Not all financial risk comes from strangers or hidden criminals. Sometimes it comes from people who hold real power, like government officials or public leaders. It is for this reason that PEP screening was developed. It helps banks and other companies in deciding whether a customer is or at one time was a politically exposed person. A PEP does not indicate that something went wrong. But it does mean that they have more money and more influence than an average person. That access can, if misused, be used to bribe, corrupt, or engage in money laundering. That’s why PEP screening has become a necessary component of routine compliance tasks in the United States.
What Is PEP, and what is PEP Screening?
A politically exposed person, or PEP, is someone who holds, or has held, an important public position: senators, judges, mayors, military leaders, and people who run state-owned companies. Family members and close associates can also be classified as PEPs, so a person who manages assets for an official, or is married to one, may still be screened as a Relative or Close Associate (RCA).
PEP screening is the process of checking whether a client or business associate qualifies as a PEP. Because PEPs have occupied high-ranking public office, they carry an elevated risk of exposure to corruption, bribery, or misuse of public funds compared with an average customer.
Being identified as a PEP is not an accusation — it does not mean the individual has committed a crime. It means the individual poses a higher inherent risk and needs Enhanced Due Diligence (EDD) rather than standard checks. Organizations screen at onboarding and continuously afterward, since PEP status can change long after an account is opened.
Why PEP Screening Matters for AML Compliance?
The reasoning behind PEP screening is straightforward: proximity to public office creates proximity to public money. A finance minister can influence procurement contracts. A state-owned enterprise executive can direct billions in public capitalwhere billions in public capital flow. A provincial official can approve or block a permit worth millions. None of that is illegal on its own. But history shows these positions are also where large-scale financial crime tends to originate, precisely because the people in them can move money without the same friction an ordinary customer faces.
Malaysia’s 1MDB scandal and Angola’s Isabel dos Santos case are two of the clearest illustrations of why regulators treat PEP exposure as a distinct risk category rather than folding it into general customer due diligence. In both cases, the individuals involved held or were connected to formal public positions, and the financial institutions that processed their transactions faced years of regulatory scrutiny and enforcement action for failing to apply the additional diligence required by PEP statusPEP status requires.
This is also why PEP list screening cannot be a one-time onboarding check. A customer who was a mid-level provincial official at onboarding can become a cabinet minister two years later. Ongoing monitoring closes that gap by re-screening the existing customer base against updated PEP data, not just new applicants.
How Does PEP Screening Work?
A working PEP screening process runs through the same core steps regardless of institution size:
- Identity capture at onboarding. The institution collects full name, date of birth, nationality, and other identifiers needed to search PEP data accurately.
- Screening against PEP data sources. The customer’s identifiers are matched against PEP lists, government registries, and public-office records covering the relevant jurisdictions.
- Match review. Analysts confirm whether a hit is a true match, using unique identifiers to rule out common-name coincidences.
- Risk tiering. Confirmed PEPs are tiered according to the FATF PEP levels listed by the FATF PEP levels below, which determine the intensity of the EDD applied.
- Enhanced Due Diligence. Source of wealth and source of funds are verified, senior management sign-off is obtained, and the relationship is flagged for closer transaction monitoring.
- Ongoing monitoring. The existing customer base is re-screened on a recurring basis, since PEP status can be acquired or lost at any point after onboarding.
| FATF PEP Level | Who It Covers |
| Level 1 | Heads of state, senior political figures |
| Level 2 | Members of parliament, senior executives of government enterprises |
| Level 3 | Mayors, provincial officials, and mid-tier judicial appointments |
| Level 4 | Local-level officials and city councilorscouncillors, the tier most often missed by narrower screening tools |
What Are the Risks of Skipping PEP Screening?
Institutions that treat PEP screening as a formality expose themselves on three fronts. Regulatory: AML non-compliance fines exceeded $6.6 billion globally in 2023, and weak PEP screening is a recurring enforcement finding. Reputational: an institution named in a leak dataset alongside an unscreened PEP suffers damage that outlasts any fine. Operational: without accurate data, teams either miss real risk or bury analysts in false positives, and the industry-wide AML false positive rate already runs close to 90%.
PEP Screening and US Regulatory Requirements
In the US, PEP screening sits inside the Customer Due Diligence (CDD) framework under the Bank Secrecy Act, enforced by FinCEN. Institutions apply a risk-based approach: standard diligence for typical retail customers and EDD for higher-risk categories, including, and EDD for higher-risk categories, which explicitly includes foreign PEPs and their RCAs. FATF Recommendation 12 sets the international standard this framework satisfies: mandatory EDD on foreign PEPs and a risk-based approach to domestic and international organization PEPs. Recommendation 22 extends the same obligation to non-financial businesses and professions. For institutions operating across borders, EU 5AMLD is also worth tracking, since it broadened the PEP definition and pushed for public beneficial ownership registers.
FAQs
Does being a PEP mean someone has done something wrong?
No, PEP status is a risk classification, not an accusation. It simply means the individual’s public position gives them access and influence that could be misused, so the relationship warrants Enhanced Due Diligence rather than standard onboarding checks.
How long does someone remain classified as a PEP after leaving office?
There’s no single fixed period; it depends on the institution’s risk-based policy and the applicable regulation. Many frameworks continue treating former officials as higher-risk for a set number of years after they leave office, since influence and relationships built in public life don’t disappear immediately.
Is PEP screening required only for foreign officials, or does it apply to domestic officials as wellonly required for foreign officials, or does it cover domestic ones too?
US and international standards focus mandatory Enhanced Due Diligence on foreign PEPs, but a risk-based approach still applies to domestic and international organization PEPs. Many institutions choose to screen domestic officials with the same rigor, since domestic corruption risk is just as real.
