBN AML/CFT/CPF Regulations 2022.
-
PEPs who are or have been entrusted with prominent public position in Nigeria are known as "Domestic PEPs".
-
PEPs who are or have been entrusted with prominent public position in any other foreign jurisdiction are known as "foreign PEPs".
-
PEPs who are or have been entrusted with the management or any prominent function within an international organization are known as "International Organizations PEPs"
-
Close associates of PEPS: are individuals who are closely connected to a PEP, either socially or professionally and include a PEP's widely- and publicly known close personal friends, business colleagues, and personal advisors. Close associates also include persons having joint or ownership right in a legal person or arrangement established in favour of a PEP.
-
Family members of PEPS: include a PEP's direct family members, their spouse, their children and their spouses, their parents, and the siblings.
-
Prominent Public Function: This refers not only to the customer's title, rank, grade or similar factors but includes the natural person's power or influence over decisions, policy or how government/international organization funds are expended.
-
Senior Management: refers to persons in authority who understand both the ML/TF/PF risks and their responsibility within the FI's AML control environment.
The level of seniority should be directly proportionate to the nature of the FI and the money laundering risk posed by the PEP. For larger institutions (banks and Development Financial Institutions) senior management may commence from AGM. Senior management will commence from Assistant General Manager for regional and merchant banks; from General Manager grade for National and International banks and from Senior Manager for medium sized institutions (Other Financial Institutions).
3 Customer Identification And Verification Procedures For Peps
FIs are required to conduct customer due diligence (CDD) for the purpose of establishing that a customer is a PEP, as provided by the CBN AML/CFT/CPF Regulations. FIs are expected to identify and verify the identities of PEPs before providing them with financial services, or as soon as possible afterwards. The identification should also cover legal persons and legal arrangements that have at least one beneficial owner who is a PEP. 3.1 New Customers 3.1.1 Self-declaration by customers of their PEP status will guide the FIs in determining whether a customer is a PEP (i.e. by disclosing present or former employment or principal occupation clearly recognizable as a PEP). FIs may obtain verbal or written declarations from customers.
3.1.2 Information may be obtained directly from the customer in response to questions posed in the application or on-boarding form. FIs may also develop questionnaires with specific reference to criteria that identify PEPs, including family members and persons known to be their close associates. Such questionnaire would be required to be completed and signed by the customer and the beneficial owner, where applicable.
3.1.3 FIs should apply risk-based procedures in determining whether a customer is a PEP, either before the relationship is established or shortly thereafter. Once a new customer is established to be a PEP the FI should assess the risk on the customer and apply appropriate due diligence measures in a timely manner.
3.2 Existing Customers: where the FI becomes aware that an individual or beneficial owner has become a PEP it should re-classify the customer as such and apply risk-based due diligence and controls.
4 Customer Due Diligence
4.1 FIs are expected to carry out customer due diligence (CDD) measures proportionate to the risks posed by customers. When dealing with PEPs, their family members or known close associates, additional measures in the form of EDD are to be applied by the FIs to mitigate the higher ML/FT/PF risks. FIs are, however, not to turn away a prospective customer or close a business relationship simply on the basis that the customer, or beneficial owner, is a PEP (or a family member or person known to be their close associate).
4.2 When considering whether to establish or continue a business relationship with a PEP, the focus should be on the level of ML/TF/PF risk posed by the PEP, and whether the FI has adequate controls in place to mitigate such risks. This is in order to prevent the FI from being used for illicit purposes should the PEP be involved in criminal activities.
4.3 Once it has been established that a new or existing customer is a PEP, FI should undertake a risk assessment to determine the level of risk posed by that customer and the proportionate levels of due diligence and monitoring required.
4.4 FI should use its customer risk assessment policy/process, considering risk factors such as geography, product, business type and delivery channel. For geographical risk, FIs should consider information available from reliable and independent sources as to the levels of systemic ML/TF risk in the country of political exposure.
