A retired backbench MP in a standard-risk jurisdiction and a sitting foreign head of state are both politically exposed persons under current regulatory definitions. They do not present the same risk. Yet many compliance teams apply effectively the same screening intensity to both, producing either unjustified friction at one end of the spectrum or unexamined exposure at the other. A risk-based approach to PEP checks resolves this by calibrating screening intensity to actual risk rather than to a binary status flag. The regulatory framework asks for that calibration; mature screening programmes deliver it.
The Regulatory Basis for Risk-Based PEP Screening
The risk-based approach is not a discretionary refinement. It is the foundation of the UK anti-money laundering regime. The Money Laundering Regulations 2017 require regulated firms to apply enhanced due diligence where a customer or transaction presents higher risk, and to do so in a manner proportionate to the risk identified. The Joint Money Laundering Steering Group (JMLSG) guidance elaborates on what this means in practice, setting out factors that shift a PEP's risk position: the nature of the public function, jurisdictional context, tenure, and the proximity of close associates and family members.
The Financial Conduct Authority has been explicit that proportionate due diligence is an expectation, not a concession. Firms applying uniform enhanced measures to every PEP risk both failing the proportionality test and misallocating compliance resource. Sanctions exposure, money laundering risk, and onward reputational risk are not uniformly distributed across the PEP population, and regulation does not ask firms to treat them as if they were.
A mature screening programme treats this regulatory basis as a mandate for structured tiering, not a suggestion.
A Framework for Tiering PEP Risk
Tiering models vary in granularity, but three tiers is the most practical anchor for most mid-to-large regulated firms. Each tier is defined by a composite of role prominence, jurisdictional risk, PEP status type, and relationship proximity.
Tier 1 covers the highest-risk cases. This typically includes sitting heads of state and heads of government, senior executives of state-owned enterprises, and officials in jurisdictions classified as higher risk by the FATF or by national risk assessments. Immediate family members and close business associates of Tier 1 PEPs warrant equivalent screening measures, with the tier placement documented on a case-by-case basis rather than applied automatically. The risk at this level is not only corruption or sanctions exposure but the political significance that amplifies any adverse finding.
Tier 2 covers mid-level public officials, senior judiciary in standard-risk jurisdictions, members of parliament or equivalent legislative bodies, and senior executives of major state enterprises where the state interest is not dominant. Relationship proximity modifies placement. A close family member of a Tier 1 official may sit in Tier 2 rather than Tier 1 where the circumstances support it, provided the rationale is documented.
Tier 3 covers lower-risk positions. Domestic PEPs with limited discretion over public spending and former officials whose tenure ended more than a designated period ago typically fall here. The domestic PEP vs foreign PEP distinction becomes particularly relevant at this tier. Recent FCA guidance has directed firms to treat UK domestic PEPs at a baseline lower-risk tier in the absence of other indicators, which is a different proposition from a retired senior minister in a higher-risk foreign jurisdiction, even though both may technically qualify as PEPs under current rules.
Effective PEP categorisation requires documented criteria for each tier placement. This is where a structured data layer becomes essential, because tier placement cannot be maintained manually at scale.
Calibrating Enhanced Due Diligence by PEP Tier
Once tiering is in place, enhanced due diligence levels can be mapped to each tier with clear rationale.
At Tier 1, enhanced measures apply in full. Source of wealth and source of funds verification is documented independently, senior management approval is obtained before the relationship is established or continued, and the relationship is subject to frequent review, typically quarterly. Adverse media screening is conducted against the widest source set available, with continuous monitoring in place. Transactional activity is benchmarked against a risk profile and escalated on exception.
At Tier 2, enhanced due diligence is applied proportionately. Source of funds may be evidenced through self-declaration supported by targeted verification, review cycles are typically semi-annual, and monitoring is configured to flag unusual activity patterns rather than all activity. Escalation criteria are documented so that analysts apply them consistently across the book.
At Tier 3, the intensity drops again, but the process does not stop. Annual review remains the minimum, with documented rationale for the tier placement preserved on file. Adverse media screening uses a focused source set. The key discipline here is maintaining a record of why the PEP sits in this tier, because regulatory review will examine the tiering decision as much as the screening output.
This layered structure is what the regulator expects proportionate due diligence to look like in operation. The absence of differentiation across tiers is itself a finding.
Why Risk-Based Tiering Requires Granular PEP Data
Tiered screening only works when the underlying PEP data supports tier placement. A flat list showing only name, date of birth, and PEP flag cannot sustain a risk-based process.
The required data includes role type with a controlled classification of public functions, jurisdiction with a risk rating aligned to international standards, tenure so the data reflects both current and historical exposure, and relationship mapping that links the PEP to family members, close associates, and beneficial ownership interests. Without this structure, PEP risk tiers collapse back into binary screening, and the firm loses the proportionality that the regulation rewards.
Granular data is also what makes PEP categorisation reviewable. When a tier placement is questioned, either internally at the three-lines-of-defence level or externally by a regulator, the underlying attributes must be visible and traceable back to their source. A manual tier placement without documented data support is a finding waiting to be made. Structured PEP data turns tiering from an analyst judgement into an evidenced decision, which is the difference between a defensible programme and one that merely applies effort.
How Nexis Diligence+ Supports Tiered PEP Screening
Nexis Diligence+™ is built as a structured investigative environment for this kind of risk-based screening. PEP profiles within the platform carry structured attributes across role, jurisdiction, tenure, and relationship, enabling tier placement to be evidenced rather than asserted.
Relationship mapping surfaces close family members and known associates, which is essential for placing related persons within the correct tier under JMLSG guidance. Configurable sensitivity settings allow screening thresholds to be adjusted per tier: a Tier 1 review can be tuned to accept more potential matches for analyst review, while a Tier 3 review uses tighter thresholds to reduce noise without missing material findings. Monitoring frequency can be set per customer record, aligning ongoing monitoring to the tier rather than applying uniform review cycles across the book.
Adverse media content is classified against structured risk categories, so analysts conducting a politically exposed persons risk assessment at any tier can focus on the categories relevant to that profile rather than triaging unsorted results. The underlying adverse media data is drawn from licensed global sources with historical depth, which is what gives Tier 1 reviews the evidential weight that senior management approval workflows require. The same data layer supports adjacent KYC and sanctions workflows, which is how risk-based PEP screening integrates with the wider compliance programme rather than sitting alongside it.
Move Beyond Binary PEP Screening
Final Thoughts
Mature PEP screening is defined by how well screening intensity matches actual risk. Uniform treatment across PEPs misreads the regulation and misallocates resource. Tiered screening, supported by granular data and proportionate enhanced due diligence levels, does what the regulatory framework asks for: focused attention where risk is material, documented judgement where it is not.