(02) 4964 4055
[email protected]
Book A Call

PEP vs DFAT Check: Key Differences Every AML/CTF Professional Must Know

PEP vs DFAT Check

Understanding a PEP vs DFAT Check is essential for businesses meeting AML/CTF compliance obligations in Australia. While these checks may sound similar, they serve very different purposes in managing risk and ensuring regulatory compliance.

A well-implemented screening process helps organisations identify high-risk individuals while avoiding prohibited transactions.

What is a PEP vs DFAT Check?

A PEP vs DFAT Check refers to two different types of compliance screening:

  • A Politically Exposed Person (PEP) check, which identifies higher-risk individuals
  • A DFAT sanctions check, which identifies individuals or entities you must not deal with

Understanding the difference between these checks is critical for avoiding compliance breaches and regulatory penalties.

What is a PEP Check?

A Politically Exposed Person (PEP) is someone who holds a prominent public position or has influence over government decisions or public funds.

Examples of PEPs:

  • Politicians (e.g. Members of Parliament)
  • Senior government officials
  • Judges and military leaders
  • Executives of government-owned organisations
  • Immediate family members and close associates
  • Local government leaders such as mayors or council CEOs

Why PEP Checks Matter

PEPs are considered higher-risk individuals, but they are not prohibited.

They may have:

  • Access to public funds
  • Influence over decision-making
  • Exposure to bribery or corruption risks

This means you can still transact with them, but enhanced due diligence (EDD) and ongoing monitoring are required.

What is a DFAT Check?

A DFAT check involves screening individuals against sanctions lists maintained by the Department of Foreign Affairs and Trade.

These lists include:

  • Individuals involved in terrorism
  • People subject to international sanctions
  • Entities linked to serious crime or national security risks

Why DFAT Checks Matter

If a person appears on a sanctions list:

  • You must NOT provide services
  • You may need to report to AUSTRAC
  • Immediate escalation is required

PEP vs DFAT Check: Key Differences

Understanding the distinction is critical:

  • PEP = Higher risk → Apply controls and monitor
  • DFAT = Prohibited → Stop and escalate

These checks work together to ensure both risk-based and legal compliance requirements are met.

When to Perform These Checks

1. Customer Due Diligence (CDD)

  • Identity verification
  • Large transactions (e.g. $5,000–$10,000+)

2. Ongoing Monitoring

  • High-value or frequent customers
  • Unusual or suspicious behaviour

3. Trigger Events

  • Changes in customer activity
  • Large wins or frequent cash transactions

Applying both checks ensures consistent and compliant decision-making.

When Do You Need to Do a DFAT Check?

DFAT checks should be completed at key stages of your customer lifecycle to ensure compliance with sanctions obligations.

1. Customer Onboarding / Identification

  • When verifying identity for AML/CTF purposes

2. Before Providing Services

  • Especially where financial transactions are involved

3. During Ongoing Monitoring

  • Particularly for higher-risk customers

4. When Suspicious Activity is Identified

  • As part of escalation and investigation procedures

Regular screening helps ensure your business does not unknowingly engage with sanctioned individuals or entities.

Practical Example

Scenario 1 – PEP

A customer:

  • Is a local council CEO
  • Regularly plays gaming machines
  • Wins $6,000

Action:

  • Record as a PEP
  • Apply enhanced due diligence
  • Monitor activity

Scenario 2 – DFAT

A customer:

  • Presents identification
  • Matches a sanctions list

🚫 Action:

  • Stop the transaction immediately
  • Escalate internally
  • Follow reporting procedures

How This Works in Practice

Understanding how these checks apply in real situations helps staff make confident and compliant decisions.

Step 1 – Identify the Customer

  • Collect identification documents as part of your standard process

Step 2 – Run Screening Checks

  • Conduct PEP screening
  • Conduct DFAT sanctions screening

Step 3 – Assess the Outcome

  • If identified as a PEP → Apply enhanced due diligence and monitoring
  • If a DFAT match is found → Stop the transaction and escalate immediately

Having a clear process ensures consistency across your team and reduces the risk of compliance breaches.

Common Mistakes to Avoid

A frequent mistake is treating PEPs as prohibited customers.

❌ Incorrect:
PEP = Do not transact

✅ Correct:

  • PEP = Higher risk → Manage
  • DFAT = Prohibited → Do not proceed

Simple Way to Explain to Staff 

You can train staff using this: 

  • PEP = “Watch more closely”  
  • DFAT = “Do not proceed”  

Final Guidance for PEP vs DFAT Check Compliance

To stay aligned with AUSTRAC requirements, businesses must ensure that both PEP and sanctions screening processes are clearly defined and consistently applied.

A strong PEP vs DFAT Check framework should include:

  • Clear procedures for when checks are performed
  • Defined responsibilities for staff conducting screening
  • Documented actions for potential matches
  • Ongoing staff training using real-world scenarios
  • Proper record-keeping of all compliance decisions

Implementing an effective PEP vs DFAT Check process not only reduces regulatory risk but also strengthens your overall AML/CTF program.

If you need support in setting up or reviewing your PEP vs DFAT Check procedures, 👉 contact our team for expert guidance tailored to your business.

Previous Post
How to Identify Noise Hazards in the Workplace: 5 Practical Steps for Small Businesses
Next Post
Practical Guide to Lake Macquarie Business Networking That Actually Works