Politically Exposed Persons (PEP) Policy¶
| Code | AML-004 |
| Domain | AML / Financial Crime |
| Owner | Chief Compliance Officer |
| Status | Draft |
| Applicability | Platform |
| Jurisdiction | NZ + AU |
| Business domain | BD07 |
| Review date | 2027-03-25 |
Regulations: AML/CFT Act 2009 · AML/CTF Act 2006 · FATF 40 Recommendations¶
Purpose¶
Govern the identification, enhanced due diligence, and ongoing monitoring obligations for Politically Exposed Persons and their associates.
Scope¶
All customer onboarding and relationship review processes where a PEP designation is identified or suspected.
Policy statements¶
The platform SHALL screen all customers against PEP databases at onboarding, at each periodic review, and within 24 hours of any update to the PEP screening list.
A customer SHALL be designated as a PEP if they hold or have held a prominent public function, or if they are an immediate family member or known associate of such a person.
PEP status SHALL result in automatic elevation to high-risk. All PEP relationships SHALL require EDD as defined in AML-003 and senior management approval before onboarding or continuation.
The source of wealth and source of funds for a PEP SHALL be documented and verified. The platform SHALL not onboard a PEP relationship where source of wealth cannot be reasonably established.
PEP relationships SHALL be reviewed annually. The review SHALL include updated source of funds verification and confirmation of the continuing basis for the relationship.
Former PEPs SHALL remain subject to enhanced scrutiny for a period of at least 12 months after leaving public office, subject to risk assessment.
Where a PEP relationship is identified post-onboarding, the account SHALL be flagged for immediate EDD. If EDD cannot be completed within 30 days, the account SHALL be restricted.
Satisfying modules¶
| Module | Name | Mode | Description |
|---|---|---|---|
| MOD-010 | CDD tier assignment engine | ALERT |
PEP detection triggers EDD tier and senior management notification flag — no human decision required to escalate |
| MOD-096 | Multi-entity party graph manager | GATE |
Entity graph relationships with elevated risk indicators trigger enhanced due diligence via the existing EDD workflow before the relationship is confirmed. |
| MOD-133 | Trust account management | GATE |
Trust accounts are treated as inherently higher-risk for AML purposes; enhanced due diligence is required for all trust accounts at opening and on any trigger event before the account or change takes effect. |
| MOD-153 | Customer acceptance engine | GATE |
PEP status is an explicit rule input; a PEP customer cannot be accepted without EDD completion on record — the gate enforces this with no override path below the compliance officer role. |
Part of AML / Financial Crime · Governance overview
Compiled 2026-05-22 from source/entities/policies/AML-004.yaml