(02) 4964 4055
[email protected]
Book A Call

PEP Check vs DFAT Check: 7 Critical AML/CTF Compliance Differences in Australia

PEP check vs DFAT check

PEP check vs DFAT check requirements are commonly misunderstood within AML/CTF compliance programs. Although both checks form part of customer due diligence procedures, they serve very different purposes under Australia’s AML/CTF framework.

Understanding the difference between a PEP check vs DFAT check helps licensed venues, gaming staff, compliance officers, and reporting entities apply the correct response, reduce compliance risk, and align with AUSTRAC expectations.

This guide explains when to conduct each check, why they matter, and how organisations should respond when a match is identified.

What is a PEP Check? 

A Politically Exposed Person (PEP) is someone who holds a prominent public position or has influence over government decisions or public funds.

This includes:

  • Politicians (e.g. Members of Parliament)
  • Senior government officials
  • Judges
  • Military leaders
  • Executives of government-owned organisations
  • Close family members or associates of these individuals

The Australian Transaction Reports and Analysis Centre provides guidance on identifying and managing PEPs.

Why PEPs Matter 

PEPs are considered higher risk because they may have:

  • Access to public funds
  • Influence over decisions
  • Greater exposure to bribery or corruption risks

Importantly:

A PEP is not doing anything wrong — they simply require additional scrutiny and monitoring.

Understanding a PEP check vs DFAT check is important because a PEP is not automatically prohibited from accessing services.

What is a DFAT Check? 

A DFAT check refers to screening a person against Australia’s sanctions lists managed by the Department of Foreign Affairs and Trade.

These lists include:

  • Individuals involved in terrorism
  • People subject to international sanctions
  • Entities linked to serious crime or national security risks

Why DFAT Checks Matter 

If a person appears on a DFAT sanctions list:

  • You must not provide services to them
  • You may have legal obligations to report or freeze assets

This is not about assessing risk level — it is about legal prohibition.

A key difference in a PEP check vs DFAT check process is that a DFAT match may legally prevent a business from proceeding with a transaction or service.

PEP Check vs DFAT Check: Key Differences Explained

PEP Check DFAT Check 
Identifies higher-risk individuals Identifies prohibited individuals 
Risk-based approach Legal compliance requirement 
You can still deal with them (with controls) You must NOT deal with them 
Requires enhanced due diligence Requires immediate escalation 

Understanding the operational difference between a PEP check vs DFAT check is critical for customer due diligence and sanctions compliance.

Why This Matters for Licensed Venues

Licensed venues regularly handle cash transactions, customer identification processes, and ongoing customer monitoring obligations under AML/CTF requirements.

Understanding when to apply a PEP check versus a DFAT sanctions check helps staff respond appropriately to higher-risk customers, suspicious activity, and potential sanctions matches.

Clear procedures also reduce the risk of:

  • Incorrectly refusing service to a PEP
  • Missing a sanctions match
  • Failing escalation requirements
  • Inconsistent staff responses

This is particularly important for gaming venues, pubs, clubs, and hospitality businesses managing high-value or frequent transactions.

For additional AML/CTF compliance guidance and industry resources, visit: CHD Partners AML/CTF Resources

When Do You Need to Conduct a PEP Check?

You should conduct a PEP check during:

Customer Due Diligence (CDD)

  • Large transactions (e.g. $5,000+ or $10,000 thresholds depending on the service)
  • Customer identification processes

Ongoing Customer Monitoring

  • Regular or high-value patrons
  • Unusual or suspicious behaviour

Trigger Events

  • Changes in customer behaviour
  • Large wins or frequent cash activity (common in licensed venues)

A strong PEP check vs DFAT check process helps businesses identify which situations require enhanced monitoring versus immediate escalation.

When Do You Need to Conduct a DFAT Check?

DFAT checks should be completed:

At Customer Onboarding / Identification

  • When verifying identity for AML/CTF purposes

Before Providing Services

  • Particularly where financial transactions are involved

During Ongoing Monitoring

  • Especially for higher-risk customers

When Suspicious Activity is Identified

  • As part of escalation and investigation processes

Practical Example for a Licensed Venue 

Scenario 1 – PEP

A customer:

  • Is a local council CEO
  • Regularly plays gaming machines
  • Wins $6,000

You can still pay them.

However, you should:

  • Record them as a PEP
  • Apply Enhanced Customer Due Diligence (ECDD)
  • Monitor their activity more closely

Scenario 2 – DFAT

A customer:

  • Presents identification
  • Matches a DFAT sanctions list

You must:

  • Stop the transaction immediately
  • Escalate the matter internally
  • Follow internal procedures
  • Consider reporting obligations

Understanding the operational difference between a PEP check vs DFAT check helps staff apply the correct compliance response.

How This Works in Practice (Simple Process) 

Step 1 – Identify the Customer

Collect identification as normal.

Step 2 – Run Required Checks

  • PEP screening
  • DFAT sanctions screening

Step 3 – Assess the Outcome

  • If PEP → Apply enhanced monitoring
  • If DFAT match → Stop and escalate immediately

Common Mistakes to Avoid 

A common issue in venues is treating PEPs as “banned customers.”

This is incorrect.

  • PEP = Higher risk → Manage and monitor them
  • DFAT match = Legal prohibition → Do not proceed

Staff training should clearly explain the difference between a PEP check vs DFAT check to avoid inconsistent compliance responses.

Simple Way to Explain to Staff 

You can train staff using this simple approach:

  • PEP = “Watch more closely”
  • DFAT = “Do not proceed”

Final Guidance for Your AML/CTF Program 

To stay aligned with AUSTRAC expectations: 

  • Include both checks in your CDD procedures 
  • Clearly document:  
  • Who performs the checks  
  • When they are done  
  • What happens if there is a match  
  • Train staff using real scenarios  
  • Use systems (like CIRT) to record outcomes and actions  

Additional AML/CTF Guidance

Understanding the difference between a PEP check vs DFAT check is an important part of meeting your AML/CTF obligations and strengthening your customer due diligence procedures.

For more AML/CTF compliance resources and guidance for licensed venues and businesses, visit: CHD Partners AML/CTF Resources

You can also review AUSTRAC’s official guidance on Politically Exposed Persons (PEPs), including customer due diligence expectations and enhanced monitoring requirements: AUSTRAC PEP Guidance

Reference 

  • Australian Transaction Reports and Analysis Centre AML/CTF guidance on customer due diligence and PEPs  
  • Department of Foreign Affairs and Trade sanctions framework and consolidated list 

#CHDPartners #CIRT #RTO #WHS #WorkHealthAndSafety #Training #RiskManagement #SecurityAndSafetyCompliance #SME #SmallBusiness #MichaelHuggett #AMLCTF

Previous Post
Why Businesses Should Use a Musculoskeletal Discomfort Reporting Form
Next Post
Understanding the TILE Approach and Its Benefits to Managing Manual Handling