The Core Definition
Sanctions Screening is the process of checking individuals and entities against government blacklists (like OFAC or the UN) to prevent financial interaction with terrorists, criminals, or embargoed nations.
PEP Screening is the process of identifying Politically Exposed Persons (like government officials) who represent a higher risk for bribery and corruption.
While being Sanctioned means “Do Not Do Business,” being a PEP means “Do Business with Extreme Caution (Enhanced Due Diligence).”
For any regulated business – from a global bank to a local real estate agent – screening customers against international watchlists is not optional. It is a legal requirement under AML/CTF laws.
However, the challenge in 2026 isn’t just “checking a list.” It is managing the sheer volume of data. With global sanctions lists changing daily, manual checks are no longer sustainable.
Here is your definitive guide to understanding these lists, the different risk tiers, and how to handle the inevitable “False Positives.”
Key Takeaways
- Zero Tolerance: You generally cannot transact with anyone on a Sanctions list (Strict Liability).
- Risk Management: You can transact with PEPs, but you must identify their Source of Wealth.
- The “RCA” Trap: Family members and close associates of politicians are also PEPs.
- Fuzzy Logic: Modern software uses “Fuzzy Matching” to catch criminals who slightly alter their names.
What is a Sanctions List?
Sanctions are political and economic tools governments use to deter crime and terrorism. If you process a transaction for a sanctioned entity, you risk massive fines and prison time.
The Big 3 Lists You Must Monitor:
- OFAC (USA): The Office of Foreign Assets Control. This is the most aggressive list globally.
- UN (United Nations): Global sanctions usually focused on terrorism and nuclear proliferation.
- HMT/EU (UK & Europe): Specific to the UK Treasury and European Union member states.
Note: Depending on your location, you may also need to check local lists like AUSTRAC (Australia) or OSFI (Canada).
What is a Politically Exposed Person (PEP)?
A PEP is not necessarily a criminal. They are simply individuals in positions of power who could abuse that power for money laundering.
Regulators often classify PEPs into 4 Risk Tiers.
| Tier | Category | Examples | Risk Level |
| Tier 1 | International PEPs | Heads of State, Prime Ministers, Heads of Military. | Critical |
| Tier 2 | National PEPs | MPs, Senators, High Court Judges, Ambassadors. | High |
| Tier 3 | Regional PEPs | Mayors, Senior City Officials. | Medium |
| Tier 4 | RCAs | Relatives & Close Associates (Spouses, Children, Business Partners of the above). | Variable |
The “RCA” Blindspot
Most businesses forget Tier 4. If a Minister of Finance is corrupt, they rarely put the dirty money in their own name. They put it in their spouse’s or child’s account. Therefore, screening for Relatives and Close Associates (RCAs) is just as critical as screening the politician.
Handling False Positives
The biggest pain point in screening is the “False Positive” – when your system flags “John Smith” as a terrorist because he shares a name with a bad actor.
Why does this happen?
- Common Names: There are thousands of people named “Mohammed Ali” or “Maria Garcia.”
- Fuzzy Matching: Compliance software uses “Fuzzy Logic” to catch spelling variations (e.g., Gaddafi vs Qaddafi). If the sensitivity is set too high, it flags innocent people.
How to reduce them:
- Secondary Data: Don’t just match on Name. Match on Date of Birth and Country.
- Contextual Screening: If your client is a 20-year-old student in London, they are likely not the 60-year-old General on the sanctions list, even if the names match.
- Automated Remediation: Use an intelligent screening platform that learns to “allowlist” false positives so you don’t flag the same innocent customer twice.
Ongoing Monitoring vs. One-Time Checks
A common mistake is checking a customer only during onboarding.
The Scenario:
You onboard a clean client on Monday. On Tuesday, a geopolitical event occurs, and that client is added to the OFAC Sanctions list. If you don’t check again, you are now facilitating illegal transactions.
The Solution:
You must implement Ongoing Monitoring. This means your system automatically rescans your entire customer database every night against the updated watchlists, alerting you only to new matches.
Summary
Screening is the shield that protects your business from regulatory enforcement.
Whether you are identifying a UBO hiding behind a shell company or ensuring a PEP isn’t using illicit funds, the goal is clarity. By using automated tools with smart “Fuzzy Matching,” you can filter out the noise and focus on the real risks.
Frequently Asked Questions (FAQ)
1. Can I do business with a PEP?
Yes, generally. Being a PEP is not a crime. However, you must apply Enhanced Due Diligence (EDD). This usually means verifying their Source of Funds (SoF) and getting senior management approval before onboarding them.
2. How often should I screen my customers?
Sanctions lists change daily. Best practice is Daily Ongoing Monitoring. At a minimum, low-risk businesses should re-screen their database monthly or whenever a customer’s risk profile changes.
3. What is the difference between a Sanction and an Embargo?
A Sanction usually targets specific individuals or companies (e.g., freezing the assets of a specific oligarch). An Embargo targets an entire country (e.g., banning all trade with North Korea or Iran).
4. Are family members of politicians considered PEPs?
Yes. They are classified as RCAs (Relatives and Close Associates). They carry a similar risk profile because they are often used as conduits for laundered funds.
