What is a PEP? The definition is changing.
In this blog post I will attempt to address important questions such as:
- What is a PEP if not the definition of the words in the acronym?
- My mate Dave once met the PM and said he was a good bloke. Is he now politically exposed?
- Is there a global standard for what a PEP is? And, does Australia follow this standard?
- What about a high profile billionaire businessman who took on a "consulting and advisory" role within a government department but was never a direct employee of said government (which shall remain nameless)?
- Would Tony Stark be a PEP you reckon?
- What about Kevin07?
That last one is a definite yes. Australia's most illustrious (some would say) prior prime minister-cum-American-diplomat held an ambassadorial role until March this year. So he is a PEP, or a former PEP⦠at least for now.
"Well hang on", you might say "for now? That's not very helpful."
And, you'd be right. Which is why the great sport of PEP defining can often be as much art as science.
PEP; if you need the definition, stands for a Politically Exposed Person. But not everyone exposed to politics is a PEP and anyone who is an exposed person probably shouldn't be in politics.
The Global View: FATF and Politically Exposed Persons
Let's get some nomenclature, background and definitions out of the way first.
- A PEP (Politically Exposed Person) is someone who holds or has held a prominent public function and is as such subject to enhanced AML/CTF scrutiny.
- FATF (the Financial Action Task Force) defines three PEP categories: Foreign, Domestic and International Organisation PEPs.
- Australia's AML/CTF Amendment Act 2024 has updated PEP obligations from 31 March 2026.
- The changes include more specific PEP definitions, codified family member rules, new former PEP requirements and legislated ongoing monitoring.
As perfectly and flawlessly outlined above with my Kevin07 example, a "Politically Exposed Person", or PEP, is someone who holds (or has held) a prominent public function. Think heads of state, senior politicians, high-ranking military officials, senior executives of state-owned enterprises, and important judicial figures. The idea isn't that these people are necessarily doing anything wrong, it's that their position gives them access to power, influence, and public funds in a way that creates a higher risk of corruption and increased opportunity for, or risk of, money laundering.
The term, PEP, was formalised by the Financial Action Task Force (FATF) way back in 2003. FATF is the international body that sets the standards for anti-money laundering (AML) and counter-terrorism financing (CTF) worldwide, but not all countries do it all the same way. Until very recently, Australia was a little bit of a rebel. And not the cool π€ Ned Kelly rebel, more like the obnoxious and really-into-conspiracy-theories weird uncle rebel. But don't worry, Tranche2 will fix all of that right up.
Taking a global perspective, FATF breaks PEPs into three broad categories:
Foreign PEPs are individuals who hold prominent public functions in another country. Under FATF standards, these always require enhanced due diligence (EDD). No ifs, ands, or buts.
Domestic PEPs are individuals who hold prominent public functions within your own country. FATF recommends a risk-based approach here. You don't necessarily need to apply EDD to every single one, but you do need to assess the risk.
International organisation PEPs are senior figures in bodies like the United Nations, the World Bank, the International Monetary Fund (IMF), and similar organisations. These also warrant closer scrutiny.
Importantly, FATF doesn't just stop at the PEP themselves. Family members and close associates of PEPs are also considered higher risk, because corrupt funds don't always flow through the most publicly visible channels. What a shocker.
Australia's AML/CTF Reforms 2026: What's Changing for PEPs
This is where it gets interesting and why you're probably reading this. Although, I do honestly hope you're reading only to know which PM my mate Dave met. In any case, I'll use the very high-tech emojis π¨ and π¬ to indicate whether the changes require you to make use of more art π¨ or science π¬ respectively.
The Australian Government passed the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024, which introduces significant reforms to Australia's AML/CTF regime. These changes are about bringing Australia into closer alignment with FATF standards ahead of Australia's upcoming FATF mutual evaluation, and when it comes to PEPs, that means some things are getting tighter, and some things are actually getting simpler. About time!
What's Getting Tighter
π¬ Much more specific PEP definitions in the legislation. The amended Act now spells out exactly which positions and roles make someone a domestic PEP. We're talking members of Commonwealth, state, or territory legislatures, members of the governing bodies of political parties represented in those legislatures, heads of government departments and agencies, heads of local government councils, chairs, CEOs and CFOs of state or territory-owned companies, and more. The old, somewhat vague notion of "holds a prominent public position" has been replaced with a detailed list. The same goes for foreign PEPs and international organisation PEPs. The definitions are now significantly more granular and you will likely need to update your own internal definitions of what a PEP is. Would you have previously flagged the CEO of the local water authority? What about the head of finance for a state-sponsored urban development project? You'll likely need to update your definitions here.
π¬ Family members and close associates are explicitly defined. The reforms codify who counts as a family member or close associate of a PEP. This isn't left to interpretation anymore, the Act sets it out. Your screening processes need to capture these relationships across all three PEP categories. Practically what this might mean is if a PEP's business partner co-owns a company with them, that partner is a close associate. If someone holds a trust on behalf of a PEP, same deal. And it's not just your direct customer you need to screen. The reforms require you to establish PEP status for beneficial owners and persons on whose behalf your customer is receiving services at onboarding, not just as part of ongoing monitoring down the track. So if a company walks through the door and one of its beneficial owners is a foreign PEP, that's an enhanced customer due diligence (ECDD) trigger; a more thorough check, from day one.
