PEP Screening
Screening of Politically Exposed Persons (PEPs) and their close kins is a critical component of Customer Due Diligence Measures, given their influence on Government policies, access to government funds and public opinions. Screening customers to identify PEPs enables Regulated Entities to widen their lenses to apprehend the anticipated risk before the risk traps them.
Who is a Politically Exposed Person (PEP)?
A Politically Exposed Person (PEP) is an individual who holds or has held a prominent public position and, by virtue of it, may present higher risk of Money Laundering or Corruption.
There are 4 categories of PEP:
Foreign PEPs
Individuals holding or having held prominent public functions in a foreign country (e.g., Heads of State or of Government, Senior Politicians, Judicial Officers, Military Officials, Senior Executives of State-Owned Corporations, Important Political Party Leaders.
Domestic PEPs
Individuals holding or has held prominent public positions within the UAE (e.g., Heads of States, Ministers, Senior Government Officials, Judicial Officers, Military Officials, Opposite Political Party Leaders).
International Organisation PEPs
Senior Management, Directors, President, Chairpersons in international organisations (e.g., UN, IMF).
Family Members and Close Associates (Related Customers)
Immediate relatives or associates of PEPs, as they may also pose similar risks.
What is PEP Screening?
PEP screening is the process of identifying, verifying, and monitoring Politically Exposed Persons (PEPs) as part of Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) and Counter Proliferation Financing (CPF) compliance. This requirement is mandated under the UAE AML-CFT regulations and is overseen by the Central Bank of the UAE (CBUAE), Financial Intelligence Unit (FIU), and other regulatory bodies.
Purpose of PEP Screening:
The purpose of PEP screening is to identify customers with political exposure who, by means of it, may pose a significantly higher risk of involvement in corruption, Money Laundering, or other financial crimes. It helps Regulated Entities such as Licensed Financial Institutions (LFIs), Designated Non-Financial Businesses and Professions (DNFBPs), and Virtual Asset Service Providers (VASPs) in UAE to comply with AML/CFT and CPF regulations. These include applying Enhanced Due Diligence (EDD) measures, such as verifying the source of funds, sources of wealth, and monitoring customers on an ongoing basis. Through effective screening of PEPs and their related parties, Regulated Entities can mitigate legal, financial, and reputational risks while ensuring that their operations are not misused for illicit activities.
Operational Pain Points in PEP Screening
Regulated Entities (REs) might already have internal policies in place and may be conducting PEP screening by matching names against databases and using screening tools. But are they truly sufficient for effective AML/CFT compliance? Some of common challenges are highlighted below:
If you are facing PEP Due Diligence pain points.
That’s exactly where AML UAE comes in to help you.
Regulatory Obligations for PEP Screening in the UAE
PEP screening isn’t optional; it is a regulatory obligation that protects Regulated Entity’s business from financial crime and non-compliance risks. Therefore, a robust and effective PEP screening framework for LFIs, DNFBPs, VASPs, and other Regulated Entities is crucial. They should be equipped to elevate PEP screening from a routine check into a robust shield against ML, TF and other white-collar crimes.
Federal Decree Law No. (10) of 2025 and UAE Cabinet Decision No. (134) of 2025 outlines obligations for identifying PEPs and conducting Enhanced Due Diligence in line with FATF standards.
Whom to Screen Across Which Databases for PEP Identification?
The data around the globe for PEP screening is vast, hence it is of utmost importance to find a niche database for PEP identification. For that Regulated Entities in UAE are required to understand whom to screen across which database for an accurate result without any false positives. Here’s a comprehensive table that depicts who are required to screen against which sources for more efficient PEP Screening results.