4.5 When assessing the ML/TF/PF risk level of a relationship with a domestic/international organization PEP, FIs should take into account factors such as whether the PEP: a) has business interests which are related to his/her public functions (i.e conflict of interest); b) is involved in public procurement processes; whether the PEP holds several (related or unrelated) prominent public functions which may enable influence to be exerted at several key decision-making process.
c) is from a country which has been identified by the FATF or others as having strategic AML/CFT/CPF regime deficiencies, or is known to have a high level of corruption; d) has a prominent public function in sectors known to be exposed to higher corruption levels, including but not limited to oil and gas, mining, construction, natural resources, defense industries, sports, gaming, gambling sectors; or e) has a prominent public function that could enable him/her exert negative impact on the effective implementation of the FATF Recommendations in his/her country.
4.6 For medium or low-risk domestic PEPs or international organizations PEPs who are customers or beneficial owners, FIs must, at a minimum, apply the customer identification procedures.
4.7 Where a board member, senior management or corporate officer of the following types of organizations is a PEP, an FI may be exposed to lower risk and may apply commensurate due diligence accordingly: a) a publicly quoted company listed on a recognized exchange, subject to appropriate listing rules, good corporate governance requirements and transparent reporting b) Where the organization is well regulated and subject to independent supervision, e.g., banks and other FIs c) Private or state-owned organizations (including Central Banks, sovereign wealth funds) expect those from designated countries, subject to good governance, appropriate checks and balances and transparent reporting 4.8 For high-risk PEPs and foreign PEPs who are customers or beneficial owners of a customer, FIs must apply the customer identification procedures for individuals, and undertake enhanced due diligence (EDD).
4.9 When assessing whether adequate controls are in place to mitigate the risk of doing business with a particular PEP, consideration should be given to the level, frequency and extent of ongoing monitoring and (enhanced) due diligence that will be required. It is important that FIs use their understanding of the risks posed to ensure the systems they have in place are appropriate and efficient.
4.10 Where customer's circumstances change, FIs must consider any risk posed by that change, carry out EDD if it is a high risk or foreign PEP and adjust their transaction monitoring processes to take into account the higher risk associated with the customer
5 Sources Of Information For The Determination Of Peps, Their Family Members & Close Associates
There are several sources of information that can be used by FIs in determining whether a customer is a PEP. In determining whether the customer or a beneficial owner is a PEP, FI may consider the following:
5.1. Periodic Review Of Customer Database
FIs are required to ensure that CDD information is up-to-date as provided by the CBN AML/CFT/CPF Regulations. Existing customers may become PEPs after they enter a business relationship, so it is essential that FIs monitor non-PEP accounts for a change in the PEP status, customer profile or account activity and update customer information. Such ongoing monitoring should be on a risk basis.
5.2 Conduct Internet And Media Searches
FIs may use the internet and media as sources of information for the determination, monitoring, verification of information in relation to PEPs, although it should be noted that such information may not be comprehensive or reliable. 5.3. conduct searches using commercial databases 5.3.1 There are a variety of commercial databases available which may assist in the detection of PEPs, FIs may acquire access to such databases.
5.3.2 The use of these databases should never replace traditional CDD processes as contained in the CBN AML/CFT/CPF Regulations 2022.
5.3.3 FIs using such databases as a support tool should ensure that they are fit for the purpose and are not simply outsourcing their risk assessment.
5.3.4 FIs should also determine whether the use of commercial databases, to confirm the information provided by the customer, is necessary. Prior to making use of any commercial databases, FIs should understand how commercial databases are populated and how these are able to detect and flag PEPs, family members and persons known to be close associates of PEPs.
5.4. create in-house databases and share information within financial groups or countries 5.4.1. FIs may choose to develop in-house databases as tools to assist in determining PEPs, and such database should be kept up-to-date.
5.4.2. In line with provisions of the CBN AML/CFT/CPF Regulations, Financial Groups are required to implement procedures for sharing information with the Group for AML/CFT/CPF purposes. In relation to foreign PEPs, it is best practice for institutions within Financial Groups to share information on PEPs for AML purposes.
5.5. Customer Questionnaire/Self-Declaration
Information obtained directly from the customer may be obtained in response to questionnaires and/or on-boarding forms. FIs may develop questionnaires with specific reference to criteria that identify PEPs including family members and persons known to be close associates of the PEP. Such a questionnaire would be required to be completed and signed by the customer and the beneficial owner, where applicable. Information obtained directly from the customer may be obtained in response to the questionnaire and/or on-boarding form.
