Politically Exposed Persons (PEP): Definition and Risks

Learn how User Migration with Okta reduced unexpected password resets and reduces helpdesk calls and support issues.

Politically exposed persons (PEP) pose a higher risk than traditional customers to financial institutions. Therefore, PEPs screening is an important aspect of Know Your Customer (KYC) and anti-money laundering (AML) policies. 

There is no universally accepted process for PEP screening, but it is a vital component of KYC and AML compliance regulations. Across the globe, between $800 billion and $2 trillion is estimated to be laundered each year. 

Definition of politically exposed persons

A politically exposed person (PEP), as defined by the Financial Action Task Force (FATF), is someone who currently is, or has previously been, entrusted with a prominent function. The United Nations Convention Against Corruption (UNCAC) extends this definition to include relatives and close associates (RCA) of those with a prominent public function. PEPs are at a higher risk for corruption, money laundering, terrorist financing, and bribery related to the nature of the influence they hold based on their position.

The following are examples of politically exposed persons:

  • Current or former government officials
  • High-ranking military officers
  • Senior officials of major foreign political parties
  • Judges and top-level judiciary positions
  • Senior executives or board members of foreign government-owned commercial enterprises
  • Immediate family members or publicly known personal or professional associates of a PEP

Is PEP screening required by law?

While there are no specific universal set regulations in place for PEP screening, a risk-based approach for screening potential clients is required by AML and KYC compliance regulations. Organizations are required to take “reasonable measures” to determine the level of risk a client could present. This must be defined by internal policies within the organization to avoid potential regulatory noncompliance fines. 

These efforts to minimize risk associated with PEPs should be preventative in nature. This means not necessarily turning down doing business with these individuals, but using a risk-based approach, including extended customer due diligence (CDD) to better understand and lower the potential risk.

Who needs to screen for PEPs?

Any financial institution that is subject to AML regulations, including banks and credit unions, will need to screen for PEPs. 

PEP screening should be done as part of the client onboarding process as part of the KYC protocol. Politically exposed persons should be assigned a risk score after being identified, using a risk-based approach.

Key elements of a quality PEP screening process

There are many different types of controls and elements that can be used in PEP screening. Some of the key elements of PEP screening should include the following:

  • Identification of new customers: During onboarding, or at the first interaction between a potential customer and the organization, reasonable methods should be done to determine if the individual is a PEP. Customer records will need to be complete enough to provide unique identification factors. 

The minimum data required for PEPs screening should include the following:

  • Full name
  • Date of birth
  • Gender
  • Country of political exposure
  • Politically exposed roles, appointment date, and years of service
  • Current status or date individual left the post if no longer there
  • Customer due diligence and risk assessment: Once a PEP has been established, extended customer due diligence should be employed. This can help an organization to determine the level of risk associated with the individual. Product, business type, geography, and the potential for financial crime should all be considered.
  • Necessary approval: To enter into a business relationship with a known PEP, or high-risk client, approval from senior management is needed.
  • Continued screening of existing customers: Enhanced monitoring for PEP customers is necessary, including regular screening to check on PEP status and additional potential risk factors.
  • Employee training: A regular AML training program is necessary to ensure that all employees understand the importance of PEP screening and how to maintain compliance.

How often to screen for PEPs

Just as there are no universal regulations for PEPs screening, there is also no set timeframe for screening frequency. PEP screening should be done periodically, however, and not just when onboarding a new potential client. A person’s status as a PEP could change, for instance, and it is important to keep up with this information.

Just because a politically exposed person leaves office does not mean that their influence or chance for corruption is negated. It will be important to continue to assess the PEP’s level of risk even if they are not currently holding the same position. A PEP screening should check on the individual’s current level of influence and if there is any connection between their previous and current positions. 

PEP screening should be an ongoing practice that is periodically revisited based on the risk category the particular PEP has been placed in. Those with a higher level of risk should be screened more often.

PEP screening best practices

PEP screening can help to lower your risk and ensure that you remain compliant with AML and KYC regulations. PEP screening best practices can include the following:

  • Perform a PEP check. You can either use automated PEP screening software or do a manual PEP check. This involves checking against PEP lists.

Most governments issue PEP lists, but these are not always complete. Commercial databases often offer a more comprehensive PEP list that is more frequently updated. An extension of sanctions screening software, automated PEP screening tools can offer current and thorough information on both domestic and foreign PEPs.

  • Perform a risk assessment and PEP due diligence. You will need to use a risk-based model to initiate enhanced due diligence methods. Independent and reliable sources from within the country of political exposure should be used during a PEP risk assessment.

The following information should be included in this risk assessment and due diligence process:  

  • Verify the accuracy of identity documents and confirm the actual identity of the PEP, including the country of origin and their date of birth.
  • Verify the source of the individual’s funds to ensure they come from legal channels.
  • Do a thorough check of the individual’s history for any potentially illicit behaviors.
  • When necessary, check to ensure that the individual has not perpetrated any illegal activity at other financial institutions.
  • Continually monitor PEP status. Perform PEP screenings at regular intervals based on the client’s level of risk, as PEP status can change. Continue to run them against PEP lists and monitor their relationships and activities to ensure that there are no illegal dealings.

Immediately file a SAR (suspicious activity report) if any illegal activities are suspected. Immediate family members and known associates of PEPs should also be monitored closely.

Additional resources

For more information on AML compliance and regulations, read the AML rules published by the FINRA (Financial Industry Regulatory Authority). 

The Financial Crimes Enforcement Network (FinCEN) publishes an Information Sharing List – Section 314(a) – that organizations can use to ensure that PEPs have not engaged in financial crimes or illegal activities with other financial institutions. 

Key takeaways

PEP screening is an important aspect of AML (anti-money laundering) regulations that can help financial institutions ensure that they are not doing business with high-risk clientele who are potentially involved in illegal dealings. 

A PEP is a politically exposed person. It typically refers to government officials or those with considerable political influence and their known associates and immediate relatives. 

PEP screening should be initiated during customer onboarding. You can use automated tools or manually check against PEP lists to find PEPs. 

Once a PEP is identified, you should perform enhanced due diligence and a risk assessment to determine the individual’s level of risk. Just because someone is a PEP or RCA does not mean you cannot do business with them. It just means that you should use reasonable methods to ensure that they will not be risky for you to do business with. For example, you will try to confirm that they are not engaged in corruption, terrorist financing, money laundering, or other illegal financial crimes.

Best practices for PEP screening involve regular and enhanced monitoring of PEP clients as well. You should continually monitor PEP clients against PEP lists and databases to ensure that their status has not changed, keep an eye on their behaviors and activities, and raise an alert if anything suspicious is suspected. 

PEP screening can help you to better manage and mitigate your risks.


Money Laundering. United Nations Office on Drugs and Crime (UNODC).

FATF Guidance: Politically Exposed Persons (Recommendations 12 and 22). (2022). FATF-GAFI.

United Nations Convention Against Corruption (UNCAC). (2004). United Nations Office on Drugs and Crime (UNODC).

Anti-Money Laundering (AML). (2022). FINRA.

Section 314(a). Financial Crimes Enforcement Network.