Compliance reference · PEPs
Politically Exposed Persons (PEPs): A Reference Guide
A plain-language explainer of what a Politically Exposed Person (PEP) is, why FATF Recommendation 12 requires enhanced due diligence on them, how we classify PEPs by seniority and government branch, and how long a former PEP keeps that status. Companion to our AML/CFT jurisdiction guides.
Last updated 2026-07-08
Politically Exposed Persons (PEPs): A Reference Guide
A politically exposed person (PEP) is someone who holds, or has held, a prominent public function — a head of state, a cabinet minister, a senior judge, a top military or intelligence official, a central bank governor, a senior legislator, an ambassador, an executive at a state-owned company, or a senior official at an international organization. PEPs are not accused of wrongdoing by virtue of the label. The designation exists because people in these positions have more opportunity than most to abuse public office for private gain — through bribery, embezzlement, or channeling illicit funds through the financial system — so global AML/CFT standards require financial institutions to look more closely at them and their transactions than at an ordinary customer.
This guide explains where that requirement comes from, what "PEP" actually covers, and how our coverage is organized: by seniority, by branch of government, and by how long a person keeps the flag after leaving office.
General information, not legal advice. This material is provided for general informational purposes and reflects publicly available sources as of 8 July 2026. It is not legal advice and may not reflect the most recent changes. Confirm any obligation against the relevant primary authority, or your own regulator's guidance, before relying on it.
Why PEPs require enhanced due diligence
The requirement to screen for PEPs comes from the same body that sets the global AML/CFT baseline discussed in our AML/CFT reference guide: the Financial Action Task Force (FATF).
FATF Recommendation 12 requires financial institutions, in addition to standard customer due diligence, to:
- have risk management systems to determine whether a customer or beneficial owner is a PEP;
- obtain senior management approval before establishing (or continuing) a business relationship with a PEP;
- take reasonable measures to establish the source of wealth and source of funds of PEPs and their beneficial owners; and
- conduct enhanced, ongoing monitoring of the relationship.
FATF Recommendation 12 and its Interpretive Note distinguish three categories of PEP, plus a related fourth:
- Domestic PEPs — entrusted with a prominent public function within the customer's own country.
- Foreign PEPs — entrusted with a prominent public function by another country.
- International-organization PEPs — entrusted with a prominent function by an international organization (the UN, IMF, World Bank, NATO, and similar bodies).
- Family members and close associates (RCA) — not PEPs themselves, but flagged because of their closeness to one. Under the FATF standard this typically covers spouses/partners, children and their spouses/partners, and parents (family), plus people with joint beneficial ownership of an entity with the PEP, known close business relations, or sole beneficial ownership of an entity known to exist for the PEP's benefit (close associates).
Domestic, foreign, and international is a matter of perspective, not a fixed label. The same person is a "foreign PEP" to a bank in another country and a "domestic PEP" to a bank in their own — so we do not maintain separate domestic/foreign data tracks. What we do fix, at the point we add a person to our data, is how senior their position is. That is the levelling model below.
The EU's Anti-Money Laundering Directive (Directive (EU) 2015/849, as amended) implements Recommendation 12 with its own binding rule, discussed under current vs. former status below.
How we classify PEPs
Rather than treating "PEP" as a single flat flag, we classify every PEP along two independent dimensions: which branch of government the position sits in, and how senior it is.