5.6 Information Sharing By Competent Authorities
FIs may rely on the information shared by competent authorities which is helpful in determining whether a particular customer is a PEP or the PEP is trying to abuse the financial system (e.g., the level of corruption in the country, the level of income for certain types of positions, etcetera) or specific information about particular persons which would facilitate the detection of foreign PEPs. Both general information concerning the country from which a foreign PEP originates and more specific information (e.g., about particular persons) are useful tools for verifying CDD information.
6 Risk Management System
FIs should in addition to performing CDD measures, establish appropriate risk management systems to determine whether a potential customer or existing customer or the beneficial owner is a PEP.
6.1 Peps Screening
The conduct of PEP screening in each FI will depend on the size and complexity of each institution and the inherent risk of PEPs using the FI's products and services to launder the proceeds of crime. FI should conduct onboarding screening and ongoing screening on all customers. Where appropriate, PEP screening should be automated. However, manual screening may be acceptable depending on the size of the institution and the materiality of the inherent risk posed by PEPs. PEP screening should be carried out in accordance with FI's risk appetite while applying RBA and take place at least: a) During onboarding process; b) at periodic customer review; c) when there is a trigger event which warrants a customer due diligence review.
d) Upon notification/tip-off from reliable sources.
It should be noted that, in many instances, PEP screening is not the primary control for identifying PEPs.
6.2 Customer Risk Assessment
6.2.1 FIs should understand their customer's risk profiles in order to apply appropriate procedures and processes to manage and mitigate risk. FIs should be consistent with a risk-based approach, the level and type of CDD should be commensurate with the risks presented by the customer relationship.
6.2.2 FIs must have appropriate risk-based procedures for conducting ongoing CDD to understand the nature and purpose of customer relationships, and to develop a customer risk profile. It must be consistent with a risk-based approach for conducting ongoing CDD, FI should obtain more customer information for those customers with higher risk profile and ensure ongoing monitoring.
6.2.3 The information collected to create a customer risk profile should also assist FIs in conducting ongoing monitoring to identify and report suspicious transactions and activity. Furthermore, conducting appropriate level of ongoing CDD commensurate with the customer's risk profile will assist the FI in determining whether a customer's transactions or activities are suspicious.
6.2.4 Based on the customer risk profile, the FI may consider obtaining, at account opening (and throughout the relationship), more customer information and updates in order to understand the nature and purpose of the customer relationship.
6.2.5 The following information may be useful to FI in understanding the nature and purpose of the customer relationship and in determining the ML/TF/PF and other illicit financial activity risk profile of its identified PEP customers: a) The type of products and services used. b) The volume and nature of transactions. c) Geographies associated with the customer's activity and domicile. d) The customer's official government responsibilities. e) The level and nature of the customer's authority or influence over government activities or officials.
f) The customer's access to significant government assets or funds.
6.2.6 FIs may leverage existing processes for assessing geographically specific ML/TF/PF and other illicit financial activity risks when developing the customer risk profile. Existing processes may also take into account the legal and enforcement frameworks, including ethical reporting and oversight requirements.
6.2.7 When developing customer risk profiles and determining when to collect additional customer information, and what to collect, FIs may take into account such factors as the customer's public office or position of public trust (or that of the customer's family members or close associates), as well as any indication that the identified PEP misuses or might misuse his or her authority or influence for personal gain.
6.3 Approval For Relationship With Pep
FIs are required to obtain senior management approval for establishing (or continuing, for existing customers) business relationships with PEPs as provided by the CBN AML/CFT/CPF Regulations.
