How to Effectively Screen PEPs

To meet Know your customer (KYC) requirements, it is important to check both sanctions lists as well as politically exposed persons (PEP) lists as part of a customer onboarding process. 

Whereas sanctions restrict the ability to engage in a business relationship with a designated person or entity, engaging in a business relationship with a PEP is not prohibited. However, it is necessary to identify whether a customer or other business counterparty is a PEP in order to take appropriate measures to minimize risk to your organization, including money laundering risk.

What is a PEP?

Politically exposed persons, or PEPs, are individuals who have been entrusted with high-level political positions in government or have close connections to such individuals. This includes elected officials, government employees, and even members of their families and close associates. 

Why Screen PEPs?

PEPs may be at a higher risk of engaging in corrupt activities, such as money laundering or bribery, due to their position of power and the potential for conflicts of interest according to the Financial Action Task Force (FATF). As a result, financial institutions and Designated Non-Financial Businesses and Professions (DNFBPS) – such as lawyers, accountants, real estate agents, and precious metals dealers – must take extra steps to screen PEPs and monitor their activities to ensure that they are not engaged in any illicit activities. 

Screening PEPs is also important for protecting an organization's reputation. If an organization is found to have done business with a PEP who is later discovered to have engaged in money laundering or corruption, this may damage the organization's reputation.

KYC Regulations and PEP Screening Requirements

Requirements for screening sanctions vary by jurisdiction. In general, financial institutions and locally-regulated non-financial businesses must screen their customers against domestic and foreign PEP lists and are required to conduct regular rescreening in line with local requirements – for example, daily or weekly watchlist rescreening. 

Below are regulations for screening PEPs across an example set of major international financial jurisdictions: United States, European Union, United Arab Emirates, United Kingdom, and Singapore.

United States: PEP screening requirements are outlined by the Bank Secrecy Act (BSA) and Patriot Act, which mandate that foreign officials be identified as part of a customer due diligence process. PEP screening requirements are governed by the Financial Crimes Enforcement Network (FinCEN). Businesses should screen customers as part of a risk-based AML process during the customer onboarding process. Additional due diligence is required for customers deemed to be PEPs, including verifying identity, understanding the nature and purpose of the customer’s relationship to the business, and conducting ongoing rescreening to detect any red flags.

European Union: The Fourth Anti-Money Laundering Directive outlines PEP screening within the EU. Financial institutions are required to apply enhanced due diligence measures when dealing with PEPs, including obtaining senior management approval for any transactions with PEPs, and conducting ongoing monitoring of transactions to detect suspicious activity.

United Arab Emirates: PEP screening requirements are set out in the Anti-Money Laundering and Anti-Terrorism Financing Regulations of the Central Bank of the United Arab Emirates. DNFBPs are additionally recommended to follow the Ani-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations Guidelines for Designated Non-Financial Businesses and Professions of 2021. Financial institutions and DNFBPs are required to screen customers against domestic and international PEP lists. Financial institutions and DNFBPs are required to apply enhanced due diligence measures when dealing with PEPs, including obtaining senior management approval for any transactions with PEPs, and conducting ongoing monitoring of transactions to detect suspicious activity.

United Kingdom: The Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 lay out PEP screening requirements in the UK. Financial institutions are required to apply enhanced due diligence measures when dealing with PEPs, including obtaining senior management approval for any transactions with PEPs, and conducting ongoing monitoring of transactions to detect suspicious activity.

Singapore: According to the Anti-Money Laundering and Countering the Financing of Terrorism Act, financial institutions are required to apply enhanced due diligence measures when dealing with PEPs, including obtaining senior management approval for any transactions with PEPs, and conducting ongoing monitoring of transactions to detect suspicious activity.

How to Effectively Screen PEPs

Screening PEPs should be included as an integral component of the watchlist compliance process. In many jurisdictions it is necessary to screen both foreign and domestic PEPs.

Once your customers are screened against PEP lists, records should be retained so they can be reviewed by regulators on request. If a customer is identified as a PEP as part of the screening process, additional enhanced due diligence should be conducted to ascertain the PEP’s source of funds and reasons for the transaction or business activity. 

It is additionally important to regularly re-screen customers against PEPs lists and, if your business is facilitating transactions, to implement transaction monitoring to screen senders and receivers. 

Castellum.AI’s integrated watchlist compliance database enables users to screen global sanctions, local PEPs, international PEPs, and other watchlist categories (such as law enforcement most wanted lists, export control restrictions, and more), all at once. Audit trails and exportable reports enable customers to comply with recordkeeping requirements.

About Castellum.AI 

Castellum.AI automates compliance screening by providing watchlist screening solutions through online platform, API, and bulk data subscriptions.

Castellum.AI obtains global sanctions information directly from authorities issuing sanctions, and then proceeds to standardize, clean and enrich the data, extracting key information like IDs and addresses from text blobs. Castellum.AI enriches as many as fifteen separate items per entry. 

The database consists of over 1,000 watchlists, covering over 200 countries and eight different categories (sanctions, export control, law enforcement most wanted, contract debarment, politically exposed persons, regulatory enforcement, delisted, and elevated risk). Castellum.AI checks for watchlist updates every five minutes directly from issuing authorities.