PEPs in the UAE: When to Report, When to Just Assess

PEP Compliance Checklist and Reporting Rules Under UAE AML Law


CEOs: Don’t Let a PEP Sink Your Business

Not every PEP needs to be reported. But failing to act on the ones that do? That can destroy your reputation and your license.

Politically Exposed Persons (PEPs) represent some of the highest compliance risks in AML. Whether you’re a real estate firm, gold trader, or corporate service provider, it’s no longer enough to simply screen against sanctions. PEP risk must be actively assessed, documented, and handled, or you could face severe penalties during inspections.

Let’s break down what to report, what to document, and what regulators expect.

What Is a PEP in the UAE?

A PEP (Politically Exposed Person) is someone who holds or has held a prominent public position, such as:

  • Senior government officials
  • Judiciary or military leaders
  • Political party executives
  • Immediate family members and close associates of any of the above

The UAE follows FATF guidelines and enforces local definitions through Cabinet Decision No. (74) of 2020. Importantly, PEPs are not necessarily criminals or sanctioned, but their position exposes them to higher risk.

Types of PEPs:

  • Domestic PEPs: Individuals who are or have been entrusted with prominent public functions within the UAE.
  • Foreign PEPs: Individuals who are or have been entrusted with public functions in another country.
  • International Organization PEPs: Senior officials, directors, or board members of international organizations (e.g., UN, IMF).
  • Family Members and Close Associates (RCAs): Spouses, children, parents, or known close associates of PEPs.

This classification helps institutions apply appropriate levels of risk-based due diligence.

Why PEPs Matter, Even When Not Sanctioned

Unlike sanctions, there is no universal list of who counts as a PEP. That means the burden is on you to identify, assess, and mitigate the risk. Here’s why:

  • Reputational Risk: A transaction with a questionable PEP can spark negative media attention.
  • Regulatory Risk: Failing to screen or assess a PEP is a violation of Cabinet Resolution No. (10) of 2019.
  • Operational Risk: PEPs can hide behind proxies, family members, or layers of entities.

When to Just Assess (No STR/SAR Needed)

If a customer is identified as a PEP, but:

  • They are not on any sanctions list, and
  • Their source of funds and wealth is clear and documented, and
  • There is no suspicious transaction behavior,

Then: No report to goAML is required.

However:

  • You must document your enhanced due diligence (EDD).
  • You should retain a PEP Risk Profile internally.
  • You must apply ongoing monitoring.


When to Report a PEP (goAML STR/SAR Required)

You must report when:

  • There are suspicious transactions involving a PEP
  • You suspect misuse of influence, corruption, or hidden ownership
  • The source of funds is unclear or inconsistent

Examples:

  • A PEP buys property in cash through a proxy
  • A close associate of a government official receives unexplained deposits
  • A client refuses to provide source of wealth

What Inspectors Look For

Even if you haven’t filed any STRs for PEPs, the Ministry of Economy may ask:

  • How do you identify and flag PEPs?
  • Do you have a PEP list or screening tool?
  • Where are your EDD records?
  • Who approved the onboarding of the PEP?

They don’t just check for reports. They check for systems, files, and decisions.

How InfoAML Helps You Handle PEPs the Right Way

InfoAML makes it easy to detect, assess, and document Politically Exposed Persons (PEPs) in full compliance with UAE AML regulations:

  • Dual-language screening: Every customer is screened using both their primary (Arabic or English) and secondary name across a comprehensive PEP dataset of over 700,000 records from OpenSanctions.
  • PEP flag display: When a match is found, a PEP flag is shown directly in the customer profile. Hovering over the flag reveals detailed match insights.
  • Integrated risk view: The PEP flag is also visible within the Risk Assessment screen, helping MLROs factor this into Enhanced Due Diligence (EDD) decisions.
  • Reporting-ready: PEP flags appear in the Customer Information Report, making it easy to support EDD reviews and demonstrate oversight during inspections.
  • EDD/MLRO Workflow Support: PEP screening is not treated as a one-off check, it’s built into the EDD review process and aligns with internal compliance investigations.

With InfoAML, you're not just ticking a box. You're maintaining full visibility, auditability, and readiness across all your high-risk profiles, including PEPs.

PEP Handling Checklist:

  • PEP identification through reliable screening
  • Internal risk classification (low/med/high)
  • EDD documentation on file
  • Senior management approval
  • Ongoing transaction monitoring
  • goAML STR only when suspicion arises

Book a Free Demo

See how InfoAML simplifies your PEP handling, documentation, and audit readiness.

👋 Book a Free Demo Now

Share this post
Our blogs
The Complete AML Inspection Readiness Checklist for UAE Businesses
Everything You’ll Be Asked For