top of page
Search

Politically Exposed Person: who qualifies and what are the compliance risks?


What is a PEP?


The term offshore is often mistakenly associated with a lack of oversight or control. In reality, many offshore jurisdictions require mandatory audits and financial reports, especially when the company reaches certain turnover thresholds, holds significant assets, or belongs to an international group. In this article, we explain how mandatory audits work, when they are required, and why they are essential to ensuring transparency and credibility in an offshore structure.

A Politically Exposed Person (PEP) is an individual who holds or has held prominent public positions, or who is closely associated with such persons, for example, close family members or significant partners/associates. Even if their role is not directly political, their connection to a relevant public function may place them under PEP status.

From a compliance and AML perspective, this status matters because these individuals are, by definition, subject to increased risks: corruption, influence peddling, abuse of power, or money laundering.



Why does this definition matter for compliance?


When an entity establishes a business relationship or transaction with someone who is or may be a PEP, it must apply a risk-based approach. This means that the normal customer procedure is not sufficient: enhanced due diligence (EDD), ongoing monitoring, and additional vigilance are required.


The main challenges include:

  • Correctly identifying whether the customer or beneficial owner is a PEP or is connected to a PEP.

  • Assessing the degree of risk: type of public office, country of operation, nature of the business relationship, origin and destination of funds.

  • Implementing and documenting specific surveillance measures: origin/verification of funds, ownership structure, reputational background.

  • Continuously monitoring the business relationship to detect changes in profile or new violations.

  • Ensuring that reports, internal audits, and compliance policies explicitly incorporate PEP risk.


Failure to implement these measures may lead to reputational risk, regulatory fines, loss of license, or even criminal investigation, depending on the jurisdiction.



Case study in Portugal


To illustrate, let's look at a recent case in Portugal:


José Sócrates, former Prime Minister of Portugal, is now on trial for 22 charges, including passive corruption, money laundering, and tax fraud, involving tens of millions of euros.

Even though the focus of the case goes beyond the simple classification of “PEP,” it clearly highlights the risks associated with people in prominent political positions:

  • The presence of alleged complex and international financial transactions.

  • The involvement of large sums of money, corporate entities, and cross-border transactions.

  • The high public and regulatory impact, ensuring that financial services entities, lawyers, consultants, auditors, or intermediaries must do their part.


This type of case reinforces that, globally, companies and entities must be prepared to deal with customers or counterparties who are PEPs, or are associated with PEPs, even if the country is relatively “quiet” or perceived to have moderate risk.



Best practices for global entities


For entities that operate internationally or have counterparties in multiple jurisdictions, the following best practices are recommended:

  1. Create or review a PEP policy (definition of categories, criteria, and risk levels).

  2. When onboarding customers, screen PEPs, including international databases, adverse databases, and public lists.

  3. Classify the risk of the customer/beneficiary according to public office, country, nature of activity, and exposure to the public.

  4. For high-risk customers: obtain additional documentation (source of funds, corporate structure, and beneficial owners).

  5. Establish continuous monitoring (automatic alerts, periodic reviews, changes in customer profiles).

  6. Ensure regular training of compliance and internal audit teams and maintain complete records of due diligence.

  7. Integrate PEP risks into corporate governance (internal reporting, external audits, and communication with the compliance team).



Conclusion...


PEP status represents a significant risk factor in compliance and AML practices.


Even if the entity or jurisdiction appears to be “low risk,” the presence of a politically exposed person or a person connected to such a person requires that control measures be strengthened. The example in Portugal shows that the consequences are real, visible, and have a reputational and regulatory impact.


At Ancilia, we are prepared to support global organizations in structuring compliance policies that include the identification, classification, and monitoring of PEPs, ensuring that their international structure is protected and compliant.

Comments

bottom of page