Financial institutions (FIs) must devote increasing attention to sanctions compliance as they navigate a shifting regulatory landscape in which guidelines are often challenging. Growing complexity, increasing regulatory rigor and inconsistencies between global governments are raising the bar for sanctions compliance.
As the penalties for the international enforcement actions continue to escalate, its scope has expanded beyond FIs to now impact organisations across almost every industry. Despite a temporary slowdown, non-FIs cannot afford to back off on sanctions screening without becoming vulnerable to hefty penalties—particularly as evolving pandemic-driven market conditions have led to a significant rise in online transactions.
Our behaviour and shopping habits are increasingly digital. We stream online content, browse the housing market, purchase groceries and clothing, even open bank accounts digitally today. Thankfully, digital transactions allow for a lot more transparency in the prevention of financial crime. Moving away from a cash-based society can absolutely help us longer term to eradicate the issues linked to large illegal money movements.
Is your sanctions screening process up to par?
There is never a time for sanctions screening to be poor, even more so as we are going through the pandemic-driven online engagements. Criminals know no borders, and do not stop in the time of crisis. Strong sanctions screening compliance systems can help eradicate challenges faced during this time. It is a combination of strong policies, good data and reliable systems that organisations need to prevent the wrong-doing. The Wolfsberg Group, an association of 13 global banks, has offered some guidance to FIs regarding sanctions screening and the management of financial crime risks. Here are six of its key recommendations:
- Map the business—Sanctions screening and AML risk management programs should begin with customer on-boarding. Map the business in question and its relationships to identify where sanctions risk exposure lies.
- Check the data—To be effective in risk management, FIs must look into reference data, which encompasses lists of entities/transactions needing to be matched, and sanctioned entity data, which are lists of sanctioned entities against which reference data is matched.
- Establish fundamental pillars—Key aspects must include defined policies and procedures, audit and controls of the process, and testing and validation to ensure the program stays robust.
- Create a process for remediating alerts—Sanctions screening is imperfect by its very nature. Therefore, any system will generate alerts of possible matches that require remediation. Create procedures for determining if they are false positives that can be discounted or true matches (hits). Efficiency and effectiveness in the alert remediation process is critical.
- Set rules for screening transactions—FIs must screen not only businesses but also transactions. Determine what attributes should be analysed from data capture to identify high-risk transactions.
- Conduct lookbacks—What’s in the past is NOT in the past. FIs should continually conduct historical reviews of already screened data to expose previously undetected sanctioned entities and determine how to handle entities and transactions that passed the screening but should not have.
Whilst these recommendations highlight just some of the Wolfsberg Group’s recommendations for sanctions screening, what is clear is this: For FIs striving to meet guidelines and develop a successful, long-term sanctions screening program, the best solutions will need to involve a combination of human efforts and technologies. One cannot exist without the other in our compliance ecosystem and are fully co-dependent. The better systems we have in place to eradicate noise, the more we can utilise our teams to analyse and focus on what truly matters: prevention of financial crime.