Sanctions play a big role in the global scene with ongoing geopolitical tensions and financial crime. Different governments and institutions like the European Union (EU), Office of Foreign Assets Control (OFAC), and the United Nations (UN) have introduced sanctions against entities, countries, individuals, or other parties that have been involved in, or are suspected of, illegal activities. As a result, organizations with international operations need to be more aware of sanctions to comply with the latest developments. This means that they need to review their own financial data and business partners on a regular basis to detect and prevent potential violations. Sanctions screening helps organizations minimize risk, comply with regulations, and identify unwanted business counterparties to prevent any unwanted business activities.
This complete guide to sanctions screening provides you with everything you need to know about the topic. In brief, it discusses:
- What is sanctions screening?
- What are sanctions lists?
- How does sanctions screening work?
- What type of data is screened against in sanctions screening?
- Why is sanctions screening important?
- When do you need sanctions screening?
- Challenges of sanctions screening
- Which sanctions screening lists are relevant?
- Sanctions screening best practices
What is sanctions screening?
Sanctions screening is a measure used to detect and prevent financial crime, helping companies to minimize financial risk exposure. More technically, it compares an organization’s own records against data lists to see if there are any similarities, which would indicate that records include sanctioned parties that you want to avoid doing business with.
Even though sanctions screening sounds straightforward, it can be complex when dealing with bigger data sets that often include errors, missing data, and false positives. As a result, lots of time is often required from finance teams to understand and analyze some of the screening results manually.
One of the main reasons for organizations to adopt sanctions screening is to comply with local or international jurisdictions as well as to minimize risk by identifying harmful business counterparties early on. Sanction screening is also used by organizations as part of a larger risk-based approach and is considered an important step in, for example, the Know Your Customer (KYC), Anti-money Laundering (AML), and Countering Financing Terrorism (CFT) processes.
What are sanctions lists?
Sanctions lists compile data on sanctioned parties such as states, individuals, groups, countries, and legal entities. The lists are issued by institutions and governments like the OFAC, HM Treasury, UN, and EU. Sanction lists are developed with the aim to reduce financial crime as well as financial risk exposure by identifying parties that are committing illegal activities or are suspected of doing so. By screening your reference or transactional data against sanctions lists, you can detect unwanted business parties and prevent doing business with them.
How does sanctions screening work?
Sanctions screening compares an organization’s reference or transactional data such as customer data, business partner data, and payments data with the data of sanctions lists to flag any indicators of overlap with sanctioned parties. When company records show similarities to sanctions lists, they are flagged and marked for further analysis.
You can manually input data into online available search tools of sanctions lists providers or upload larger data sets for screening. Some tools can also automatically screen your data on a regular basis or screen it every time you send manual payments or payments batches.
What type of data is screened against in sanctions screening?
The two most common types of data that are screened are reference data and transactional data.
Reference data screening, sometimes also referred to as customer or name screening, screens any data apart from transactional records. It collects data on business partners, related connections, employees, third-party service providers or vendors, recipients of donations or sponsorship, or international securities identification numbers and compares it with sanctions lists. Most commonly, strings of data like names of individuals and entities, dates of birth, addresses, cities, and countries are part of this screening process.
Transactions or message screening screens the movement of funds, goods, or assets between two entities or bank accounts. The data that is checked with transactions screening includes:
- Beneficiaries or remitters
- Financial institutions, agents, or intermediaries
- Text fields and payment references, including SWIFT messages for example
- Names of banks, routing codes and BICs
- International Maritime Organizations numbers
- Trade finance documentation, everything from data about importers and exporters to facilitators and shipping companies
- Exact geographical data of all stages in the process
- International Securities Identification Numbers
Why is sanctions screening important?
Sanctions screening is important for organizations to embrace for several reasons:
Some regulatory bodies and financial institutions require sanctions screening to stay compliant. It depends on the jurisdictions where the organization is located what kind of regulations apply. In some cases, firms can receive significant penalties or fines for not being compliant.
Sanctions can pose financial risks for companies when current business partners or customers are suddenly sanctioned. Moreover, by using sanctions screening, firms can lower their risk because it enables them to detect and prevent sanctioned parties whom they should not do business with.
Sanctions screening can help you detect fraudulent transactions when sanctions lists include fraudulent counterparty data that show similarities. Sometimes companies also use private blacklists that include sanctioned beneficiaries suspected of fraud.
Anti-Money Laundering (AML)
In some jurisdictions, organizations must follow AML obligations that require them to screen current and potential customers. By scanning against sanctions lists, politically exposed persons, and other data, you stay compliant with the AML obligations.
Countering Financing Terrorism (CFT)
CFT obligations often go hand in hand with AML. It requires organizations to do sanctions screening to avoid the financing of terrorism. Failing to do so can lead to penalties in some jurisdictions.
