Spurred by the increasing incidence of money laundering, terrorist financing, and bank fraud, sanctions compliance is emerging as the frontline warrior in the battle against financial crime. According to a Deloitte Survey, 71% of respondents believe their sanctions compliance costs will increase over the next three years. This means improving data quality and screening solutions is critical for financial institutions to keep their costs low.
However, processing transactions related to Specially Designated Nationals (SDN) is one area where the scope of applying automation is limited. SDNs are individuals, entities, countries, or vessels that are barred or prohibited under economic sanctions regulations from doing business. Processing a potential SDN payment requires processors to make judgment-based decisions, adding to the cost of sanctions compliance.
Sanctions compliance: Whose responsibility is it?
As the bar for sanctions compliance rises, so does the complexity around it, making it one of the biggest issues facing the banking industry. According to the Deloittes Global Sanctions Compliance study, 45% of banking C-Suite executives worry that their industry is not adequately aware of the implications of sanctions compliance requirements. In fact, only 28% have conducted a full sanctions risk assessment a key prerequisite for developing an effective sanctions program. Going by these numbers, preventing a prohibited transaction is undoubtedly a major challenge for todays bankers.
To bolster the case for sanctions compliance, various agencies have been set up globally, like the Office of Foreign Asset Control (OFAC) that monitors transactions, investigates violations, and imposes severe penalties on defaulters. The success of such initiatives however, lies in their effective implementation. If a financial institutions current technology setup and human resources are not effective in screening SDN transactions, then their licenses could be at stake. In fact, New Yorks new groundbreaking rule puts the onus of ensuring sanctions compliance on the board members and the management of financial institutions, failing which the firm can invite penalties worth billions of dollars.
How to become sanctions compliant: Five best practices
While financial services firms and other related organizations such as check cashers and money transmitters require sanctions screening, there is no one-size-fits-all compliance package or program. Here are five proven best practices that can help you get off to a good start:
#1 Invest in a robust technology setup: While the OFAC does not specify the compliance program, it advocates for strong and robust controls to combat the threat of sanctions. In order to meet the OFAC standards, periodical benchmarking and review of processes is required to identify the current gaps and work toward overcoming them through structured planning and decision-making. This requires thoughtful investments in technology systems, robust processes, and experienced people.
#2 Bring your human capital up to speed: Since judgment-based decision-making is a key requirement for processing potential SDN payments, deploying highly competent resources for sanctions screening is crucial. Financial institutions must invest in creating a learning and training hub to ensure robust training and knowledge disbursement to associates involved in screening. Periodic refresher trainings must be conducted to ensure employees are abreast with the latest advancements in financial crime and ward off resource fatigue.
#3 Sign off risk acceptance: During benchmarking, an organization may come across process or processes that, despite having weak controls, cannot be altered in terms of setup due to other conflicting regulatory requirements. In such cases, a mitigating control mechanism should be established and risk acceptance signed off by regional compliance authorities. Weak controls increase vulnerabilities and it is best to have predefined risk acceptance in place to protect the interest of individual or entity.
#4 Ensure effective control monitoring: Effective governance and strong control monitoring mechanisms are a must. Any perceived risk should be captured and tested periodically, and an independent tester should conduct a risk review assessment and share the results with operational heads.
#5 Leverage analytics to ensure policy adherence and improve TAT: Developing an analytics-driven compliance suite, which has the capability to identify patterns based on historical data, can help businesses establish an ignore pattern (for regular false hit cases). Ignore patterns significantly improve STP rates and adherence to sanctions compliance requirements. Moreover, a repository of customer details such as their identity cards, national identity proof or passports could be created and used for future transactions, enabling Level 1 or 2 compliance teams to validate and clear payments quickly.
Its time to step up your sanctions compliance game
Sanctions compliance is a key focus area not only for banks and financial institutions, but for any company that is engaged in overseas business. Failures in this aspect have already cost banks upwards of USD 599,705,997 in recent years and regulators are pressing ahead with renewed powers and tighter controls. Implementing a thorough sanctions program that includes training of front-line and senior personnel as well as board members can go a long way in helping businesses avoid regulatory, legal, and reputational damages.