16 November 2025
FATF ¦ R.12 Politically Exposed Persons
Recommendation 12: Managing Politically Exposed Persons in Financial Institutions
Politically Exposed Persons (PEPs) present heightened risks of corruption, bribery, and money laundering due to their positions of influence. Recommendation 12 establishes clear expectations for financial institutions to identify, assess, and manage these risks — covering foreign PEPs, domestic PEPs, individuals entrusted with prominent functions in international organizations, and their family members and close associates.
Core Requirements for Foreign PEPs
Financial institutions must go beyond standard customer due diligence when dealing with foreign PEPs, whether as customers or beneficial owners. This includes implementing risk-management systems to determine PEP status, securing senior management approval before onboarding or continuing relationships, establishing the source of wealth and funds through reasonable measures, and conducting enhanced ongoing monitoring. These controls ensure that institutions can detect unusual activity early and maintain robust governance over higher-risk relationships.
Domestic and International Organization PEPs
For domestic PEPs and those holding prominent roles within international organizations, institutions must take reasonable steps to determine PEP status. Where higher risk is identified, the same measures applied to foreign PEPs — senior management approval, verification of source of wealth and funds, and enhanced monitoring — must be implemented. Critically, these obligations extend to family members and close associates, recognizing that risk often flows through connected parties.
PEPs in Life Insurance
Recommendation 12 also addresses life insurance. Institutions should determine whether beneficiaries and, where applicable, beneficial owners of beneficiaries are PEPs — at the latest at payout. If higher risk is present, senior management must be informed before proceeds are released, the entire relationship with the policyholder should be scrutinized, and a suspicious transaction report should be considered where warranted.
Why This Matters
Effective PEP risk management strengthens financial integrity, meets regulatory expectations, and reduces exposure to reputational harm. Institutions that operationalize Recommendation 12 with clear governance, reliable data, and rigorous monitoring are better positioned to detect and deter financial crime.
FATF Ratings Overview
Luxembourg ¦ FATF Effectiveness & Technical Compliance Ratings
Anti-money laundering and counter-terrorist financing measures
Luxembourg Mutual Evaluation Report, September 2023
This assessment was adopted by the FATF at its June 2023 Plenary meeting and summarises the anti-money laundering and counter-terrorist financing (AML/CFT) measures in place in Luxembourg as at the date of the on-site visit: 2-18 November 2022.
Table 1. Effectiveness Ratings
Note: Effectiveness ratings can be either a High- HE, Substantial- SE, Moderate- ME, or Low – LE, level of effectiveness.
IO1 Risk, policy and coordination
Money laundering and terrorist financing risks are identified, assessed and understood, policies are co-operatively developed and, where appropriate, actions co-ordinated domestically to combat money laundering and the financing of terrorism.
Substantial
IO2 International cooperation
International co-operation delivers appropriate information, financial intelligence and evidence, and facilitates action against criminals and their property.
Substantial
IO3 Supervision
Supervisors appropriately supervise, monitor and regulate financial institutions and VASPs for compliance with AML/CFT requirements, and financial institutions and VASPs adequately apply AML/CFT preventive measures, and report suspicious transactions. The actions taken by supervisors, financial institutions and VASPs are commensurate with the risks.
Moderate
IO4 Preventive measures
Supervisors appropriately supervise, monitor and regulate DNFBPs for compliance with AML/CFT requirements, and DNFBPs adequately apply AML/CFT preventive measures commensurate with the risks, and report suspicious transactions.
Moderate
IO5 Legal persons and arrangements
Legal persons and arrangements are prevented from misuse for money laundering or terrorist financing, and information on their beneficial ownership is available to competent authorities without impediments.
Substantial
IO6 Financial intelligence
Financial intelligence and all other relevant information are appropriately used by competent authorities for money laundering and terrorist financing investigations.
Substantial
IO7 ML investigation & prosecution
Money laundering offences and activities are investigated, and offenders are prosecuted and subject to effective, proportionate and dissuasive sanctions.
Moderate
IO8 Confiscation
Asset recovery processes lead to confiscation and permanent deprivation of criminal property and property of corresponding value.
Moderate
IO9 TF investigation & prosecution
Terrorist financing offences and activities are investigated and persons who finance terrorism are prosecuted and subject to effective, proportionate and dissuasive sanctions.
Substantial
IO10 TF preventive measures & financial sanctions
Terrorists, terrorist organisations and terrorist financiers are prevented from raising, moving and using funds.
Moderate
IO11 PF financial sanctions
Persons and entities involved in the proliferation of weapons of mass destruction are prevented from raising, moving and using funds, consistent with the relevant UNSCRs.
Moderate
Table 2. Technical Compliance Ratings
Note: Technical compliance ratings can be either a C – compliant, LC – largely compliant, PC – partially compliant or NC – non compliant.
R.1 Assessing Risks and applying a Risk-Based Approach
C – compliant
R.2 National Co-operation and Co-ordination
C – compliant
R.3 Money laundering offence
C – compliant
R.4 Confiscation and provisional measures
LC – largely compliant
R.5 Terrorist financing offence
C – compliant
R.6 Targeted financial sanctions related to terrorism and terrorist financing
LC – largely compliant
R.7 Targeted financial sanctions related to proliferation
LC – largely compliant
R.8 Non-profit organisations
PC – partially compliant
R.9 Financial institution secrecy laws
C – compliant
R.10 Customer due diligence
C – compliant
R.11 Record-keeping
C – compliant
R.12 Politically exposed persons
C – compliant
R.13 Correspondent banking
C – compliant
R.14 Money or value transfer services (MVTS)
C – compliant
R.15 New technologies
LC – largely compliant
R.16 Payment transparency
C – compliant
R.17 Reliance on third parties
C – compliant
R.19 Higher-risk countries
C – compliant
R.20 Reporting of suspicious transactions
C – compliant
R.21 Tipping-off and confidentiality
C – compliant
R.22 DNFBPs: Customer due diligence
C – compliant
R.23 DNFBPs: Other measures
C – compliant
R.24 Transparency and beneficial ownership of legal persons
LC – largely compliant
R.27 Powers of supervisors
C – compliant
R.28 Regulation and supervision of DNFBPs
C – compliant
R.29 Financial intelligence units
C – compliant
R.30 Responsibilities of law enforcement and investigative authorities
LC – largely compliant
R.32 Cash Couriers
LC – largely compliant
R.33 Statistics
LC – largely compliant
R.34 Guidance and feedback
C – compliant
R.35 Sanctions
LC – largely compliant
R.36 International instruments
LC – largely compliant
R.37 Mutual legal assistance
C – compliant
R.38 Mutual legal assistance: freezing and confiscation
C – compliant
R.39 Extradition
C – compliant
R.40 Other forms of international co-operation
LC – largely compliant
Dive deeper
EU Sanctions Helpdesk
The EU Sanctions Helpdesk platform supports European operators in complying with European Union restrictive measures (also known as sanctions) imposed worldwide.
Aimed primarily at Small and Medium-sized Enterprises (SMEs), the Helpdesk offers resources and personalised help to companies performing sanctions due diligence checks.
What else?