6.4 Enhanced Monitoring For Pep Relationships/Accounts
Higher risk PEPs require enhanced ongoing monitoring of the business relationship. FIs should implement electronic and/or manual monitoring systems to constantly monitor the business relationship and detect unusual and potential suspicious transactions and activities. This process should include: a) Understanding and documenting the circumstances that warrant the classification of the customer as a PEP (such as the title or position and country in which the PEP holds/held political exposure and duration of appointment). If the individual customer is a close family member or close associate, the relationship of the person to the PEP must be documented.
b) Understanding and documenting the nature and intended purpose of the relationship/account, the source of the initial funds (where appropriate) and the anticipated levels of account activity.
c) Understanding and documenting the customer's source of funds and source of wealth (e.g. salary and compensation from official duties and wealth derived from other sources).
d) When the due diligence on an immediate family member or close associate of a PEP indicates that the source of funds originates from the PEP, the FI should determine and document the PEP's sources of funds and wealth.
e) Conduct searches including internet and media searches to screen customers for adverse reports/news.
6.5 Time Limit For Pep Status
It is often stated that once a PEP will always remain a PEP, however the handling of a client who is no longer entrusted with a prominent public function should be based on an assessment of risk and not on prescribed time limits. The risk-based approach requires that FIs assess the ML/TF risk of a PEP who is no longer entrusted with a prominent public function or has lost such power and influence (such as the case of deceased) and take effective action to mitigate this risk. However, where the corruption risk remains even if a PEP has been out of office for a certain time, the FI may continue to treat a customer as a PEP. Possible factors to consider in determining whether the customer is no longer a PEP include:
- the level of (formal and informal) influence or control that the individual could still exercise; the seniority of the position that the individual held as a PEP; or whether the individual's previous and current function are linked in any way (e.g., formally by appointment of the PEPs successor, or informally by the fact that the PEP continues to deal with the same substantive matters);
- the corruption risks or links to any industries that are high risk for corruption; and
- How politically connected they remain once they have left office.
7 Peps As Beneficial Owners
7.1 A customer or the beneficial owner of a legal entity or legal arrangement, that is a client, may be a PEP. There is a risk that PEPs could circumvent AML/CFT/CPF and anti-corruption safeguards by opening accounts, establishing business relationships or conducting transactions using third parties, such as intermediaries, legal entities or legal arrangements.
7.2 When conducting CDD, FIs are required to identify the beneficial owner and take reasonable measures to verify the identity of the beneficial owner. If there are reasonable grounds to believe that a beneficial owner is a PEP EDD shall be mandatory.
8 Domestic/International Organisation Peps When Not Higher Risk
When the risk assessment established that the business relationship with a domestic/international organization PEP does not present a higher risk, the PEP in question can be treated like any other normal customer, i.e. the FI should apply normal customer due diligence measures and monitoring as required under the CBNAML/CFT/CPF Regulations.
9 Periodic Review For Pep Customers
9.1 CDD should continue after establishing a relationship with the customer. On a regular basis, transactions and account activities should be monitored and scrutinized for ML/TF/PF risks. The behavior of the customer, transactions and accounts should be in line with the expected level of activity. Ongoing monitoring is crucial as a customer risk profile may change over time.
9.2 PEP accounts should be subject to periodic reviews as may be determined by the FI in line with risk assessment. Frequency of the periodic reviews should be determined by the risk of the customer and documented appropriately. FIs should also review their PEP database frequently.
10 Record Keeping
FIs should ensure that the records maintained are as provided in extant laws and Regulations. The records should be readily available in a timely and appropriate format to competent authorities upon request.
11 REPORTING 11.1 FIs should closely monitor the transactions of all foreign PEPs and high-risk domestic or international organization PEPs. If there is a suspicion that a transaction involves funds linked to any form of criminal activity, a suspicious transaction/activity report (STR) must be filed with the NFIU.
11.2 FIs are required to render monthly returns on all transactions with PEPs to the CBN and NFIU in line with provisions of the CBN AML/CFT/CPF Regulations 2022.
12 Trainning And Education
AML/CFT/CPF training policies of FIs should include ongoing employee training programmes. These training programmes need to address effective ways of determining whether clients are PEPs, and understanding, assessing and handling the potential risks associated with PEPs. Training should also incorporate real-life case studies and examples to make it up to date. Emphasis should be placed on human input and analysis from experienced and trained employees rather than on automated software programmed for detecting and handling the risks associated with PEPs.
All enquires or requests relating to this Guidance should be directed to: Director, Financial Policy & Regulation Department Central Bank of Nigeria