PEP Screening: How to Identify Politically Exposed Persons
Complete guide to PEP screening: definition, FCA FG25/3 obligations, identification process, enhanced due diligence and best practices for UK businesses in 2026.
Summarize this article with
ChatGPT
Claude
Perplexity
Gemini
GrokPEP screening is a mandatory component of any AML/KYC programme: it is the process of determining whether a customer, partner or beneficial owner holds โ or has held โ a prominent public position, and of applying proportionate enhanced due diligence accordingly. In the UK, failures in PEP screening have attracted seven-figure fines from the Financial Conduct Authority โ including a ยฃ6.47 million penalty against ADM Investor Services International in 2023 and a ยฃ7.6 million fine against Guaranty Trust Bank UK the same year, both for inadequate PEP controls.
This guide covers the regulatory definition of PEPs, the UK framework under FCA FG25/3 and the Money Laundering Regulations 2017, the screening process, and practical steps for compliance in 2026.
This article is for informational purposes only and does not constitute legal, financial, or regulatory advice. Consult a qualified professional for specific compliance questions.
What is PEP screening?
PEP screening is the structured process of checking individuals against databases of politically exposed persons to assess their money laundering risk. A politically exposed person (PEP) is someone who holds or has held a prominent public function โ making them potentially more susceptible to bribery, corruption, and the laundering of illicit funds through their access to public resources or decision-making power.
As of January 2024, Regulation 35 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs) was amended to introduce a clearer distinction between domestic and non-domestic PEPs (MLRs 2017, SI 2017/692). This distinction is the cornerstone of the FCA's finalised guidance FG25/3 published on 7 July 2025.
The FATF Recommendations 12 and 22 provide the international baseline: firms must apply enhanced due diligence (EDD) to business relationships involving PEPs โ but the FATF is explicit that PEP measures are preventive, not punitive (FATF Recommendations 12 & 22).
Who qualifies as a PEP? Three categories
The MLRs 2017 define PEPs by reference to the functions they hold. Understanding these categories is essential for building a proportionate screening programme.
| Category | Examples of functions |
|---|---|
| Domestic PEPs (UK) | MPs, members of the House of Lords, senior judges, senior civil servants, members of the Royal Family performing public functions |
| Non-domestic PEPs | Foreign heads of state, government ministers, members of parliament, central bank governors, senior military officials |
| International organisation PEPs | Directors, deputy directors and board members of international bodies (UN, IMF, World Bank, FATF) |
The screening obligation extends to close family members (spouse, children, parents, siblings-in-law) and known close associates of PEPs. Under FCA FG25/3, non-executive board members of UK civil service departments are explicitly excluded from the PEP definition โ a specific clarification added in the July 2025 revised version.
FCA FG25/3: the recalibrated approach for domestic PEPs
On 7 July 2025, the FCA published Finalised Guidance FG25/3 on the treatment of politically exposed persons for anti-money laundering purposes. The guidance recalibrates the approach to domestic PEPs significantly.
The FCA's FG25/3 states that the starting point for domestic PEPs and their family members and known close associates is that they present a lower level of risk than non-domestic PEPs (FCA FG25/3, para. 2.7). This does not mean EDD is automatically inapplicable โ but firms should not apply the same treatment as for foreign PEPs without individual risk assessment.
Key principles from FG25/3:
- Case-by-case assessment: Risk must be evaluated individually, not applied uniformly by PEP category
- No automatic EDD for domestic PEPs: Source of wealth verification and source of funds checks are not automatically required for domestic PEPs absent additional risk factors
- Circumstances warranting full EDD: Connections to high-risk jurisdictions, adverse media relating to financial crime, or unusual wealth patterns relative to public role
- No refusal based solely on PEP status: Firms must not decline or terminate business relationships purely because a customer is a PEP, in line with Consumer Duty obligations
- Senior management sign-off: Required when onboarding any PEP, with documented rationale for the risk assessment
The PEP screening process: five steps
A compliant PEP screening programme follows a consistent, documented workflow from initial onboarding through ongoing monitoring.
Step 1: Data collection and normalisation
Effective screening begins with accurate identity data: full legal name, date of birth, nationality, country of residence, and โ where available โ national identification numbers. Name variations, transliterations (particularly for non-Latin scripts), and compound names must be handled through fuzzy matching algorithms to minimise false negatives.
Step 2: Database screening
PEP lists are not maintained by a single public authority in the UK. Firms typically use commercial databases โ Refinitiv World-Check, LexisNexis Bridger, Dow Jones Risk & Compliance โ which aggregate data from government sources, legislative registers, court records, and adverse media. Using a single database is insufficient: the FCA expects firms to apply a risk-based approach that accounts for the limitations of any single source.
