The Wolfsberg Group, an association of thirteen global banks aiming to develop frameworks and guidance for the management of financial crime risks, has published new guidance on how Financial Institutions (“FIs”) should carry out sanctions screening. The stated objective of the guidance is to assist FIs assess the effectiveness of their sanctions screening controls in light of increasingly expansive and complex international sanctions regulations.
Applying a Risk Based Approach
The guidance sets out that the effectiveness of sanctions screening will vary between FIs since it is dependent on a range of factors including data and inherent sanctions risks facing an FI. It follows that an important principle underlying effective screening is the need for a risk based approach. Each FI must assess its own risks in order to define the manner, extent and circumstances in which screening is employed.
The process of evaluating the risk of a screening programme is built around the following core principles:
- Articulating the specific sanctions risk the FI is trying to prevent or detect within its products, services and operations;
- Identifying and evaluating the inherent potential exposure to sanctions risk presented by the FI’s products, services and customer relationships;
- A well-documented understanding of the risks and how they are managed through the set-up and calibration of the screening tool; and
- Assessing where, within the FI, the information is available in a format conducive to screening.
Sanctions Screening and its Limitations
The guidance details the approaches to the two main elements of sanctions screening, namely reference data screening and transaction screening. Underpinning a robust screening programme is the need for list management and screening technology. In terms of the former, data sets and lists of sanctions indicators must be accurate, reliable, up-to-date, refreshed frequently and relevant to the risks faced by the FI. At the same time, the use of technology applications should include certain core functionalities (such as facilitating independent testing and validation) to ensure that productive alerts are generated by the screening process.
While sanctions screening is a key control in the prevention of financial crime risk facing FIs, the guidance emphasises that it should be deployed as part of a wider financial crime compliance programme to mitigate the risk of being exposed to sanctioned parties and countries.
With an increased focus on international sanctions by global regulators, an effective sanctions screening programme is a must for all regulated FIs. Recent high-profile enforcement action by OFAC against non-regulated corporates also demonstrates the need for all businesses, particularly those trading internationally, to undertake a sanctions specific risk assessment to be able to effectively mitigate the sanctions risk their businesses face. As the Wolfsberg Group has helpfully identified, sanctions screening is an integral part of that overall mitigation strategy.