International sanctions have increased in recent years and discrepancies still exist between how financial institutions and non-banking financial institutions in different countries and regions handle them. This has led to ongoing international tensions where politicians use asset-freezing, confiscation and other sanctions as tools to forward personal agendas, producing an increased stream of sanctions. It also leads to headaches for the compliance industry as it attempts to assess their level of risk.
For example, there is a great sanction application difference between the United States and the European Union/United Kingdom as a result of the United States leaving the Joint Comprehensive Plan of Action (JPCOA) agreement and re-implementing sanctions against Iran progressively in 2018. In a post-Brexit world, it is likely that a divergence between European Union and United Kingdom sanctions will occur over time.
Increasing challenges add to complexity for compliance professionals conducting sanctions and transactions screenings in accordance with regulations and institutions’ policies. The rapid transition to an increasingly digital world amidst COVID-19 begs the question: Do financial institutions truly understand the identities moving within their digital networks?
The Wolfsberg Group recently published detailed guidance for financial institutions regarding sanctions screening. The guidance highlights the importance of account and transaction screenings, but does not propose fundamental changes to the processes that financial institutions should follow already. Compliance officers need to rely on robust sanctions screening systems, high data quality and up-to-date policies to drive a successful long-term sanctions screening program.
Compliance departments should continue to conduct basic functions such as documented controls and procedures. They should also require a clear understanding of sanctions risk and how essential it is to take a risk-based approach to customer onboarding. Further, the compliance team should consider improving the following:
- Sanctions List Management: List data can be incomplete and decay over time. Active list management is essential for compliance personnel to ensure complete, accurate and up-to-date data.
- Screening Technology: Screening engines vary in capability. Platforms should meet business needs on a basic level and be able to:
- Manage requisite screening record volumes
- Configure to reflect the differing risk profile lists
- Efficiently remediate alerts through fully functioning workflow tools
- Ingest a variety of external lists
- Integrate APIs into enterprise systems
- Sanctions Data: Not all externally provided sanctions lists are created equal. Financial institutions should conduct thorough due diligence and compare data from different sources. Some issues to consider:
- How the data is synthesized from original issuing bodies
- The quality controls within the research process
- The extent that the provider enriches the data to maximize secondary identifiers of sanctioned individuals
- How complete the data set is, given the many official bodies globally and whether the system is configurable to select those relevant to the institution in question
- Whether the data provided facilitates consolidation of entities appearing on multiple sanctions lists to lower duplicate alerts and minimize analysts’ efforts
Sanctions screening is a vital but complex process and a continuously trained compliance staff helps ensure that the financial institution is consistently screening against the most relevant and up-to-date sanctions lists. Sanctions authorities require increasingly strict compliance and this involves employing intelligent augmentation through a combination of human efforts and new technologies such as big data, data analytics, machine learning and artificial intelligence.
Organizations can best reduce risk exposure by using all the compliance tools in a responsible and efficient way. Only then can a financial institution be sure that it is navigating the increasingly complex and rigorously enforced regulatory landscape.