Book traversal links for 3.2. Risk-Based Deployment of Sanctions Screening Controls
3.2. Risk-Based Deployment of Sanctions Screening Controls
Effective from 8/9/2021Sanctions screening can include the manual review of customers and transactions against applicable sanctions lists, as well as the use of automated screening and interdiction software and systems. In all cases, the appropriate method of sanctions screening and the screening criteria employed should be appropriately calibrated to the sanctions risks presented by the institution’s customers, products and services, delivery channels, and geographic exposure, and may therefore vary across an LFI’s business lines or units, where applicable. Areas of heightened risk may require additional sanctions-related due diligence, more frequent or more intensive manual reviews of customers, counterparties, and their transactions, enhanced monitoring for transactions or behavior designed to evade sanctions controls, or the specialized training for sanctions compliance personnel in high-risk roles.
Sanctions screening controls should also be calibrated to the size, nature, and complexity of each institution. LFIs with a larger scale of operations are expected to have in place automated systems capable of handling the risks from an increased volume and variance of transactions. While smaller LFIs may rely on sanctions screening systems that are less automated, they should also still ensure that these are appropriately executed to address the risks from their day-to-day transactional activity, as well as fully automated for the update of any changes to the UN Consolidated List and the Local Terrorist List.
Examples of automated tools include automated name screening tools that compare customer databases against applicable sanctions lists, live payment and other transaction filtering tools that screen payment message and transaction data against applicable sanctions lists prior to execution, and text analytics tools that automatically convert paper documentation into electronic data that can then be screened against applicable sanctions lists.
Examples of manual tools include manual reporting and escalations of potentially sanctions-related activity by LFI employees (including especially customer relationship managers and other business-line personnel), manual reviews of document-based transactions (such as documentary trade finance transactions or loans), and periodic or event-based CDD reviews.
Particularly where purely manual processes are employed, LFIs should implement appropriate training on sanctions screening policies and procedures to ensure that personnel adhere to the internal processes for identification and referral of potentially sanctions-related activity. LFIs should be aware of all methods of identification and should ensure that their sanctions screening program includes processes to facilitate the transfer of internal referrals to appropriate personnel for searches against applicable lists. Regardless of whether automated or manual processes (or a combination of the two) are used to perform sanctions screening, the onus is on the LFI to demonstrate that the screening program is effective and appropriately risk based.