GLOBAL PAYMENTS KNOWLEDGEISO 20022 / SWIFT / SEPA / MT / MX

Fraud & Compliance / Learning brief

Screening for politically exposed persons (PEPs)

Your notes

What this means in plain language

Politically exposed persons hold prominent public roles that carry higher corruption risk. Screening flags them so a bank applies enhanced due diligence — a deeper, documented review and senior sign-off — rather than the hard payment stop a sanctions match triggers.

A politically exposed person (PEP) is someone entrusted with a prominent public function — a senior politician, a senior official, a judge, a senior military officer, or an executive of a state-owned company — together with immediate family and close associates. The role is legitimate; the point is that proximity to public money and influence raises the risk that funds could involve bribery or corruption. PEP screening compares customer records against commercial PEP databases, because no single official global register exists. A match does not stop a payment or bar a relationship. Instead it raises a risk classification that triggers enhanced due diligence (EDD): a closer look at where the person's wealth comes from, senior approval to open or keep the relationship, and stronger ongoing monitoring. This is the crucial contrast with sanctions screening, where a confirmed match forces a legal freeze or rejection rather than a review.

Understand the full idea, step by step

Not every flag is a stop sign. Some hits are a legal prohibition that halts a payment; others are only a note that says look more carefully at this relationship. Confusing the two is one of the most common mistakes in screening, and the clearest example is the politically exposed person — someone the system flags precisely so a bank looks harder, not so it turns them away.

Politically exposed person (PEP)someone entrusted with a prominent public function

A PEP is a person holding a prominent public role — a head of state, a senior politician, a senior government, judicial, or military official, a senior executive of a state-owned enterprise, or a senior figure in a political party. The category extends to immediate family and to close associates such as business partners. The risk logic is not that holding office is wrong; it is that the role carries access to public funds and decision-making power, which raises the chance a relationship could be used to move the proceeds of bribery or corruption.

Sanctions match vs PEP flag
Sanctions matchPEP flag
What it isA legal prohibitionA risk classification
Effect on a paymentFreeze or reject — the payment stopsNone directly — routes to due-diligence review
When resolvedIn the payment path, under a tight time budgetAt onboarding and periodic review
DispositionA freeze and a report to a sanctions authorityA documented risk decision and an approval
A false positive costsA delayed paymentA delayed review

The load-bearing difference

Being a PEP is entirely lawful. A confirmed sanctions match forces the bank to freeze or reject; a PEP match does none of that. Both controls compare names against reference data, and both wrestle with the same spelling and name-variation problem — which is exactly why many institutions run PEP and sanctions checks through one engine, and why reviewers are trained to read which list produced a hit before deciding what it means. A PEP hit that gets treated as a sanctions stop wrongly blocks a lawful customer; a sanctions match mistaken for a PEP note wrongly lets a designated party through.

Enhanced due diligence (EDD)a deeper, documented review above the standard level

Once a PEP match is confirmed, the file moves into enhanced due diligence, which sits above standard customer due diligence (CDD). EDD typically means establishing and documenting source of wealth and source of funds, obtaining senior-management approval to open or continue the relationship, and applying stronger ongoing monitoring on a shorter review cycle. The screening result is only the trigger; the substance is the documented review that follows.

From a PEP flag to a documented decision

  1. VALIDATION

    Confirm identity: is this customer actually the flagged official, or an innocent namesake? Secondary identifiers — date of birth, nationality, role — resolve it, using the same discipline as a sanctions alert.

  2. VALIDATION

    If confirmed, move the file into EDD: establish and document source of wealth and source of funds.

  3. VALIDATION

    Obtain senior-management approval to open or continue the relationship, and record the rationale for the level of EDD applied.

  4. NOTIFICATION

    Set stronger ongoing monitoring on a shorter review cycle, so the relationship is revisited rather than filed and forgotten.

COMMON CONFUSION

A PEP match means the bank must decline the customer.

A PEP flag is not a prohibition. It is a risk classification that triggers a closer, documented look and a senior sign-off. Framed correctly, the flag, the escalation, and the approval are the control working as designed — surfacing a higher-risk relationship for review, not turning a lawful customer away.

STRICTLY SPEAKING

Strictly speaking, jurisdictions usually distinguish foreign PEPs, often treated as higher risk, from domestic PEPs, and each sets its own rule for how long a person remains classified after leaving office — some taper the risk over a defined period rather than removing it at once. Risk-based calibration runs through all of it: a domestic PEP in a lower-risk role may warrant lighter EDD than a foreign PEP with influence over public contracts. The exact definitions, the scope of family and associates, and the time horizons all vary by jurisdiction, so a programme documents which definition it applies and against which databases.

FOR NOW, REMEMBER

  • A PEP holds a prominent public role; the category extends to family and close associates, and the higher risk comes from access to public funds, not from any wrongdoing.
  • PEP screening is a risk flag, not a legal prohibition — it routes to due-diligence review, unlike a sanctions match that stops a payment.
  • A confirmed PEP moves into enhanced due diligence: source of wealth and funds, senior-management approval, and stronger ongoing monitoring.
  • Foreign vs domestic status, family scope, and time horizons vary by jurisdiction, and the level of EDD applied is calibrated to risk and documented.

