PEP Screening in Canada: Identify PEPs

PEP screening is a mandatory component of any AML/KYC programme in Canada: it is the process of determining whether a customer, partner, or beneficial owner is — or has been — a politically exposed person (PEP), a head of an international organization (HIO), or a family member or close associate of either, and of applying proportionate enhanced due diligence accordingly. The Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its regulations define these categories and impose specific obligations on all reporting entities.

This guide covers the regulatory definition of PEPs and HIOs in Canada, the PCMLTFA framework, the screening process, and practical steps for compliance in 2026.

This article is for informational purposes only and does not constitute legal, financial, or regulatory advice. Consult a qualified professional for specific compliance questions.

What is PEP screening?

PEP screening is the structured process of checking individuals against databases of politically exposed persons to assess their money laundering risk. A PEP is someone who holds or has held a prominent public function — making them potentially more susceptible to bribery, corruption, and the laundering of illicit funds.

The PCMLTFA defines three distinct categories: domestic PEPs, foreign PEPs, and heads of international organizations (HIOs). Each carries different due diligence requirements (PCMLTFA Regulations, Part 1.1). FINTRAC provides detailed guidance on PEP and HIO determination that reporting entities must follow.

Canada's approach aligns with the FATF Recommendations 12 and 22, which provide the international baseline: firms must apply enhanced due diligence to business relationships involving PEPs (FATF Recommendations 12 & 22).

Who qualifies as a PEP? Three categories under the PCMLTFA

The PCMLTFA regulations define PEPs and HIOs with specific reference to the functions they hold.

The screening obligation extends to family members (spouse, child, mother, father, sibling of a PEP or HIO) and close associates — persons closely connected to a PEP or HIO for personal or business reasons. Under the PCMLTFA regulations, close associates include individuals known to be closely connected, including through business or personal relationships.

PCMLTFA requirements: domestic vs foreign PEPs

A critical distinction in Canadian law is the different treatment of domestic PEPs versus foreign PEPs and HIOs.

Foreign PEPs and HIOs trigger automatic enhanced due diligence requirements. Reporting entities must:

• Determine whether the person is a foreign PEP or HIO before establishing the business relationship.
• Obtain senior management approval.
• Take reasonable measures to establish the source of funds and source of wealth.
• Conduct enhanced ongoing monitoring.

Domestic PEPs trigger EDD obligations only when the reporting entity determines, in the course of its activities, that a person is a domestic PEP and the business relationship is assessed as high-risk. This is a significant distinction — domestic PEPs do not automatically require EDD unless a risk assessment warrants it.

Family members and close associates of PEPs and HIOs are subject to the same obligations that apply to the PEP or HIO they are connected to.

The PEP screening process: five steps

A compliant PEP screening programme follows a consistent, documented workflow from initial onboarding through ongoing monitoring.

Step 1: Data collection and normalisation

Effective screening begins with accurate identity data: full legal name, date of birth, nationality, country of residence, and — where available — Social Insurance Number (SIN) or other identification numbers. Name variations, transliterations, and compound names must be handled through fuzzy matching algorithms.

Step 2: Database screening

PEP lists are not maintained by a single public authority in Canada. Reporting entities typically use commercial databases — Refinitiv World-Check, LexisNexis Bridger, Dow Jones Risk & Compliance — which aggregate data from government sources, legislative registers, court records, and adverse media.

No commercial PEP database covers 100% of global political figures: reporting entities in sectors with higher PEP exposure — private banking, wealth management, correspondent banking — typically combine two or more independent data providers.

Step 3: Risk scoring and decision

A match triggers a risk assessment. Factors considered include: the nature of the public function held, the country of origin (with heightened scrutiny for FATF high-risk jurisdictions), the recency of the mandate, the value and nature of the proposed relationship, and any adverse media. The output is a risk tier — standard monitoring, EDD, or relationship refusal — with documented rationale.

