What are PEPs and sanctions checks?

Politically exposed persons (PEPs) and sanctioned individuals are two classes of persons that regulated industries must identify when onboarding. To comply with KYC and AML requirements, regulated businesses must run PEPs and sanctions checks as part of their due diligence.

Keep reading to learn why PEPs and sanctions designations are necessary, what institutions can decide on the exact definitions and how to navigate PEPs and sanctions screening.

Who is considered a Politically Exposed Persons (PEPs)?

A PEP is someone who is seen as being at a higher than average risk of money-laundering resulting from bribery or corruption due to them holding a high profile position, or proximity to someone in a political position.  The Financial Action Task Force — the global watchdog for money laundering and terrorist financing — defines a PEP this way:

A politically exposed person (PEP) is an individual who is or has been entrusted with a prominent function. Many PEPs hold positions that can be abused for the purpose of laundering illicit funds or other predicate offences such as corruption or bribery.

Some positions that mean someone may be considered a PEP are governmental and parliamentary positions, high ranking members of the armed forces and members of high-level judicial bodies. 

It’s important to note that someone may also be considered a PEP if they are in close proximity to someone in an at-risk position. For example family members, close business associates and beneficial owners of the person’s property.

Why are PEPs and sanctions screening necessary?

Certain regulated industries, particularly financial services are mandated to complete PEPs and sanctions screening as part of their customer due diligence (CDD) processes at onboarding. Based on the results of these checks, they may then be required to complete additional screening before deciding whether to onboard the customer. These CDD processes form a small part of an overall know your customer (KYC) flow. Read our ‘what is KYC’ blog to learn more about KYC processes.

The US, UK, EU and other countries or bodies, such as the United Nations, may impose sanctions on countries, businesses or individuals to prohibit doing business with them. The UK government defines the purpose of sanctions as being "to change the behaviour of the target country's regimes, individuals or groups in a direction which will improve the situation in that country." 

Who decides who is a PEP, and who is sanctioned?

There are many different sanctions lists. CAPTA (Correspondent Account or Payable-Through Account) is the sanctions list created by the US Department of the Treasury’s Office of Foreign Asset Control (OFAC). The EU and UK have their own lists. 

According to the US Treasury Department website: "Every transaction that a US financial institution engages in is subject to OFAC regulations. If a bank knows or has reason to know that a target is party to a transaction, the bank's processing of the transaction would be unlawful."

For a company with a direct or indirect presence in multiple countries, whether by virtue of an office or a branch, a sales presence, or partnerships, they might need to have an oversight of many different lists to ensure they remain compliant across geographies.

PEPs and sanctions checks best practices

Generally, financial services businesses are expected to take a risk-based approach — no one size fits all. This typically means applicants are assessed during the KYC process to decide whether CDD or EDD is necessary. Learn more about the difference between CDD and EDD in our blog.

When it comes to PEPs and sanctions screening, many businesses are looking towards automated watchlist providers that provide real-time screening and track changes in lists. These providers give reports back to businesses during user onboarding, and if required provide ongoing monitoring — so inform businesses of changes of status to individuals to indicate if they are sanctioned having already been onboarded.

Ideally, checks are run automatically, but it is good practice (at minimum) to check customers each time: (i) the relevant sanctions lists are changed; and/or (ii) there is a change in the customer’s / user’s details. It is also good practice to include directors, beneficial owners and third-party payees in the screening.

PEP and sanctions screening solutions

Onfido’s watchlist monitoring solution screens user data at onboarding, and can be configured to re-screen users against chosen sources every 24 hours, and notify you with any updates. We supercharge our performance by using AI to index and dynamically update our data. This means we provide responses in near real-time, so you can make fast decisions that don't keep customers waiting.