π¨ Former PEPs now require senior manager approval. Under the new rules, when someone leaves a position that made them a PEP, they're no longer a PEP β that hasn't changed. But there's a new requirement: your AML/CTF policies must ensure that senior manager approval is obtained to provide a designated service (that is, a service regulated under the Act) to; or continue a business relationship with, someone who was previously a PEP if their former status still affects their ML/TF risk. This is a step up from the current position, where former PEPs simply fell out of the framework unless you independently assessed them as high-risk. In reality, you're going to want to ask yourself how long ago they were a PEP, what they do now and whether or not there's a risk. An ex-PM is probably still highly politically exposed many years after leaving office. But is a one-time local mayor equally risky? You're going to need to make a decision based on the broader context.
π¨ π¬ Source of funds and source of wealth for more PEP types. Under the current rules, establishing source of funds and source of wealth is mainly triggered by foreign PEPs and other high-risk customers. The reforms explicitly require you to establish source of funds and source of wealth for foreign PEPs and for high-risk domestic or international organisation PEPs. It's now right there in the legislation.
π¨ Ongoing monitoring is now a legislative requirement. You must take reasonable steps to monitor your customers to determine if they (or their beneficial owners, or persons on whose behalf they're receiving services) become a PEP during the relationship. This includes things like asking questions when you reverify KYC information, periodically conducting open-source or database checks, and watching for transactions that suggest a customer's circumstances may have changed. The rabbit-hole can go deep here, so screen direct customers, beneficiaries and close associates where possible.
What's Getting Simpler
It's not all about new paperwork and obligations though. The reforms also simplify some things that have been unnecessarily burdensome.
π¨ No more Part A / Part B program structure. The old requirement to split your AML/CTF program into Part A and Part B is gone. You can now organise your program however you like, as long as it meets the requirements of the Act. This is a shift to an outcomes-focused, risk-based approach rather than the prescriptive two-part model that's been in place since 2006.
π¬ Simplified CDD for genuinely low-risk customers. The reforms introduce a formal simplified CDD pathway. If a customer's ML/TF risk is low and no enhanced CDD triggers apply, you may be able to streamline your due diligence. Under simplified CDD, "close associates" like beneficial ownership and agency relationships can be deemed to be established in certain circumstances, for example, for government bodies, prudentially supervised entities, or owners' corporations. You still need to establish identity and PEP/sanctions status, but the overall process is lighter.
π¨ A more proportionate approach to domestic and international organisation PEPs. The reformed framework keeps the risk-based approach for domestic and international organisation PEPs. ECDD only kicks in when their ML/TF risk is assessed as high, or when one of the other enhanced CDD triggers applies (like a suspicious matter reporting obligation). If a domestic PEP is assessed as low risk, you don't need to throw the full ECDD book at them. This brings clarity to what was previously a somewhat ambiguous area.
π¬ Clearer triggers for enhanced CDD. Rather than leaving it to each business to figure out when ECDD should apply, the amended Act sets out specific triggers. These include the customer being a foreign PEP, the ML/TF risk of the customer being high, a suspicious matter reporting obligation arising, and several others. This makes it easier to build consistent, defensible processes.
Preparing for Australia's PEP Reforms
PEPs have always been a cornerstone of AML/CTF compliance globally, but Australia is now catching up with a more comprehensive and clearly defined framework. The changes coming into effect on 31 March 2026 are significant, and they'll require a few tweaks to implement properly. Tweaks that we've already made to BNDRY, maybe you want to come and say hello? Maybe ask more about my mate Dave?
Regardless, you still have time to prepare, and we can help you simplify your customer due diligence operations to make this sort of stuff much simpler to manage.
If you'd like to chat about how BNDRY can help you navigate the new PEP requirements, we'd love to hear from you. Compliance doesn't have to be painful.
Bonus Round
- My mate Dave once met the PM and said he was a good bloke. Is he now politically exposed? It was Scott Morrison, and no. Dave may be exposed, but not politically.
- What about a high profile billionaire businessman who took on a "consulting and advisory" role within a government department but was never a direct employee of said government (which shall remain nameless)? This one.. I wishβ¦ Likeβ¦ Sure. They should be. But technically, they aren't. Did they hold a formal government position? You need to use some art-based judgement here. Do you think there's a risk? If so, flag it. If you have customers that fit this criteria, flag them as a foreign PEP and implement the right controls. Escalate. But also, yes. π¨
- Would Tony Stark be a PEP you reckon? Yes, in the Marvel Universe Tony becomes the Secretary of Defence. He is PEP. You should always follow ECDD on anyone presenting as Tony Stark. π¬
- What about Kevin07? Yes. π¬
β
This article is intended as general information only and does not constitute legal advice. For specific guidance on your obligations, please consult a qualified legal professional.
This article is intended as general information only and does not constitute legal advice. For specific guidance on your obligations, please consult a qualified legal professional.