Step 4: Enhanced Due Diligence measures

Where EDD is warranted, it comprises: obtaining and verifying the source of wealth, verifying the source of funds for each significant transaction, and securing senior management approval before onboarding or continuing the relationship. EDD records must be maintained for at least five years after the end of the business relationship.

Step 5: Ongoing monitoring and status updates

PEP status is not static. Customers can become PEPs after initial onboarding (elections, appointments) or cease to be PEPs (end of term, resignation). FINTRAC expects reporting entities to monitor status changes as part of ongoing customer due diligence.

Common questions from compliance teams

How long must we treat a former PEP as a PEP? Under the PCMLTFA regulations, a person remains a PEP for a prescribed period after leaving office. For foreign PEPs and HIOs, the obligation continues for five years after the person left office. For domestic PEPs, the enhanced monitoring obligation applies as long as the person is determined to be high-risk.

Can we automatically close accounts of PEP customers? No. Reporting entities must not close accounts solely because a customer is classified as a PEP. Each case must be assessed individually. Closure is justified only where the risk assessment concludes the relationship poses unacceptable risk.

What constitutes "source of wealth" evidence? Source of wealth evidence should document how the PEP accumulated their overall asset base — salary records, property ownership documents, investment portfolios, inheritance records, or business ownership documentation. It is distinct from source of funds (the origin of a specific transaction).

Automation in PEP screening programmes

Manual PEP screening is viable only at very low client volumes. For reporting entities processing hundreds or thousands of onboardings, automated screening integrated into the KYC workflow is now standard — and expected by FINTRAC during compliance examinations.

CheckFile's document verification platform integrates identity data extraction with automated screening against PEP/HIO and sanctions databases, generating audit-ready case records.

PEP screening does not operate in isolation. It sits alongside sanctions screening — our guide to sanctions screening: OFAC, EU lists and compliance covers the complementary obligations. The complete AML compliance guide provides the broader framework within which PEP controls sit.

The KYC 2026 requirements guide details the full due diligence programme that PEP screening supports.

For an overview of our pricing for compliance automation tools, see our pricing page. Our platform processes over 180,000 compliance documents per month with a 94.8% fraud detection rate and an average verification time of 4.2 seconds.

FAQ

What is PEP screening in AML?

PEP screening in AML is the process of identifying whether a customer or counterparty holds or has held a prominent public position (a "politically exposed person"), assessing the money laundering risk this poses, and applying enhanced due diligence where required. It is mandatory under the PCMLTFA for all Canadian reporting entities and aligned with FATF Recommendations 12 and 22.

What is the difference between a foreign PEP and a domestic PEP under the PCMLTFA?

A foreign PEP holds or has held a prominent public function in a foreign country. A domestic PEP holds or has held a prominent public function in Canada. Foreign PEPs automatically trigger enhanced due diligence requirements (senior management approval, source of wealth/funds verification). Domestic PEPs trigger EDD only when the business relationship is assessed as high-risk. Both categories include family members and close associates.

Is PEP screening mandatory in Canada?

Yes. The PCMLTFA requires all reporting entities to determine whether clients are PEPs, HIOs, family members, or close associates. For foreign PEPs and HIOs, enhanced due diligence is mandatory from the outset. For domestic PEPs, EDD is required when the relationship is high-risk.

How often should PEP screening be repeated?

FINTRAC expects ongoing monitoring, not a single check at onboarding. In practice, many reporting entities perform automated rescreening daily or weekly against updated PEP databases, with a full case review triggered whenever a customer's status changes. The PCMLTFA requires reasonable measures to keep client information up to date.

Can a PEP be refused banking services in Canada?

Reporting entities must not refuse business relationships based solely on PEP status. Each case must be assessed individually based on the risk it presents. Refusal is permitted where the specific risk assessment concludes the relationship poses unacceptable money laundering or terrorist financing risk, but automatic blanket refusals are not appropriate.