Category
Whom to Screen
Which Databases to Screen Customers Across(Sources)
PEP Roles (Mandatory Screening Obligation)
- Heads of States or Governments
- Senior politicians
- Senior government officials
- Judicial officials
- Military officials
- Senior executives of state-owned corporations
- Senior officials of political parties
- Senior officials of international organizations
- Former Head of States, Ministers or Government Officials
- UAE and foreign government/regulatory databases
- PEP databases
- International watchlists
Extended Risk-Based Screening
- Heads of trade unions and professional associations
- Politically influential persons without formal titles
- Public records
- Adverse media screening
Direct Family Members & Close Associates (Related Customers)
- Spouses
- Children
- Spouses of children
- Parents
- Other close relatives
- Known business or personal associates
- PEP relationship databases
- Proprietary screening tools
- Internal relationship mapping
Beneficial Owners of Legal Entities
- Beneficial owners ≥ 25%
- Beneficial owners < 25% with collective control
- Senior managing officers in complex entities
- Beneficial ownership registers
- Corporate registries
- Risk-based ownership analysis
Supporting Data Sources
- All customers and related parties (based on risk)
- International watchlists
- Adverse media databases
- Proprietary screening solutions
At What Stages Should PEP Screening be Conducted?
To ensure robust AML/CFT compliance, PEP (Politically Exposed Person) screening should be conducted at the following key stages of the customer lifecycle:
Onboarding / Customer Due Diligence (CDD)
Identifying PEPs or Related Customers before the business relationship begins. This includes screening beneficial owners and understanding their political exposure, source of funds, and potential risks.
Ongoing Monitoring
In order to detect changes in PEP status during the continuation of business relationships, such as customers being appointed to or stepping down from public positions. Regular re-screening helps ensure the risk profile remains current.
Trigger Events
Re-screening existing customers when specific events occur, such as changes in ownership, significant transactions, updates to customer information, or adverse media hits.
Periodic Reviews
As part of routine periodic KYC reviews (especially for higher-risk customers), to ensure all existing clients are still correctly classified and monitored.
Step-by-Step Guide for Regulated Entities to Conduct PEP Screening
Regulated Entities should tailor their PEP Screening Policies, Procedures and Methodologies in accordance with the organisation’s operational requirements and their risk appetite. The following are the mandatory steps when dealing with high-risk PEPs and related customers:
Commencing Customer Due Diligence (CDD) by Obtaining Know Your Customer (KYC) Information
Before entering a business relationship, Regulated Entities should obtain key identifiers from customers such as their name, occupational and jurisdictional details, nature of their business, address, ID proofs or passport, aliases and other relevant details through a customised KYC questionnaire.
If a customer or UBO self-declares to be a PEP in the KYC form, then Regulated Entities should further acquire clarifications regarding their tenure and jurisdiction of service, to ascertain the impact of their influence as a Politically Exposed Person.
Screening Customer Name Across PEP Database
Irrespective of the PEP self-declaration in the KYC questionnaire, Regulated Entities are required to undertake thorough PEP Screening for holistic Customer Risk Assessment. After obtaining key identifiers, Regulated Entities should screen the name of each customer and UBO against a wide range of PEP databases and public records available, locally and globally. If the screening outcome results in matches, then the true match must be disambiguated from false matches.
Conducting PEP Risk Assessment for customers identified as PEP
Every PEP profile is dynamic, and the risk associated with them would vary for various reasons. Regulated Entities should assess the likelihood of ML/TF, corruption and undue influence risks associated with identified PEP, by taking several factors into consideration, such as the position of PEP, nature of their service, scope of their autonomy, their influence on government funds and public opinions, the country they belong or any prior connection with financial crimes.
PEP Risk Classification
After ascertaining the ML/TF risk associated with identified PEPs, Regulated Entities should classify them into Risk Categories such as Low, Medium or High, based on the organisation’s risk appetite and nature of the individual risk recognised.
There is always a possibility that the particular nature of a PEP or business relationship may not pose significant ML/TF risk to the business. Therefore, keeping that in mind, Regulated Entities should formulate Risk-Based Customer onboarding parameters for PEPs. Additionally, REs should assign commensurate PEP-Risk Ratings based on the Risk Matrix applicable to their own business, improving their risk mitigation measures.
Risk-Based PEP Due Diligence
After classifying the PEP customers into Risk Categories, Regulated Entities are required to apply commensurate Due Diligence measures. REs should apply Enhanced Due Diligence for PEPs falling in high-risk categories and Standard Due Diligence for PEPs, which pose moderately medium or low ML/TF risk to the business. However, Ongoing Monitoring of each PEP profiles such as their transaction patterns or behavioural patterns is mandatory, regardless of their risk category.