TRY IT YOURSELF

Meridian's engine raises two hits on one review: the customer matches a PEP database, and separately a beneficial owner matches a sanctions list. How should Kabir treat them?

The PEP hit triggers enhanced due diligence and a documented approval; the sanctions match must be investigated as a potential legal stop and, if confirmed, frozen and reported.

Correct — Reading which list produced each hit is the whole point. The PEP flag is a risk classification calling for a closer look; the sanctions match carries the hard legal prohibition and a different, mandatory path.

Both hits require the payment to be frozen immediately, since either one is a match.

Not this one — A PEP flag is lawful and carries no freeze — treating it as a sanctions stop would wrongly block a legitimate relationship. Only the sanctions match triggers the hard stop.

Neither hit needs action beyond a note, because PEP status is lawful.

Not this one — PEP status being lawful is true, but it still triggers documented enhanced due diligence — and the separate sanctions match cannot be waved through at all. Conflating the two understates the sanctions obligation.

A PEP database and a sanctions list are both curated records. The next lesson adds a messier, earlier risk input — negative news — that can surface a concern before any list moves, at the cost of far more noise to control.

KEEP GOING

Three things to remember

  1. 01

    A PEP (politically exposed person) holds a prominent public role and includes their close family and associates; the status signals higher corruption risk, not wrongdoing.

  2. 02

    A PEP match triggers enhanced due diligence and senior sign-off, not a payment block — unlike a sanctions match, which forces a legal freeze or rejection.

  3. 03

    Banks identify PEPs against commercial databases, and how long a former official stays in scope varies by jurisdiction.

Where you would use this

USE CASE 01

Onboarding teams classify a new customer as a PEP so the file can be escalated for source-of-wealth checks and senior approval before the account opens.

USE CASE 02

Ongoing-monitoring teams re-screen the customer base as PEP databases update, catching customers who take public office after they were onboarded.

USE CASE 03

Relationship and compliance managers use the PEP flag to set the depth of periodic reviews and the level of authority needed to keep the relationship.

Put the idea into a real situation

Illustrative example: a fictional retail bank, Meridian Trust, onboards a customer, Dana Okonkwo, who is flagged against a commercial PEP database as a deputy minister in a fictional country. Because the status is not a prohibition, the payment and the account are not stopped. Instead the file is escalated: an analyst documents source of wealth, a senior officer approves the relationship in writing, and the customer is placed on a 12-month enhanced-review cycle rather than the standard 36-month cycle. Six months later a EUR 48,000.00 inbound transfer is checked against the recorded source of wealth and cleared with a note, because the enhanced monitoring exists precisely to make that check routine.

Evidence & review

REVIEWED 2026-07-13

PEP screening and enhanced due diligence at a regulated financial institution; PEP definitions, family/associate scope, and declassification periods vary by jurisdiction.

What this brief simplifies: The EDD steps are shown in a clean sequence; real reviews vary by risk level and product. The customer and PEP hit are synthetic.

Sources for this brief3
  1. Official requirement

    The FATF Recommendations: International Standards on Combating Money Laundering and the Financing of Terrorism & ProliferationFinancial Action Task Force · PEPs, enhanced due diligence, and the risk-based approach

    The global standards countries implement against money laundering, terrorist financing, and proliferation financing, including targeted financial sanctions and payment transparency under Recommendation 16. · Checked 2026-07-12

    Adopted in 2012 and updated regularly since; the June 2025 FATF plenary agreed revisions to Recommendation 16 on payment transparency. Consult the live consolidated text for the current wording.

  2. Market practice

    Wolfsberg Group Sanctions Screening GuidanceThe Wolfsberg Group · Distinguishing PEP screening from sanctions screening

    Industry guidance on the elements of an effective sanctions screening programme: the risk-based approach, list management, matching technology, alert generation, and alert handling. · Checked 2026-07-12

    Wolfsberg guidance is industry market practice, not law; institutions vary in how they apply it.

  3. Simplified educational illustration

    Payments Signal editorial teaching modelsPayments Signal

    This site's own simplified teaching models. · Checked 2026-07-12

    Used wherever diagrams, scenarios, figures, or example values are didactic constructions rather than sourced facts; every such use carries a simplifications disclosure. All people, companies, banks, and list entries in examples are fictional.

Learn this properly

Related briefs

View Fraud & Compliance archive

Adverse media screening

Adverse media screening checks a customer against negative news linking them to crime or misconduct. It surfaces risk that official lists miss and feeds due diligence rather than blocking payments — while generating false positives a programme must control.

READ BRIEF

AML transaction monitoring

Anti-money-laundering transaction monitoring reviews many transactions over time for patterns that suggest financial crime, after they settle rather than in the payment path. Alerts that survive investigation become suspicious activity reports filed with the authorities.

READ BRIEF

Payment fraud typologies

Payment fraud typologies are recognised patterns of attack — authorized push payment fraud, account takeover, and money-mule networks. Knowing each pattern's signals helps a bank detect and prevent it and protect the customer, and stays firmly on the defensive side.

READ BRIEF