When do you need sanctions screening?
In different jurisdictions, there are different bodies that require you to do sanctions screening to stay compliant. We’ll discuss the relevant sanctions screening lists for you to consider later in this article. It can also highly depend on the industry that your organization is in. For example, banks and financial institutions typically must comply with much stricter rules compared to other companies.
The main question to ask yourself is whether you think it is beneficial to do sanctions screening. Smaller companies with limited payments or partners may not see the need since they only have a limited number of transactions, whereas larger multinationals have a much harder time overviewing all the business partners as well as the transactions being executed. In the case of the latter, it might be smart to start looking into sanctions screening to comply with different regulations and to filter out any unwanted business activities.
Challenges of sanctions screening
Managing sanctions screening has become increasingly complex. Including sanctions screening in your financial processes and staying up to date can be challenging as is. Moreover, doing so effectively without disrupting the process for unsanctioned partners adds another layer of complexity.
Some of the other challenges organizations face with sanctions screening are:
The number of sanctions lists available adds complexity when you need to include several in your screening process. It can easily slow down the process when it is decentralized. There are several bodies with their own lists that are not always aligned and require a slightly different approach, data format, or system.
Complex technology stacks and processes
Sanctions screening is far from a simple matching process. In most larger organizations, data derives from multiple systems and processes, in different formats, which requires consolidation to ensure it matches with sanctions lists screening requirements.
Continuing tensions in the world keep adding sanctions that organizations need to comply with depending on their locations’ jurisdictions. It can be cumbersome for multinationals to oversee geopolitical sanctions when they operate in multiple countries that each have its own set of rules.
Lists keep changing
Sanctions lists keep changing based on the latest developments in the world. New entities and other data are added or removed all the time. Organizations must make sure to always keep up to date with the latest modifications.
Dealing with inaccurate data
Inaccurate data or screening results with many false positives can lead to a significant amount of extra work that can be avoided by making sure that the uploaded data is compatible with the sanctions screening lists.
Which sanctions screening lists are relevant?
The sanctions screening lists that are relevant for you depend on where you do business and the type of organization you are. For example, in the United States, the OFAC enforces sanctions screening, with severe penalties when companies do not meet the requirements. In the United Kingdom, the Office of Financial Sanctions Implementation enforces certain recommendations for different industries as well:
Here’s an overview of the most common lists that are relevant for sanctions screening:
OFAC Sanctions list
The OFAC Sanctions list applies to all US citizens, US companies, and entities that are using goods from the US. They also affect entities that have a US parent company, subsidiary, supplier, or other affiliation, or a local representative connected to the US.
HM Treasury sanctions list
The HM treasury sanctions list is compiled by the UK government and applies to all individuals and legal entities in the UK or undertaking activity in the territory of the UK. The Office of Financial Sanctions Implementation oversees the enforcement of implementations.
UN Security Council Consolidated list
The UN Security Council Consolidated List affects all UN member states. This means that all financial institutions and banks need to adhere to the UN sanctions in the light of anti-money laundering (AML) and the countering the financing of terrorism (CFT) program.
EU Consolidated list of sanctions
The EU consolidated list of sanctions affects all entities established in an EU member state as well as all EU citizens. The list combines three elements: the EU’s own sanctions programs, the UNSC’s sanctions, and UN sanctions that the EU has reinforced.
Most firms have their own private lists, either whitelists or blacklists, that they screen transactions against. Whitelists typically include suppliers or other business parties that are known to the firm and that have already gone through all the KYC processes. Blacklists could include employee information, known fraudulent names or accounts, or any other parties that firms wish to avoid transferring money to.
Sanctions screening best practices
To conclude, there are a few best practices that you can consider to make sanctions screening as efficient and accurate as possible. They will also help you minimize sanctions risks.
- Check which sanctions screening regulations are enforced in your jurisdictions and make sure to comply with them.
- Remember to do run regular sanctions screening to keep up to date with the latest changes including the most recently added sanctioned parties.
- Do both reference data screening and transactional screening to ensure both business partners and transactional counterparties are safe to do business with.
- Ensure your data formats match the sanctions screening lists to ascertain a smooth screening process and a reliable outcome. This will also lessen the number of false positives that you need to analyze.
- Screen your data against known lists with reliable tools that can guarantee to deliver the desired results.
- Do not forget to analyze flagged screening results and follow up with them to ensure the right steps are taken.
- Wherever possible, try to consolidate data and screening processes to save time and resources. The more systems you use the more complicated it becomes.
- Leverage automation tools for sanctions screening that screen on a regular basis or whenever payments are executed. This way you can avoid working with manual data inputs and screening results analyses that are time-consuming.