Compliance with the UK’s PEPs and Sanctions Regime

The contents of this blog are for general information purposes only and do not constitute legal advice. Association of Foreign Banks disclaims liability for actions taken based on the materials. Readers should consult their legal advisers.

Keeping pace with the rapidly evolving UK regulatory landscape is no mean feat for UK-based foreign banks – especially when it comes to Politically Exposed Persons (PEPs) and sanctions compliance.  But keep pace they must, with £1.2 billion+ stolen in the UK through fraud annually, and 2-5% of worldwide GDP lost to money laundering according to the United Nations Office on Drugs and Crime.

The UK PEPs and Sanctions Environment in 2024

Similar to the UK’s unique sanctions list, managed by OFSI and prone to sudden updates, the UK also has its own distinct classification for PEPs, which has recently undergone changes. Keeping abreast of these developments and ensuring your processes and procedures are up to date is a particular issue for non-UK banks, with different approaches to sanctions and PEPs being taken around the world.

The UK the Financial Services and Markets Act 2023 (FSMA 2023) amended the 2017 Money Laundering Regulations so that the starting point for assessing ‘domestic’ PEPs is that they are of a lower risk than ‘non-domestic’ PEPs and require less EDD screening (unless there are enhanced risk factors). This formalised in law the approach the FCA had set out in FG17/6, but one the then Government and Parliament felt wasn’t being followed in practice, as FSMA 2023 also required the FCA to review its PEP guidance (FG17/6) and to what extent it is being followed by firms.

In July 2024 the Financial Conduct Authority (FCA) finalised its review of how firms were following its PEP Guidance, finding that financial service firms need to take action to improve their treatment of domestic PEPs – including MPs, public servants, and their relatives/associates (RCAs).  It also launched a consultation into amendments to the Guidance to reflect that UK PEPs should be treated as lower risk, but warned firms to take action now to improve their processes, rather than waiting to act once the final Guidance is published in October 2024.

Keeping track of who qualifies as a PEP is time-consuming and labour-intensive – Is this person who they say they are? Who are they associated with? Are they a foreign national? What is the nature of their business?  Is a local official a PEP in the same way as a national politician?  What is their source of wealth, and how can that be verified?  How long should they be designated a PEP after leaving office? Does an individual or organisation with significant influence, whilst not being formally political, require PEP status?  It’s quite the minefield.

Likewise, when it comes to sanctions compliance, the UK’s risk-based approach to anti-money laundering (AML) regulation requires that all banks apply enhanced due diligence (EDD) practices.  Navigating a vast and complex web of entities and individuals and maintaining comprehensive, accurate and up-to-date sanctions checks. 

Worryingly, a recent report found that only 25% of firms consistently screen new customers against sanctions or politically exposed person (PEPs) lists. This figure represents a significant decline from 73% in 2022, highlighting a worrying trend of complacency in compliance practices, and explains the 50% surge in financial institutions failing to prevent money laundering and other financial crime.

To ensure foreign banks are not making mistakes when it comes to UK PEPs and sanctions compliance, a data-driven risk-based approach is required.

What does advanced PEPs and sanctions screening look like?

Advanced PEPs and sanctions screening draws upon the wealth of third-party data to help undertake comprehensive risk assessments, deliver efficient onboarding experiences, and achieve continuous due diligence through trigger-based monitoring of individual PEPs, sanctioned individuals and entities. 

UK-based foreign banks leading the way in building such a risk-based approach are those harnessing all available data points, including individual and familial insights, global sanctions lists, customer intelligence/Know Your Customer/Know Your Business, Ultimate Beneficial Owner (UBO) and company structure, industry and jurisdictional knowledge, financial background, source of wealth, adverse media screening, identity verification, as well as relevant indexes.

Best practice approaches include:

• Intuitive and automated screening – Real-time global coverage to pre-screen for political exposure, sanctions, and adverse media , watchlists and credit data – aligned to the latest FATF recommendations.
• Graph data visualisation – Mapping of connections between directors, shareholders, and group companies up to the Ultimate Beneficial Owner
• Identity verification – Verifying identities in real-time with automated document verification and facial comparison technology. As well as mortality screening to prevent fraud by identifying those posing as deceased individuals, and predictive risk-based email intelligence alerting to when an email address has been associated with fraud
• Global business verification – via real-time access to official company filings
• Perpetual KYC – Event-based alert notifications of changes to watchlists, financial and credit information.
• Ongoing monitoring: Proactive monitoring of regulatory trends to understand their implications and adapt processes, accordingly, ensuring ongoing adaptability and compliance.

It’s clear that navigating the UK’s PEPs and sanction regimes can have a tremendous impact on the operations of UK-based foreign banks.  A data-driven risk-based approach combining rigorous enhanced compliance measures and automated perpetual scrutiny will not only maintain the legality of customer relationships, but also a bank’s ability to compete on a level playing field with UK domestic banking organisations.

According to FullCircl data partner Comply Advantage, 99% of firms are re-evaluating their risk appetite due the current uncertain economic and political environment.  Some UK-based foreign banks however are ahead of the game!  Santander, BNP Paribas, Habib Bank, Investec and Société Générale, are amongst those working with FullCircl to expedite compliant onboarding of new customers for KYC/AML.

Find out more here.  Even better, as an AFB member we would like to offer you an exclusive 2-week free trial screening of your top ten clients or complimentary access to an API trial key, so that you can see the impact first hand.

Get in touch with FullCircl today.

Content Partner

Start smarter, to grow faster with compliance solved.

When regulation meets revenue, it can be a case of square pegs, round holes. Compliance processes often don’t align with growth targets. FullCircl changes that, bringing your regulatory obligations in step with your commercial ambitions. By reducing the cost to serve and surfacing new ways to add value, we’re removing the roadblocks to profitable growth.

To learn more, visit the FullCircl website