Are financial institutions struggling to keep up with modern sanction and PEPs lists? – Part 2

Are financial institutions struggling to keep up with modern sanction and PEPs lists? – Part 2

FinTech Global recently spoke to multiple industry players to get their insights on whether financial institutions are keeping up with modern sanction/PEPs lists monitoring requirements. The first part can be read here. In this second half, FinTech Global asked the industry leaders to outline some of the best practices they have seen in the market and how to stay on top of the lists.

Remonda Kirketerp-Møller, founder and CEO at client onboarding technology developer Muinmos, highlighted several practices that can ensure a firm is ready for the current landscape. One of these was the integration of advanced AI and machine learning to automate the monitoring and updating of processes. Another vital aspect is the regular training of compliance staff to ensure they fully understand the latest regulations and techniques to identify risks.

Other processes include performing thorough due diligence on an ongoing basis, maintaining open lines of communications with regulatory bodies and prioritising resources and monitoring efforts based on the level of risk associated with specific clients or transactions.

Bradley Elliott, CEO at single view AML compliance platform RelyComply, also offered a number of best practices. He said, “Financial institutions with the most robust sanction/PEP monitoring processes generally use a combination of technology and human capital. Technology can be a key enabler in assisting compliance teams to identify and work through potential risks.”

One of the best practices Elliott outlined was partnering with an AML vendor that offers a single case management solution to ensure a unified view of a customer’s profile. Similarly, a firm should seek an AML vendor that has advanced matching technology to reduce false positives, and a vendor that can quickly integrate with existing systems via API to ensure data and compliance results are easily accessible across systems if required.

A couple of the other best practices Elliott noted were partnering with highly credible AML/watchlist vendors, ensuring that sanction/PEP screening is highly automated, and ensuring customer data is rescreened against watchlists every 24 hours.

Holly Sais Phillippi, the CEO of AML compliance and fraud management platform Alessa, added that firms around the world have different budgets and regulatory requirements, meaning best practices can vary based on parameters. However, a universal best practice is to take a holistic view of risk and not narrow it down by turning off specific ‘lists’. “This requires them to ensure they have the right technology and data providers to help them narrow a broad view down to the real risk. This sounds like a no-brainer and we talk about this a lot within our industry however if we get back to “lack of resources” we find that organizations sometimes have to turn off lists in which they deem as “low risk” simply due to managing volume of false positives.”

She added, “We fully recognize that Sanctions and PEP monitoring can be extremely time consuming, so we are seeing that many best practices stem from using data and technology together to save teams time and money while ensuring compliance. Teams who have implemented holistic solutions are seeing a significant saving in manual effort which results in not just time savings but also allows the compliance professionals to focus on real risk which is what we are all aiming for.

“The use of a PEP scoring models is also a great best practice to help reduce PEP related false positives and help teams to focus on their riskiest clients. These scoring models should be flexible enough to be based on the organization’s risk threshold and preferences, and help assess risk in an automated fashion, once again reducing the manual efforts required by compliance professionals. We need to be in the business of managing real risk not managing false positives, I know this is a bit of a preaching to the choir.”

Finally, Ben Lachenal, Enterprise Account Manager at FullCircl, outlined how its own services are helping financial institutions to get ready for the modern landscape. He said, “Businesses like FullCircl through our W2 platform, exist to ensure that financial institutions can best monitor sanctions and PEP lists securely. Whilst some FI’s have the resources to build systems in-house to keep their business secure, many firms in the SME market and even global corporations are turning to outsourcing to companies like FullCircl to build them a monitoring system which can keep on top of changes to sanction/PEP lists.

“Every business has different circumstances relating to their AML monitoring, so it’s key to find a business or system that can adapt to screening parameters, integrate new data suppliers, and integrate real-time alerts.”

Advice to financial institutions

As a final question, FinTech Global asked the respondents for any advice they would provide financial institutions looking to improve their sanction/PEPs list monitoring.

FullCircl’s Lachenal said, “It’s very easy to keep relying on a subpar system or methodology due to the complexity in changing legacy systems. However, the implementation of a more secure system / process far outweighs those hesitancies. Firms should continually review their screening thresholds and matching criteria, the quality of data, ensure that real-time alerts are setup to efficiently react to changes in sanction/PEP lists, and to not be afraid to assess new solutions in the market to keep up with the rising complexity of sanction/PEP lists.”

In a similar vein, RelyComply’s Elliott placed an emphasis on picking the right technology for the job. He said, “Invest in technology that streamlines compliance processes and improves the accuracy of alert results to ensure compliance teams can focus on what matters. Additionally, prioritise regular audits and assessments to identify areas for improvement and ensure ongoing regulatory compliance. Collaboration with trusted partners can also provide invaluable support in navigating the complexities of sanction list monitoring.”

Muinmos’ Kirketerp-Møller also placed an emphasis on technology. She urged financial institutions to adopt or enhance AI and machine learning capabilities to automate and streamline the monitoring process. As part of this, they should be updating the lists, but also screening transactions and customers in real-time.

She also noted that firms should engage with industry groups, forums, and consortia to share experiences and learn from the best practices of others. In addition to this, they should regularly update knowledge and understanding of the geopolitical landscape and changes in sanctions legislation. A good way of doing this is by subscribing to updates from regulatory bodies and international organizations.

She added, “Tailor your compliance program to the specific risks and needs of your institution. This includes setting appropriate thresholds for alerts and implementing policies that reflect the complexity and international reach of your operations.”

A final tip she had for financial institutions was to audit and test. “Regularly audit and test your sanctions compliance program to identify and address any gaps or weaknesses,” she said. “This should include scenario testing and the use of back-testing with real-world examples to ensure the system is effectively identifying potential issues. Ideally find technology that can handle automated testing.”

For Alessa’s Sais Phillippi the most important piece of advice to give a firm is the importance of picking the right provider cannot be overstressed.  As such, allocating enough time to thoroughly assess the tools and datasets your programs currently utilise is essential. She noted that financial institutions should be asking themselves whether these resources are genuinely augmenting operations and whether there is a tangible return on investment from integrating the technology and data.

“If uncertainty prevails, it becomes imperative to inquire with your providers about untapped resources they might have that could enhance efficiency while maintaining stringent compliance standards.”

Following on from this, Sais Phillippi noted that financial institutions should continuously explore and reassess technology and data providers. An ongoing evaluation will not only ensure current tools are meeting the immediate needs, but also helps to future-proof operations. “When examining potential solutions, a few key considerations should include the solution’s scalability with your organization, the provision of workflow automation, and the capability to yield actionable insights into operational efficiency. Also, ensure the solution is not just a point solution and offers the opportunity to capture more functionality for compliance then just one piece.”

Of equal importance, Sais Phillippi said, is assessing if the solution can swiftly identify and mitigate risks so that teams can just focus on high-risk issues without sifting through inconsequential data. Similarly, a firm should ask about the provider’s development roadmap to ensure they are looking to keep pace with change and will not become a legacy solution in a few years.

She concluded, “Challenge providers to demonstrate concrete ROI and furnish reports that substantiate ongoing value. This diligence in asking rigorous questions is not merely as a customer but as an informed stakeholder you have the right to demand your solutions that not only meet but exceed expectations in a landscape marked by constant change.”

Read part one here.

Keep up with all the latest FinTech news here.

Copyright © 2024 FinTech Global

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.