Note: Before starting or continuing business relationship with an identified PEP, Senior Management’s approval is mandatory. Senior Management within Regulated Entities should grant their approval, accepting the possibility of risk for continuation of business relationship. This also applies to existing relationship, where formal approval is required from Senior Management. Additionally, REs should bifurcate Identified PEP into domestic and international PEP to ascertain the ML/TF risk.
Customer Risk Assessment Guidance for PEPs
Regulated Entities (REs) in the UAE are required to apply Risk-Based Due Diligence measures when dealing with Politically Exposed Persons (PEPs) and their Related Customers due to the elevated risk of Money Laundering, corruption, and abuse of the financial system. These obligations apply regardless of whether the individual is a domestic or foreign PEP, a Head of International Organisation (HIO), or a Related Customer.
PEP Category / Factor
Risk Consideration
PEP Risk Rating Guidance
Foreign PEPs & Related Customers
Automatically subject to enhanced ongoing monitoring
Not all are high-risk by default; assessment based on position, influence, and jurisdiction
PEP Risk Rating Guidance
EDD is triggered only if there is a high-risk business relationship
Risk rating based on position, control, and local controls
Nature of the PEP’s Position
– Level of control over decisions & funds
– Rank/status in government or international organisation
– Autonomy in decision making
Higher position and control = Higher risk
Jurisdiction of the PEP
– Strength of Anti- Corruption controls
– Free press & political opposition
– Asset disclosure & internal audit bodies
Weak governance and high corruption = Higher risk
Related Customers
– Nature of relationship (direct family, close associate)
– Risk rating of linked PEP
– Influence level of PEP over the customer
Use same or higher risk rating as linked PEP
Dual PEP Status (Domestic + Foreign)
If a natural person qualifies as both, treat as Foreign PEP
Apply higher of the two risk ratings
Multiple PEP Owners (Legal Persons)
Where two or more PEPs are involved
Apply the highest risk rating among PEPs
Customer Profile Considerations
– Type of business (e.g., cash-intensive)
– Products/services used
– Transaction behaviour
Risk increases with opaque or high-risk business models
Common PEP Screening Challenges Faced by Regulated Entities
PEP screening is a critical part of AML compliance in the UAE, given the elevated risk of corruption and Money Laundering associated with such individuals. However, Regulated Entities often face several challenges in identifying and monitoring PEPs effectively. These issues can hinder compliance and increase regulatory exposure.
Incomplete or Outdated PEP Databases
Many Regulated Entities rely on third-party databases that may not be regularly updated, leading to missed PEP identifications or continued business with persons who should have been classified as PEPs.
Lack of Risk-Based Classification
Not all PEPs are inherently high-risk, yet some Regulated Entities apply a blanket approach. Conversely, others fail to escalate clear high-risk PEPs due to poor risk-stratification logic.
Over-Reliance on Manual Screening
Without automated solutions, screening results in delays, errors, and operational inefficiency. Manual reviews of vast customer databases increase the chance of oversight.
Inadequate Senior Management Involvement
Many Regulated Entities fail to obtain mandatory approval from senior management when onboarding high-risk PEPs, violating key compliance requirements.
Lack of Clear Policies and Documentation
Poorly defined internal policies and undocumented procedures around PEP screening create gaps in compliance, especially during audits or regulatory inspections.
Weak Source of Wealth Verification
Even when a PEP is identified, many Regulated Entities struggle to effectively verify and document their source of funds or source of wealth, undermining the EDD process.
Struggling with these challenges?
Let us simplify your PEP screening journey. Talk to our experts today.
Best Practices for PEP Screening for Regulated Entities
In the ever-evolving world of compliance, PEP screening isn’t just a checkbox for Regulated Entities, it’s a powerful shield against the risks of ML, TF, and PF crimes. Here’s how Regulated Entities in the UAE maintain screening excellence and stay audit-ready:
Adopt a Risk-Based Mindset, not a One-Size-Fits-All Approach
Regulated Entities must tailor screening based on actual risk exposure from client type, nature of transactions, geographic reach, and business size. Additionally, REs should align their AML/CFT Framework with FATF guidelines and UAE regulations to ensure their resources are focused where they matter most.
Develop Clear Internal SOPs & Escalation Flows
Strong compliance begins with well-documented internal policies. Regulated Entities must define roles, escalation triggers, list update frequency, handling of partial matches, and a client exit strategies in their internal Policies and Procedures. These facilitates in reducing confusion with regards to critical responses. .