No commercial PEP database covers 100% of global political figures: firms in sectors with higher PEP exposure โ private banking, wealth management, correspondent banking โ typically combine two or more independent data providers.
Step 3: Risk scoring and decision
A match triggers a risk assessment. Factors considered include: the nature of the public function held, the country of origin (with heightened scrutiny for FATF high-risk jurisdictions), the recency of the mandate, the value and nature of the proposed relationship, and any adverse media. The output is a risk tier โ standard monitoring, EDD, or relationship refusal โ with documented rationale.
Step 4: Enhanced Due Diligence measures
Where EDD is warranted, it comprises: obtaining and verifying the source of wealth (documented evidence of how the PEP accumulated their assets), verifying the source of funds for each significant transaction, and securing senior management approval before onboarding or continuing the relationship. EDD records must be maintained for at least five years after the end of the business relationship.
Step 5: Ongoing monitoring and status updates
PEP status is not static. Customers can become PEPs after initial onboarding (elections, appointments) or cease to be PEPs (end of term, resignation). The FCA expects firms to monitor status changes as part of ongoing customer due diligence, and to update risk classifications promptly. The FG25/3 permits firms to ask customers to notify them of changes in circumstance โ a practical mechanism for managing the ongoing monitoring obligation.
Common questions from compliance teams on PEP screening
Practitioners consistently raise questions that the regulatory guidance does not always answer with sufficient precision.
Can we automatically close accounts of existing PEP customers? No. FCA FG25/3 is explicit that firms must not close accounts solely because a customer is classified as a PEP. Closure is only justified where the individual risk assessment concludes the relationship poses an unacceptable risk.
How long must we treat a former PEP as a PEP? Under the MLRs 2017, firms must apply a risk-based approach to assessing former PEPs. As a practical benchmark, the FATF recommends treating former PEPs as higher risk for at least 12 months after they leave office, with the period extending where residual risk factors persist. Users on compliance forums frequently ask this question โ the short answer is that 12 months is a floor, not a ceiling.
What constitutes "source of wealth" evidence for a PEP? Source of wealth evidence should document how the PEP accumulated their overall asset base โ salary records, property ownership documents, investment portfolios, inheritance records, or business ownership documentation. It is distinct from source of funds (the origin of a specific transaction). Both may be required for high-risk PEPs.
Automation in PEP screening programmes
Manual PEP screening is viable only at very low client volumes. For regulated firms processing hundreds or thousands of onboardings, automated screening integrated into the KYC workflow is now standard โ and expected by the FCA in its supervisory reviews.
CheckFile's document verification platform integrates identity data extraction with automated screening against PEP and sanctions databases, generating audit-ready case records. For firms managing complex onboarding, our solutions for financial services provide sector-specific workflows.
PEP screening does not operate in isolation. It sits alongside sanctions screening โ our guide to sanctions screening: OFAC, EU lists and compliance covers the complementary obligations. The complete AML compliance guide provides the broader framework within which PEP controls sit.
The KYC 2026 requirements guide details the full due diligence programme that PEP screening supports.
For an overview of our pricing for compliance automation tools, see our pricing page. For the broader compliance documentation framework, see the document compliance guide.
FAQ
What is PEP screening in AML?
PEP screening in AML is the process of identifying whether a customer or counterparty holds or has held a prominent public position (a "politically exposed person"), assessing the money laundering risk this poses, and applying enhanced due diligence where required. It is mandatory under the UK Money Laundering Regulations 2017 and aligned with FATF Recommendations 12 and 22.
What is PEP screening in KYC?
In a KYC programme, PEP screening is the step that follows identity verification โ once you know who the customer is, you check whether they appear on PEP databases. A positive match triggers enhanced due diligence, senior management approval, and ongoing monitoring obligations, distinguishing PEP checks from standard customer due diligence.
Is PEP screening mandatory in the UK?
Yes. Regulation 35 of the Money Laundering Regulations 2017 requires all regulated firms to apply enhanced customer due diligence to customers identified as PEPs or their close family members and associates. The FCA's FG25/3 (July 2025) provides detailed guidance on applying a proportionate, risk-based approach โ particularly for domestic PEPs.
How often should PEP screening be repeated?
The FCA expects ongoing monitoring, not a single check at onboarding. In practice, many firms perform automated rescreening daily or weekly against updated PEP databases, with a full case review triggered whenever a customer's status changes. Perpetual KYC (pKYC) approaches automate this continuous monitoring.
Can a PEP be refused banking services?
Firms must not refuse business relationships based solely on PEP status. Under Consumer Duty and the FCA's FG25/3, each case must be assessed individually. Refusal is permitted โ and may be required โ where the specific risk assessment concludes the relationship poses unacceptable ML/TF risk, but automatic blanket refusals are a compliance violation.