March 22, 2026
Methodology About Contact
DUBAI TOKENISATION
The Vanderbilt Terminal for Dubai Tokenization Ecosystem
INDEPENDENT GLOBAL INTELLIGENCE FOR DUBAI TOKENISATION
VARA Licensed VASPs: 21 ▲ +3 YTD | Enforcement Actions: 36 ▲ +2 in 2026 | VARA Rulebook Version: v2.0 ▲ May 2025 | Licensed Activities: 7 Categories ▲ Full Market | VARA Applications Pending: 147 ▲ +12 | AML/CFT Circulars: 41 ▲ +4 in 2026 | Free Zone Partners: DWTCA + DET ▲ Active | Unlicensed Firms Listed: 36+ ▲ Growing | VARA Licensed VASPs: 21 ▲ +3 YTD | Enforcement Actions: 36 ▲ +2 in 2026 | VARA Rulebook Version: v2.0 ▲ May 2025 | Licensed Activities: 7 Categories ▲ Full Market | VARA Applications Pending: 147 ▲ +12 | AML/CFT Circulars: 41 ▲ +4 in 2026 | Free Zone Partners: DWTCA + DET ▲ Active | Unlicensed Firms Listed: 36+ ▲ Growing |

Politically Exposed Person (PEP)

Definition

A Politically Exposed Person (PEP) is an individual who holds or has held a prominent public function, whose position may expose them to higher risks of involvement in corruption, bribery, or money laundering. Within VARA’s AML/CFT framework, PEP identification and management is a core element of the enhanced due diligence (EDD) obligations imposed on all licensed virtual asset service providers.

The PEP concept originates from Financial Action Task Force (FATF) standards and is incorporated into UAE federal law through the UAE Federal AML Decree-Law. VARA’s application of PEP requirements to virtual asset transactions reflects the specific risks associated with the sector — particularly the speed, cross-border nature, and potential pseudonymity of virtual asset transfers that may complicate PEP transaction monitoring.

Categories of PEPs

PEP classification typically encompasses three categories, each triggering enhanced due diligence requirements:

Domestic PEPs

Individuals holding prominent public functions within the UAE, including senior government officials, members of the judiciary, senior military officers, senior executives of state-owned corporations, and senior political party officials.

Foreign PEPs

Individuals holding similar prominent public functions in foreign countries. For licensed VASPs serving an international customer base — as is typical for exchanges like Binance Dubai, OKX Middle East, and Crypto.com Dubai — foreign PEP screening is a significant compliance consideration given the volume of cross-border virtual asset transactions.

International Organisation PEPs

Individuals holding senior positions in international organisations, such as members of senior management, board directors, or equivalent functions.

Family Members and Close Associates

PEP requirements typically extend to family members and close associates of PEPs, who may be used as intermediaries to conceal the PEP’s involvement in transactions.

Enhanced Due Diligence Requirements

When a licensed VASP identifies a customer or beneficial owner as a PEP, enhanced due diligence measures must be applied:

  • Senior Management Approval: The decision to establish or continue a business relationship with a PEP must be approved by senior management
  • Source of Wealth and Funds: The VASP must take reasonable measures to establish the source of wealth and the source of funds involved in the relationship
  • Enhanced Ongoing Monitoring: The relationship must be subject to enhanced ongoing monitoring, with increased scrutiny of transaction patterns
  • Risk Assessment: PEP relationships must be factored into the VASP’s overall risk assessment, as required by VARA’s November 2025 guidance on Rule III D risk assessments

VARA’s AML Framework Context

PEP requirements form part of VARA’s layered AML/CFT/CPF programme obligations. The March 2026 circular on implementation of UAE AML requirements applicable to VASPs incorporates PEP management within the broader framework of customer due diligence, transaction monitoring, suspicious activity reporting, and sanctions screening.

Related AML obligations include:

  • FATF High-Risk Jurisdiction Screening: The January 2026 circular requires enhanced measures for jurisdictions on FATF lists, which may overlap with PEP screening for individuals from high-risk countries
  • EOCN Sanctions Screening: The November 2025 circular on targeted financial sanctions may affect PEPs who are also designated on sanctions lists
  • Virtual Assets Travel Rule: The February 2026 implementation circular ensures that originator and beneficiary information is available for PEP transaction monitoring

Enforcement Relevance

The Morpheus Software Technology (FUZE) case (August 2025) demonstrates the consequences of inadequate AML controls. FUZE was penalised for “failures in AML programme controls, related governance, compliance and internal systems and controls.” While the published details do not specify PEP-related failures specifically, comprehensive AML programme deficiencies would encompass PEP screening and management processes.

Virtual Asset Sector Risks

PEP management in the virtual asset sector presents distinct challenges compared to traditional financial services:

  • Pseudonymity: While VARA-licensed VASPs conduct KYC, the underlying blockchain transactions may involve pseudonymous addresses requiring additional monitoring
  • Cross-Border Speed: Virtual asset transfers execute in minutes or seconds across borders, limiting the window for pre-transaction PEP checks
  • Volume: High-frequency trading activity on exchanges generates large transaction volumes requiring automated PEP screening
  • Emerging Technology: DeFi interactions, NFT transactions, and staking activities may create indirect exposure to PEP-connected funds

International Standards

The FATF provides the foundational international standards for PEP management through Recommendations 12 and 22. VARA’s approach aligns with these standards while operating within the specific UAE context established by the UAE National Risk Assessment (June 2025), which identifies particular risks relevant to the UAE’s role as an international financial centre.

For the full AML compliance framework, see our AML/CFT requirements analysis and our guide to building a VARA-compliant AML programme. For related terms, browse our glossary.

PEP Screening Technology

Licensed VASPs typically deploy automated PEP screening systems that cross-reference customer data against commercial PEP databases. These systems must be configured to capture name variations, transliterations (particularly relevant in the UAE context where Arabic and English name representations may differ), and family member relationships.

The technology requirements for PEP screening in the virtual asset sector extend beyond traditional financial services. VASPs must integrate PEP screening with blockchain analytics tools to identify transactions potentially connected to PEP-associated wallets, even when those wallets are not directly registered to the PEP. This intersection of traditional AML compliance with blockchain-specific technology represents a compliance challenge unique to the virtual asset sector.

For the approximately 21 VARA-licensed entities, PEP screening is a continuous operational requirement — not a one-time onboarding check. Changes in political status (individuals entering or leaving public office), evolving PEP databases, and ongoing transaction monitoring all require sustained investment in PEP management technology and processes.

Institutional Access

Coming Soon