Government branches
We tag every public-sector position against one of nine branches of government, so a customer can filter or reason about PEP exposure by the kind of role involved, not just a yes/no flag:
| Branch | What it covers |
|---|---|
| Executive | Heads of state and government, and the cabinet/council of ministers. |
| Legislature | National and subnational elected or appointed lawmaking bodies. |
| Judiciary | Apex and constitutional courts — supreme courts, constitutional courts, and equivalent bodies whose decisions are not subject to further appeal. |
| Military / security | Top uniformed military leadership and the heads of the principal intelligence and internal-security services. |
| Central bank / monetary authority | The governor, chair, and senior policy-setting officials of the institution that sets monetary policy and/or acts as prudential regulator. |
| State-owned enterprises (SOEs) | The board and executive leadership of majority state-owned commercial entities — airlines, energy companies, banks, telecoms, rail. |
| International-organization officials | Heads and senior officials of the UN and its agencies, the IMF, World Bank, WTO, NATO, INTERPOL, and equivalent bodies — FATF's "international PEP" category, applicable to nationals of any country. |
| Subnational / regional government | Governors, premiers, and legislators below the national level, and mayors of major cities. |
| Political party leadership | Senior party leadership, independent of whether the individual also holds public office — most significant in one-party or dominant-party systems, where party rank is often a stronger risk signal than titular office. |
Not every branch applies in every country — a city-state has no subnational tier, and an absolute monarchy may fold the executive and ceremonial head-of-state functions together. Country-specific coverage reflects each jurisdiction's actual government structure rather than forcing a uniform template onto every country.
Seniority: Level 1, Level 2, Level 3, and RCA
Within each branch, we rank positions into four seniority levels. This is the single most useful signal for risk-weighting a PEP match, because "PEP" by itself spans everyone from a head of state to a provincial council member, and those carry very different risk profiles.
| Level | What it means | Typical examples |
|---|---|---|
| Level 1 | The apex of state power. | Heads of state and government, cabinet ministers, apex/constitutional judges, the top military commander and principal intelligence chiefs, the central bank governor, heads of international organizations. |
| Level 2 | Senior officials one step below the apex. | National legislators, ambassadors and senior diplomats, deputy ministers and agency heads, senior central-bank policy committee members, state-owned-enterprise board members and executives, deputy heads of international organizations. |
| Level 3 | Subnational and lower-visibility senior roles. | Subnational/regional legislators and executives, mayors of non-major cities, senior political party leadership, senior international-organization officials below deputy-head level. |
| RCA | Family members and close associates of a Level 1 or Level 2 PEP (see the FATF definitions above). | Spouses, children, parents, and known close business associates of a senior PEP. |
A position's level is about how senior and high-risk the role is — it is a separate question from which country the person is in, or how quickly we added coverage for that country. A head of state in a jurisdiction we cover only recently is still a Level 1 PEP the moment we do cover them.
Current vs. former status, and how long the flag lasts
Every PEP record carries a current or former status, based on the dates a person actually held the position — never hand-maintained, and never a permanent judgment call by us.
The harder question is how long a former PEP keeps the flag. FATF Recommendation 12's Interpretive Note is deliberately non-prescriptive here: it requires firms to apply risk-based measures "for as long as appropriate" after someone leaves office, based on their continuing influence and the ongoing risk — a standard, not a clock. The EU's AMLD sets the one hard floor in the space: enhanced due diligence must continue for at least 12 months after a person ceases to hold a prominent public function, and longer wherever the individual risk still warrants it.
We publish a concrete retention methodology built on top of that floor, tied to the seniority levels above:
| Level | Retained as a PEP for | Why |
|---|---|---|
| Level 1 | 50 years after leaving office | Heads of state, cabinet, apex judiciary, top military/intelligence, and central bank governors carry enduring influence and reputational risk well beyond any single term — in practice, this reads as retention for effectively the rest of a person's public life. |
| Level 2 | 20 years after leaving office | National legislators, ambassadors, senior civil servants, and SOE leadership — a long window, reflecting a real but less enduring risk than Level 1. |
| Level 3 | 5 years after leaving office | Subnational officials and party leadership — the shortest window, well above the EU's 12-month floor, reflecting genuine but comparatively lower and more localized risk. |
| RCA | Inherits the underlying PEP's own window (falls back to 5 years if no anchor PEP is resolved) | A family member or close associate's exposure tracks the person they're connected to. |
Two things follow from this. First, the flag and full record are retained through the window above — we do not silently delete a person's PEP history once they leave office, because the risk (and the historical record of who held a position) does not disappear on the day someone's term ends. Second, when the window lapses, the change in status is a product of the published methodology, not a one-off manual decision — so the same rule applies consistently across every jurisdiction we cover.
