The importance of sanctions screening. Financial institutions use screening of sanctions as a control to detect, avoid, and manage sanctions risk. Sanction screening is done as part of an efficient Financial Crime Compliance (or FCC) program to help the financial institution identify sanctioned persons and organizations, as well as the unlawful conduct to which they may be exposed. It aids in the identification of areas that may be subject to fines and the formulation of compliance risk choices.
The Importance Of Sanctions Screening
Sanctions screening is a control used in the detection, prevention, and disruption of financial crime and, in particular, sanctions risk. It is the comparison of one string of text against another to detect similarities that would suggest a possible match. It compares data sourced from an organization’s operations, such as customer and transactional records, against lists of names and other indicators of sanctioned parties or locations. In light of the continuous expansion and growing complexity of international sanctions regulations, the objective of sanction screening is to develop appropriate compliance controls to assess the effectiveness of sanctions screening controls, whether automated, manual, or both.
Sanctions can be used to punish bad actors or to achieve a foreign policy or diplomatic objective. They are frequently adopted through legislation or international organizations like as the United Nations. Security Council. People and organizations related to terrorist funding are listed on a number of sanctions lists. The Patriot Act, for example, bars corporations from providing material assistance to terrorist organizations, and the United Nations Security Council Committee enforces similar laws like the Al Qaida and Taliban Order (2006).
Most organizations deploy two main sanction screening controls to achieve their AML and KYC objectives, which are transaction screening and customer screening.
Transaction Screening
Transaction screening is used to identify the activities and transactions involving targeted individuals, organizations, or related criminals. Name screening is designed to identify the targeted individuals or entities during the onboarding process or establishing the customer relationship. Together, transaction and customer screening are designed to form a robust set of compliance and internal controls for identifying sanctions targets. It is recognized that there are several limitations to these controls and must always be employed as part of a wider AML/KYC and Financial Crime program.
As with the management of all financial crime risks, F.I. should first identify and assess the sanctions risks to which it is exposed and implement a sanctions screening program commensurate with its nature, size, and complexity.
Considerations To Be Given
In doing so, consideration needs to be given to:
The jurisdictions where the FI is located, and its proximity geographically, culturally, and historically – to sanctioned countries;
What customers the FI has international or domestic, where those customers are located and what business they undertake;
The volume of transactions and distribution channels;
What products and services the FI offers and whether those products represent a heightened sanctions risk, for example, cross-border transactions, foreign correspondent accounts, trade-related products, or payable-through accounts.
The generation of an alert as a result of the process of screening is not, by itself, an indication of sanctions risk. It is the first step towards detecting a risk of sanctions exposure, which can be confirmed or discounted with additional information to evaluate whether the similarities in the text reveal a true sanctions match.
The sanctions screening process can never detect every possible sanction risk to which the organization is faced due to the wide range of applicable variables and conditions in which a sanction screening is to be performed. Sanctions screening is dependent on a range of different applicable variables and factors, including the type, availability, completeness, and quality of data points and information, as well as the inherent sanctions risks to which an organization, its products, customers, channels, and services are exposed.
Consequently, the effectiveness of the sanction screening as a KYC compliance control will vary between organizations, even where they use the same sanction screening solutions. Sanction screening, therefore, requires a programmatic approach that must be assessed considering the ML/TF and sanction risks.
Fundamental pillars of an FCC program, including key enabling functions, should be applied to screening, not in isolation, but in conjunction with other financial crime risk prevention and control processes:
Policies and Procedures
That define requirements for what must be screened, in what context and at which frequency, and how alerts should be adjudicated, paying particular attention to how to resolve the red alerts, and perform investigations.
Responsible Person
Who possesses appropriate AML/KYC and sanction screening skills and experience in regulatory compliance area including understanding the sanction screening outcomes and taking required decisions.
Risk Assessment
Applying the risk-based decisions to resolve the specific questions of what data points or information attributes are to be used for the sanction screening, when to perform the screening, etc. The decision-making and governance structure needs to be clearly articulated, documented and supported as part of the overall compliance program.
Internal Controls
Implementing the sanction screening controls that require an understanding of the various screening methodologies and technologies that are available, as a compliance solution. Organizations are expected to document how the sanction screening system is configured, with other compliance controls, to ensure that overall AML/KYC regulatory compliance requirements are met.
Testing
To be conducted to validate that the sanction screening controls and system are performing as expected, and to assess its effectiveness in managing the specific compliance risks that are articulated in the organization’s Risk Assessment. Regular and periodic compliance reviews and testing, of the sanction controls and system, are supported by metrics, analysis, and compliance reporting, to the Central Compliance Committee (or CCCC).
A simple name-matching process may be a complex set of processes in which information or data points are used from several technology systems and sanctions lists for comparison, using the defined matching algorithms and risk-based red-alert generation rules to ensure compliance with regulatory requirements.
For larger or more complex organizations, the screening program usually requires the use of a technology application that includes certain core functionalities to ensure the appropriate red-alert generation rules and outcomes. Such functionalities include implementing risk-based screening thresholds and rules to generate good quality red alerts for review and validation.
Identifying and implementing the risk-based sanction screening process to comply with regulatory requirements is important for the overall compliance policy.
The production of alerts is at the heart of every screening application. An alarm must be presented in the screening application for qualified sanctions employees to evaluate. While the application’s workflow may vary depending on a variety of factors, such as reviewer expertise or a FI’s risk tolerances (for example, whether the review process requires a maker-checker/four-eye requirement), the applicant must present all relevant data from the FI and the sanctions lists for decision making, allow reviewers to make a decision based on the validity of that data, and then document relevant rationale.
Financial institutions must verify sanctions lists before conducting business to ensure financial sanctions are followed. Governments often use financial sanctions to restrict or prohibit trade with foreign targets accused of participating in illegal activities. A country may be sanctioned, as well as individuals or groups. They may even be used against those who are not directly engaged in crime but work for those who are. Governments and banking institutions offer sanctions lists to help businesses determine who is liable.
Final Thoughts
Sanctions screening is the process of ensuring that the goods and parties involved in a trade transaction are checked against regulations, sanctions, enforcement actions, and other official watchlists in the maritime world. To thoroughly screen a ship’s movement history, registered flag administration, ownership, and management, and to verify a transaction as compliant, complete supply chain transparency is required.
Sanctions screening should be part of every player’s due diligence in the maritime trade supply chain to avoid criminal, reputational, and commercial damage caused by noncompliance and association with illicit trade activities, money laundering, terrorist financing, and so on.