What is the best way to screen your customer and transaction data for sanctioned entities and politically exposed persons (PEPs?) This is not an easy question to answer. Many people would say there is no right answer as it is dependent on many criteria. Some criteria to consider, the type of organisation you are, your regulatory obligations, your overall risk appetite, your budget, your organisation’s skills and experience, and much more. One certainty is that it will always be a trade-off between effectiveness and efficiency. Ideally, you want your screening system to be both;
effective – it matches on as many of possible of the sanctioned entities and PEPs in your data
efficient – it creates as few false positives as possible
In simple terms, to ensure your screening system is effective, you would typically set a lower threshold for your matching algorithm – the equivalent of casting a wider net. This should mean that the system matches on any sanctioned customers or PEPs, but you will also increase the number of false positives. So you will reduce your risk of a regulatory breach which could result in huge fines and other penalties. To achieve this you might need to scale up your AML team to deal with all those alerts – and that can get expensive. Alternatively, you could set a higher threshold which will improve your efficiency – but you might not spot some of the issues in your customer base. There is much more to making your screening effective than tweaking your thresholds, which we will cover in a subsequent article.
When SQA Consulting tests screening systems, we show the results on a quadrant diagram (similar to the Gartner Magic Quadrant) with effectiveness on one axis and efficiency on the other. Ideally, the best position to be in is the top right, but it can be difficult to get there.
Here are a few things that you should consider to get your screening to a level of efficiency you are comfortable with:
- Which PEPs and Related Close Associates (RCAs) are you screening for? Many screening providers allow you to switch screening on and off for different categories of PEPs and RCA. For example, do you consider Regional Government Officials to be within your risk appetite or just National Government Officials? Our article on Politically Exposed Persons explores this area in more detail.
- Which lists do you screen against? It can be easy to think that you might as well screen against all lists – that’s safest right? True, but it will also create many more alerts. Make sure you know which lists you MUST screen against for regulatory reasons and which lists you WANT to screen against for other risk management reasons. You may be able to deselect some lists without impacting your overall risk profile. For example, some list providers include Advisory lists and other non-regulatory lists that may not be relevant to you.
- Sanctions list data is not perfect, and nor can it be expected to be so. The authors of the lists try to be as thorough as possible, but this means including as much detail as possible including weak aliases – where there is less certainty that the alias is genuine – and partial names. These types of list entries can sometimes create many false positives. Depending on your risk appetite, you may be able to eliminate these.
- Some sanctions lists include a wide variety of reference points, not just the names of individuals and companies. These can include Vessel names, International Maritime Organisation (IMO) numbers, Aircraft, Digital Wallet addresses and Chinese Telegraphic codes. Once again, depending on the nature of your business and your risk appetite, you may be able to eliminate these from your screening and reduce false positives. The links above will take you to more detailed articles on these subjects.
These are just some of the options available. SQA Consulting can help you fine-tune your screening and get the right between effectiveness and efficiency.