Coverage: how broad, and how we prioritize it
PEP data is inherently harder to consolidate than sanctions data. A sanctions list is issued by a single authority (OFAC, the EU Council, HM Treasury) in one place, on a predictable schedule. A country's PEP universe, by contrast, is scattered across dozens of independent sources — a parliament's members directory, a cabinet's "who's who" page, a central bank's leadership page, a state-owned enterprise's annual report — each with its own format, update cadence, and disclosure quality. There is no single, universally-adopted register of "every PEP in the world" the way there is a single OFAC SDN list for US sanctions.
We prioritize building that coverage out in three tiers, the same sourcing-priority structure we use for sanctions data:
- Tier-1 — five sovereign jurisdictions with full, dedicated national coverage across every applicable government branch (executive, legislature, judiciary, military, central bank, SOEs, subnational, and party leadership), plus two cross-jurisdictional overlays that sit on top of national coverage rather than replacing it: an EU institutional layer (the European Commission, European Parliament, Court of Justice of the EU, European Central Bank, and Committee of the Regions — applying across all EU member states regardless of each member's own national tier) and a UN/international-organization layer (heads and senior officials of the UN, IMF, World Bank, WTO, NATO, and equivalent bodies, tracked as a role-based overlay rather than a country).
- Tier-2 — 42 further jurisdictions with coverage of the branches that matter most for that country's government structure, typically the national executive and legislature plus, where relevant, a subnational tier.
- Tier-3 — a further 152 jurisdictions, covering the remainder of the world's sovereign and near-sovereign states through a broad, systematic sourcing approach rather than a bespoke build-out per country.
Across all three tiers, coverage spans 199 jurisdictions and the full nine-branch taxonomy above — public office, the judiciary, the military and security services, central banks, state-owned enterprises, subnational government, party leadership, and international organizations. A jurisdiction's tier reflects how soon and how deeply we build out its coverage; it is not a judgment about how important PEPs from that jurisdiction are — a tier-3 country's head of state is exactly as much a Level 1 PEP as a tier-1 country's.
For the specific list of sources feeding each jurisdiction, see the public data catalog once published.
How PEP screening fits alongside sanctions screening
A PEP designation and a sanctions designation are different things, sourced differently and carrying different legal consequences — a sanctions listing generally requires you to freeze assets and refuse dealings; a PEP flag requires enhanced due diligence, not a block. But in practice, compliance teams screen for both in the same workflow, because both are checks you run against every customer at onboarding and on an ongoing basis, and a person can be both at once (a sanctioned individual who is also a serving official, for instance). Our PEP coverage is built to sit inside the same screening pipeline as our sanctions and watchlist coverage — same lineage discipline (every PEP record traces to a named source and an as-of date), same current/former derivation logic, same audit trail.
See our AML/CFT reference guide for how enhanced due diligence for PEPs fits into the broader customer due diligence obligation, and our jurisdiction-specific guides (for example, United States, European Union, United Kingdom) for how each regime implements Recommendation 12 domestically.
Sources and primary authorities
URLs checked 2026-07-08.
| # | Topic | Source | URL |
|---|---|---|---|
| 1 | FATF Recommendation 12 and Interpretive Note (PEP definitions, EDD requirements) | FATF | https://www.fatf-gafi.org/en/publications/Fatfrecommendations/Fatf-recommendations.html |
| 2 | FATF guidance on politically exposed persons (Recommendations 12 and 22) | FATF | https://www.fatf-gafi.org/en/publications/Fatfrecommendations/Peps-r12-r22.html |
| 3 | EU AMLD — Directive (EU) 2015/849, Article 22 (12-month floor on continuing EDD after a person ceases to be a PEP) | EUR-Lex | https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex:32015L0849 |
This guide is general information, not legal advice, and is current as of 2026-07-08. Our own PEP levelling and retention methodology (branches, levels, and the current/former decay windows above) is our published approach to organizing publicly available official data — it is not a claim about any individual's culpability, and it does not substitute for your own risk-based program.
Keep this reference current
Monthly sanctions & PEP enforcement digest
New designations, enforcement actions, and coverage updates — the monthly digest for compliance and MLRO teams.