A risk-based approach to customer due diligence will identify situations which by their nature can present a higher risk of money laundering or terrorist financing.
Regulation 14 sets out a general provision that enhanced due diligence must be applied in such situations and means that the business must obtain additional customer due diligence information about the client.
The 2007 Regulations also specify that enhanced due diligence must be applied in a number of situations, of which two are outlined below:
- If a client has not been physically present for identification purposes, and if so, one or more additional measures must be taken to enhance due diligence, for example by, inter alia, either gathering additional documents, data or information, or taking additional steps to verify documents or obtain a confirmatory certificate from a credit or financial institution subject to the third money laundering directive
- If a business relationship or occasional transaction is to be undertaken with a politically exposed person (PEP) in which case the business must provide for senior management approval for the relationship to be established, must take adequate measures to establish the source of wealth and funds which are involved and must conduct enhanced monitoring of any relationship entered into.
Non face-to-face clients
A client who is not a natural person can never be physically present for identification purposes and will only ever be represented by an agent. The mere fact that a business does not have face-to-face meetings with the agents of an entity or arrangement does not automatically require that enhanced due diligence is undertaken. The business should consider the risks associated with the retainer and the client, assess how well standard CDD measures are meeting those risks and decide whether further CDD measures are required.
Where a client is a natural person and they are not physically present for identification purposes, a business must undertake enhanced due diligence.
Regulation 14 (2) outlines possible steps which can be taken above standard verification procedures to compensate for the higher risk of non face-to-face transactions. The regulations suggest the following options, although this list is not exhaustive:
- Using additional documents, data or information to establish identity. This may involve using electronic verification to confirm documents provided, or using two or three documents from different sources to confirm the information set out in each.
- Using supplementary measures to verify or certify the documents supplied or obtain confirmatory certification by a credit or financial institution which is subject to the third money laundering directive. Businesses may consider electronic verification to confirm the documents provided. Alternatively businesses may consider getting certified copies of documents
- When dealing with foreign passports or identity cards, businesses should check the requirements for that country with the relevant embassy or consulate.
- With all other documents, businesses should consider whether the certifying person is regulated with respect to the regulations or is otherwise a professional person subject to some sort of regulation or fit and proper person test, who can easily be independently contacted to verify their certification of the documents. Such persons include bank managers, accountants, or local GPs. Businesses may also consider accepting documents certified by the Post Office-provided Identity Checking Service.
- Ensuring the first payment in the retainer is through an account opened in the client's name with a credit institution. EU regulation 1781/2006 says credit institutions must provide the payers name, address and account number with all electronic fund transfers. It entered force on 1 January 2007 and is directly applicable to all member states.
Politically exposed persons
Businesses must take the following steps to deal with the heightened risk posed by having a client who is a PEP:
- Have senior management approval for establishing a business relationship with a PEP
- Take adequate measures to establish the source of wealth and source of funds which are involved in the business relationship or occasional transaction
- Conduct closer ongoing monitoring of the business relationship
Who is a PEP?
A person who has been entrusted within the last year with one of the following prominent public functions by a state other than the UK, a Community institution or an international body:
- Heads of state, heads of government, ministers and deputy or assistant ministers
- Members of parliament
- Members of supreme courts, of constitutional courts, or of other high-level judicial bodies whose decisions are not generally subject to further appeal, except in exceptional circumstances
- Members of courts of auditors or of the boards of central banks
- Ambassadors, charges d'affairs and high-ranking officers in the armed forces
- Members of the administrative, management or supervisory bodies of state-owned enterprises
In addition to the primary PEPs listed above, a PEP also includes:
- Family members of a PEP - spouse, partner, children and their spouses or partners, and parents
- Known close associates of a PEP - persons with whom joint beneficial ownership of a legal entity or legal arrangement is held, with whom there are close business relationships, or who is a sole beneficial owner of a legal entity or arrangement set up by the primary PEP
The regulations only apply to persons appointed by governments and authorities outside the UK, but it may be appropriate, on a risk-based approach to apply some or all of the enhanced due diligence requirements to a person appointed in the UK, who would have been a PEP had they been appointed outside the UK.
How to identify PEPs
Businesses are not required to conduct extensive investigations to establish whether a person is a PEP. They need to have regard only to information that is in their possession or publicly known.
Senior management approval
The 2007 Regulations do not define senior management, so each business must decide who that is, on a risk-sensitive basis.
Establishing source of wealth and funds
Generally, this simply involves asking questions of the client about their source of wealth and the source of the funds to be used with each retainer. When a business knows a person is a PEP, their salary and source of wealth is often publicly available on a register of their interests.
Businesses should ensure that funds paid to it come from the account nominated and are for an amount commensurate with the client's known wealth, and should ask further questions if they are not.