Power Up with Smart Technology
Regulated Entities should invest in advanced screening software and APIs that offer real-time alerts, fuzzy logic name matching, and seamless list updates. Tech helps REs to scale, reduce false positives, and act fast when something changes.
Keep Your Team Future-Ready
Regulated Entities must offer regular and practical training sessions to their compliance officers and equip them with the latest AML/CTF techniques, emerging risk indicators, and hands-on platform skills.
Embrace Continuous Monitoring, Not Just Onboarding Checks
A customer’s risk profile can change overnight. Therefore, Regulated Entities must establish ongoing monitoring for new red flags like political exposure, change in ownership, or addition to global watchlists, even after onboarding.
Know Your Sources: Screen from Verified & Diverse Databases
Regulated Entities must ensure that their screening tools pull from reliable, multi-jurisdictional data sources; Official websites of parliaments, ministries, and government departments, Sources for data on political candidates, elected officials, and related political entities. And other reputable commercial data providers. The more accurate the source, the stronger the regulatory compliance.
Need help building any of these best practices into your current framework?
AML UAE help you implement compliance in the smart and Customised way.
Mitigate PEP Screening Challenges: How AML UAE Becomes Your AML Compliance Wingman
At AML UAE, we help businesses comply with PEP screening requirements of UAE’s Federal AML/CFT laws by implementing strong frameworks, policies and internal controls. We know that PEP Screening can be complex and prone to operational challenges. Therefore, to help Regulated Entities efficiently conduct PEP Screening without regulatory slip-ups, we offer end-to-end PEP Screening Services.
PEP Screening Challenges encountered by Screening Analysts
What Are Regulated Entities’ Predicaments
How AML UAE Saves the day!
No Clear Definition of PEPs
“We’re unsure who qualifies — domestic, foreign, close associates?”
We help you define PEP categories per UAE Guidance, FATF definitions, and set clear criteria in your policy framework.
Inconsistent PEP Risk Ratings
“We treat all PEPs the same — but should we?”
We guide you to adopt a risk-based approach — high, medium, low — based on the nature of PEP role, geography, influence & exposure.
Outdated PEP Databases
“Our PEP list is from 2022!”
We integrate with latest leading global PEP databases and PEP Screening APIs updated daily to ensure no miss-outs.
Manual Identification of PEPs
“We rely on declarations… and Google.”
Our automated screening system matches your clients with real-time PEP data. No guesswork or outdated sources.
False Positives from Common Names
“Too many hits… most are irrelevant.”
We calibrate your screening engine with smart fuzzy logic & threshold settings to reduce noise and improve match precision.
Third Party & Indirect PEPs Missed
“Do we even check family members or close associates?”
Yes, and so do we. Our solutions cover extended PEP relationships, including known associates, family ties, and business links.
Weak Onboarding Controls
“PEPs slip through onboarding undetected.”
Our KYC onboarding forms include inbuilt PEP flags with automated alerts and approval workflows for enhanced due diligence.
No Ongoing Monitoring
“We only screen at onboarding — not after.”
We ensure continuous monitoring, alerting you if a client is later appointed as a PEP or gets flagged in external databases.
Untrained Staff
“Our team doesn’t know how to handle PEP hits.”
We provide hands-on PEP compliance training — how to verify, escalate, risk-rate, and handle enhanced due diligence.
Fear of Missing High-Risk PEPs
“What if we miss a high-risk political connection?”
Our ongoing advisory services keep your team updated with PEP typologies, red flags, and UAE-specific expectations.
Let Extensive PEP Screening Leave No Stone Unturned to Achieve Excellence
Despite obligating basic regulatory requirements, Regulated Entities in UAE often fall short of conducting thorough PEP Screening due to inaccurate outcomes, high false positives and over reliance on manual efforts. Therefore, Regulated Entities must rely on tailored solutions and methodologies to conduct comprehensive PEP Screening. This facilitates uncovering risks associated with Politically Exposed Persons and aids in applying commensurate risk mitigation measures.
Need help building any of these best practices into your current framework?
AML UAE help you implement compliance in the smart and Customised way.
