When it comes global AML regulations, sanctions screening is an imperative part of it and plays a huge role in the fight against money laundering and terrorism.
According to Sentinels, sanctions breaches are among the most serious of offences under regulations such as the EU’s Sixth Anti-Money Laundering Directive (6AMLD).
The company noted that It’s critical that banks, financial institutions, and any other entity that’s subject to the requirements of AML and anti-terror financing regulations to act by checking their customers against relevant sanctions lists.
How can companies build an effective sanctions screening policy? Sentinels underlined that the first key step is figuring out where your risks are – and a key part of this depends on the operations of a company.
The firm said, “A company that operates globally, for example, might institute policies that prohibit the company from having dealings with any parties or countries that have been sanctioned by another country, such as the US, or a political entity, such as the United Nations or EU.
“It’s also important to consider risks that are posed by the products and services that you offer, or the relationships that you have with suppliers and other third parties.”
Another piece of the sanctions jigsaw is cleaning up and organising your data – as data is what sanctions screening is powered by. Sentinels remarked that it is often the case that sanctions screening processes and systems can fail because they’re not getting enough data or the data that they’re getting isn’t good enough.
Because of this, it is important for companies to adequately compile, clean and organisation their KYC data to avoid sanctions screening inefficiencies, false positives and failing to detect sanctioned entities during the screening process.
It is also key that companies know what they’re looking for. It is not necessarily always the case that all data elements within a businesses’ records will be suitable or relevant for use in screening, especially when screening against specific sanctions risks.
Sentinels detailed, “For instance, the names of individuals or third-party entities with whom an organization does business can easily be screened against name-based sanctions lists. However, this data cannot always be used to screen against other sanctions lists, such as geographic or environmental sanctions lists.
“It’s also vital to determine whether any PEPs or RCAs are involved in the transaction that is being reviewed. These higher risk entities should be examined more closely than ordinary customers and every sanctions screening policy needs to reflect the increased likelihood for sanctions risk that they pose.”
Companies should also remember to keep their data current. Sentinels said that organisations should ideally determine which lists are relevant to them for screening purposes, which can usually achieved through following a risk-based assessment.
The firm said, “It’s important that sanctions data and indeed sanctions lists that are being screened against are kept up-to-date and that data is enhanced with additional information from both internal and reliable external sources wherever possible. This can be supplemented with other data points, such as previous false positives and definitions of scope—this is particularly beneficial where a sanctions screening process is supported by artificial intelligence and machine learning technologies.”
Lastly, Sentinels suggests that companies should mandate regular screening.
The company remarked, “Organizations should carry out sanctions screening at regular, defined intervals. Ideally, this should be done via an automated process that’s guided by internal policies that are kept up to date through regular review and revision.
“Best practice states that screening should also take place when new relationships are being established—i.e., when onboarding a new customer—to ensure that the relationship is permissible according to current sanctions lists. Additional screening should then take place at predetermined intervals and/or when a trigger event takes place, such as when new regulations are introduced, or existing ones are modified.”
Sentinels concluded, “Every regulated organization must have a sanctions screening policy in place that’s reviewed and updated regularly. The accuracy of this policy and your internal data is the key to ensuring that your sanctions screening is both effective and accurate.
“Just as important as your sanctions screening policy is the method that you use to carry out that screening. Relying on Excel or Jira as the backbone to a time-consuming and expensive manual process is no longer a viable approach to compliance. Using a dedicated solution provides clarity, consistency, and trackability to your compliance process and proves to the regulator that your business can protect consumers. A necessary step to obtaining or maintaining license requirements.”
Read the full post here.
Copyright © 2018 RegTech Analyst