The quality of sanctions screening programs is becoming a priority for regulators. Institutions throughout the world must be ready. In the not-too-distant future, I believe the financial services sector will look back on this period as a turning point in terms of sanctions screening (also known as “filtering”) and anti-money laundering (AML) compliance.
It will be remembered as the point at which regulators all over the globe completely embraced the importance of technology and automation in achieving AML standards and gently shifted their focus to the quality of the systems and processes put in place by institutions. The New York State Department of Financial Services (DFS) standards, commonly known as “Part 504,” which went into effect on January 1, 2017, is the driver for the new era of sanctions screening.
Table of Contents
- Key Takeaways
- What Is A Sanction?
- What Is A Sanctions List?
- What Is Sanctions Screening?
- Sanctions Screening Process
- Part 504 Is A Good Technology
- You get to understand why the financial services sector will look back on this period as a turning point in terms of sanctions screening.
- What part 504 is and how it is used to strengthen the state’s anti-money laundering legislation
- What the new era of screening has in stock for the current configuration and outcomes of screening systems.
What Is A Sanction?
A sanction is a type of preventative measure used by governments and international organizations to change behavior, restrict criminal activities, and limit the actions of high-risk individuals or groups.
What Is A Sanctions List?
A sanctions list is a collection of specific penalties that can be used against people, governments, organizations, or businesses. Governments and international organizations, such as the European Union, frequently compile sanction lists.
What Is Sanctions Screening?
Sanction screening entails screening persons, groups, or companies against sanction lists based on the countries in which they trade, the currencies they use, and their ties and alliances. This can include manually entering a name into an internet search tool, mass-checking a customer database for sanctions warnings, or routinely reviewing customer and stakeholder databases.
Part 504 was created to strengthen the state’s anti-money laundering legislation in response to concerns that current standards were failing to address the growing threat of financial crime in the millions of transactions that pass through New York City each year. According to the DFS, its investigations into anti-money laundering and sanctions screening discovered “shortcomings in these institutions’ transaction monitoring and filtering programs, owing to a lack of adequate governance, management, and accountability at high levels.”
Part 504 explains how financial institutions should monitor transactions and screen sanctions lists published by the US Office of Foreign Assets Control (OFAC). But, more importantly, it goes far further.
Sanctions Screening Process
As part of the overall sanctions screening procedure, it lays a strong focus on the use of technology. It states that such programs must be based on “technology or tools for matching names and accounts” and that they must be thoroughly evaluated both before and after installation.
This obligation is reinforced by the fact that top management will be held accountable for the effectiveness of the systems and instruments employed. Regulated financial institutions must verify annually, through their board of directors or a senior officer, that their screening and monitoring systems fulfill the appropriate standards. Records, schedules, and statistics must support this certification. In April 2018, the first round of certification was necessary.
This is crucial since the DFS is implying that sanctions screening is no longer limited to the configuration of a tool. Instead, the regulator anticipates a complete plan that begins with a thorough evaluation of OFAC non-compliance risks and is directed by senior management. This initiative requires a fine collection of tools and other resources, as well as adequate finance.
The following are the requirements:
- To ensure that no actual match with OFAC lists is ever overlooked, technology for matching names and accounts must be properly calibrated and verified.
- To ensure continuous quality in screening performance, testing techniques must be included in the project to apply filtering technologies.
- Continuous data quality monitoring is required, in particular, to verify the completeness of internal data sources, timely acknowledgment of OFAC updates, and the accuracy of datasets processed through filtering systems.
- To operate the filtering instruments and processes efficiently, skilled personnel with good and adequate training – whether internal or external are required.
The bar has been set high. Financial institutions and payment service providers must explain to authorities why they believe their screening mechanism is adequate. They’ll have to show that they can operate the program and that the screening findings are in line with the company’s risk appetite.
All of this necessitates reliable data and thorough, documented analysis of screening systems and filters, and institutions must confidently justify their judgments, methods, and outcomes to regulators. Institutions should utilize explicit selection criteria if any component of the sanctions screening exercise is outsourced to third parties. Finally, the entire program must be meticulously documented and monitored.
Part 504 Is A Good Technology
Part 504 cannot be dismissed as a one-off occurrence. New York City is a prominent financial center in the world. Part 504 has a broad influence, given that practically every major global financial institution has a presence in New York State and that the term “regulated financial firms” encompasses the entire spectrum of financial services. Its requirements affect almost every major institution.
We are convinced that this is only the beginning of a global regulatory trend. With Part 504, a major regulator states unequivocally that having filters in place is no longer sufficient. The focus has turned away from the existence (or lack thereof) of technology to meet sanctions screening criteria and toward the effectiveness of the outcomes produced by technology. It will not be adequate for technology to generate “black box” findings with no meaningful explanation. Automation will be critical in driving efficiency and satisfying standards as technology becomes smarter and more mature.
We believe that the DFS law will have a substantial impact on best practices in the regulation of sanctions screening programs and will serve as a model for others to follow. A new industry standard for the quality of filtering programs has arrived, and it is unthinkable that it will not spread swiftly over the world.
The Hong Kong Monetary Authority, for example, released instructions earlier this year that is strikingly identical to Part 504. Institutions must prepare for this shift by ensuring that their software and systems are ready to produce the data that regulators will require. The issue now is whether an institution’s risk assessment, its screening policies, processes, and controls can continue on a granular basis to be aligned with the current configuration and outcomes of its screening systems. The detail is important in this new era of screening.