Economic sanctions and their deep-rooted expectations from financial institutions is not new, but in the ever increasing demands and zero tolerance approach adopted it is even more important for asset freezing controls to be etched into compliance programs.
A critical component to address how institutions do not deal with designated person(s) and in particular with complex third party relationships existing does not have a standard solution despite deploying and employing leading application suites and complex engines supported by various prominent sanctions listings database providers.
So where is the gap? Is it the data analytic s, data capture and warehousing methodology and/or mishaps in the fine tuning capabilities or finally the inability to control ever burgeoning alerts with increased false positives?
Whatever may be the reason banks and other allied financial services firms are struggling to keep the pace with regulatory demands particularly when it comes to sanctions, per say.
No authority declares or promulgates any de-minimis rules including UK’s HM treasury and expects the so called ‘risk based approach’ to be executed after taking into consideration the organizations own business strategy and geographical presence, as they are deemed to be the best judges.
There is no dearth of compliance officers and analysts who can define these controls but cutting-edge technology support is mandatory requirement coupled with architectural strategy to fine-tune and control the outcome, while defining appropriate procedures.
Which divisions of business carry greater exposure needs to be diligently assessed while understanding where entities are incorporated, registered and operate (in relatively sensitive jurisdictions, be it Eastern Europe or Turkey, for example).
Consideration of fuzzy matching and embedding 4th generation multi-layered screening technology across various business units is must-must as names might be missed if only exact matches are screened. Needless to say, sanctioned (designated individuals) too employ various techniques that include reversal of name, number removal, replacing a word by a number so on and so forth).
Additionally, a comprehensive sanctions policy need to be adopted both for meeting audit standards and regulatory requirements including sanctions related protections such as specific representations and warranties, as applicable. It is also pertinent to include voluntary self-disclosure and sanctions related obligations both at a local and group level in particular when it comes to group holding companies.
Let us hope that compliance fraternity will effectively combat this ever increasing challenge with the sustenance from technology in days ahead.
Rajesh Rachamalla, CAMS