Politically Exposed Person (PEP) Screening

A Politically Exposed Person (PEP) is an individual entrusted with a prominent public function, presenting a higher risk of involvement in bribery or corruption due to their position and influence. The core purpose of screening is not to deny service but to apply Enhanced Due Diligence (EDD) to understand the source of wealth and funds, mitigating the risk of facilitating illicit financial flows.

PEPs are categorized to apply proportional risk management:

• Domestic PEPs: Individuals holding prominent positions within the home country of the financial institution.
• Foreign PEPs: Individuals from other countries, typically considered higher risk.
• International Organization PEPs: Senior members of bodies like the UN or IMF.
• Family Members & Close Associates: Risk extends to relatives and known close business partners of the primary PEP, who may be used to conceal assets.

Screening involves automated checks against sanctions lists, PEP databases, and adverse media sources. Key steps include:

• Name Matching: Using algorithms to match customer data against watchlists, accounting for name variations and transliterations.
• Ongoing Monitoring: Continuous screening to detect if an existing customer becomes a PEP or if new adverse information emerges.
• Source of Wealth/Funds Verification: A critical part of EDD, requiring documentation to prove the legitimate origin of assets.

Screening in decentralized environments presents unique hurdles:

• Pseudonymity: Linking wallet addresses to real-world PEP identities is complex.
• DeFi Protocols: Determining the Virtual Asset Service Provider (VASP) obligated to perform checks in permissionless, non-custodial systems.
• Global & Automated Compliance: The need for solutions that can screen across jurisdictions and integrate via APIs for real-time transaction monitoring in CeFi and on-ramp/off-ramp services.

Often performed alongside PEP checks, sanctions screening is the process of checking customers and transactions against official government lists (e.g., OFAC SDN List) that prohibit dealings with specific countries, entities, or individuals. While PEP screening is a risk-based control, sanctions screening is typically a prohibitive control—matches usually result in a block or freeze, as sanctions violations carry severe penalties.

Many compliance frameworks further classify PEPs into risk tiers to allocate due diligence resources efficiently. This is not a formal FATF category but a common industry practice.

• High-Risk PEPs: Individuals with significant executive power (e.g., heads of state, ministers of defense).
• Medium-Risk PEPs: Senior officials with substantial influence but less direct control over budgets (e.g., legislators, senior judges).
• Low-Risk PEPs: Local officials or those in largely ceremonial roles.

Individuals who are no longer in a prominent public function. Financial institutions must still consider them PEPs for a mandatory cooling-off period (often 12 months to several years, as defined by local regulation). The risk assessment must evaluate if they still pose a continuing influence risk or have access to assets acquired during their tenure. Ongoing monitoring is typically required.

Screening relies on sanctions lists and PEP registries that are often incomplete, outdated, or inconsistent across jurisdictions. Name variations (e.g., transliterations, aliases), lack of unique identifiers, and poor data formatting lead to high rates of false positives and false negatives.

• Example: Screening for 'Vladimir Putin' might miss entries for 'V. Putin' or the Cyrillic spelling.
• Challenge: No global, standardized database of PEPs exists, forcing reliance on fragmented commercial sources.

A primary operational burden is the volume of alerts generated that do not correspond to actual PEPs. This occurs due to name matching against common names, leading to alert fatigue for compliance teams. Investigating each alert requires manual review, increasing costs and slowing down customer onboarding (KYC processes).

• Consequence: Institutions may waste over 80% of review time on false positives, according to industry estimates.
• Mitigation often involves implementing fuzzy matching algorithms and additional data points.

An individual's PEP status and associated risk are not static. Risk-based approach requires continuous monitoring for:

• Becoming a PEP: A private citizen is appointed to a prominent public function.
• Ceasing to be a PEP: The individual leaves office; regulations often require monitoring for a cooling-off period (e.g., 12 months).
• Changing risk tier: Moving from a domestic to a foreign PEP role increases risk. Manual tracking of these life-cycle events is impractical, necessitating ongoing monitoring solutions.

There is no single, global legal definition of a Politically Exposed Person. FATF recommendations provide a framework, but local regulations differ on:

• Scope of 'family members' and 'close associates'.
• Which positions qualify (e.g., senior officials of state-owned enterprises, judicial figures).
• Requirements for domestic vs. foreign PEPs. This variance creates complexity for global compliance programs, requiring systems to be configured for the strictest applicable rule set to avoid regulatory penalties.

Screening in decentralized and pseudonymous environments presents unique challenges. Virtual Asset Service Providers (VASPs) must screen customers, but on-chain addresses are not directly tied to PEP lists. Solutions involve:

• Linking wallet addresses to identified entities during fiat on-ramps/off-ramps.
• Screening counterparties in over-the-counter (OTC) trades.
• The travel rule mandates sharing sender/receiver information, which must be screened. DeFi protocols with non-custodial models struggle to implement traditional screening, creating a regulatory gray area.

Effective PEP screening is a resource-heavy process involving:

• Licensing fees for commercial screening databases and watchlist services.
• IT infrastructure for integrating screening software into onboarding workflows.
• Skilled compliance personnel to investigate alerts and make final determinations. For smaller institutions and startups, these costs can be prohibitive, potentially leading to compliance gaps. Many turn to Software-as-a-Service (SaaS) compliance platforms to manage scale and complexity.

A set of laws, regulations, and procedures designed to prevent criminals from disguising illegally obtained funds as legitimate income. PEP screening is a mandatory Customer Due Diligence (CDD) control within an AML program. Key components include:

• Transaction Monitoring: Scrutinizing customer transactions for suspicious patterns.
• Suspicious Activity Reports (SARs): Mandatory filings to regulators about potentially illicit activity.
• Risk-Based Approach: Tailoring controls based on the assessed risk level of a customer.

The process of verifying the identity of a client and assessing their suitability, along with the potential risks of illegal intentions. It is the foundational step before PEP screening. Core elements are:

• Identity Verification: Confirming a user's identity via documents or biometrics.
• Address Verification: Proof of residence checks.
• Beneficial Ownership: Identifying the natural persons who ultimately own or control a legal entity customer.

The process of checking individuals and entities against official government lists that prohibit doing business with specific countries, regimes, or persons. It runs parallel to PEP screening. Key lists include:

• OFAC Specially Designated Nationals (SDN) List (US)
• EU Consolidated Financial Sanctions List
• UN Security Council Sanctions Lists Screening must be performed at onboarding and on a continuous, real-time basis against updated lists.

Heightened scrutiny applied to customers identified as higher risk, such as Politically Exposed Persons (PEPs). It goes beyond standard KYC and involves:

• Source of Wealth & Funds: Investigating the origin of a customer's assets and the funds being deposited.
• Ongoing Monitoring: More frequent transaction reviews and profile updates.
• Senior Management Approval: Requiring sign-off from compliance officers or executives for the business relationship.

Also known as Negative News Screening, this is the process of screening potential or existing customers against news sources and public databases for mentions of financial crime, corruption, or other reputational risks. It is a critical risk-based supplement to official PEP and sanctions lists, helping to identify individuals who may not yet be formally listed but pose a clear risk.