If screening engines present 99% false positives, how can we fix sanctions compliance?
Effective sanctions screening is an increasing priority for financial services firms in Asia-Pacific. Faced with mounting regulatory pressures, the existing risk detection capabilities that rely on rules-based screening engines and manual processes cannot keep pace. Financial institutions need new tools to accurately detect true matches and false positives.
Sanctions risk is a significant financial crime risk facing Asia-Pacific’s financial services institutions. The penalties for breaches of US sanctions have already seen non-US banks subject to fines totaling millions — even billions — of dollars. As US regulators continue to sharpen their focus on Asia-based financial institutions, current screening engines are struggling to handle the evolving complexities of sanctions compliance in the region. At the same time, globally, there has been an uptick in fines related to anti-money laundering (AML), therefore other regional sanctions regimes should also not be ignored.
Complex and evolving regulatory environment
The continued development and stringency of sanctions regulations require financial institutions to navigate a dynamic mass of, often complex, requirements, including:
Higher bar for sanctions compliance
Regional regulators have set increasingly high expectations for the design and execution of sanctions controls in financial institutions. Similar to expectations for AML transaction monitoring systems, regulators globally and around the Asia-Pacific region expect financial institutions to be able to demonstrate that their sanctions screening systems are configured correctly, and reflect the specific risks of the institution, its clients and counterparties.
For example, the Hong Kong Monetary Authority’s latest circular requires institutions not only to perform regular testing, but to provide information about how they are validating their system and ensuring the effectiveness of controls, and to benchmark its performance against their peers. This is a first for institutions in the region, with only few geared up to comply with the new requests.
Similarly, in Singapore, the Monetary Authority of Singapore’s guidelines on trade finance and correspondent banking highlight the sanctions controls that financial institutions should put in place to identify a potential direct or indirect sanctions nexus.
In Australia, local financial institutions are struggling to keep up with geopolitical changes that may have significant impact on their business model. This is happening primarily because Russia and Iran, two jurisdictions relevant to Australian businesses, are the main focus of potential sanctions from countries like the US. This, and the extraterritorial reach of the US for US-based people, is leading Australian institutions to ring-fence customers and employees, which limits the ability to have a single source of data for screening.
The People’s Bank of China (PBOC) requires institutions to maintain a screening system with a comprehensive list covering sanctioned and “Red Notice” persons, terrorists and other person listed by the PBOC or law enforcements. Institutions are endeavoring to demonstrate compliance to the same by using an automated solution.
Meanwhile, PBOC has increasingly focused on the retroactive search function in on-site inspection. With huge client bases, institutions are struggling with the time taken to complete retroactive searches.
Current screening testing is broken
These emerging regulatory expectations are beyond the capabilities of most of the screening engines. Existing screening engines are generally inefficient, with large numbers of false positives being generated due to rule-based alerts. Major pain points for the existing engines at Asia-Pacific’s financial institutions are the following:
EY has collaborated with leading vendors to build new tools to tackle these challenges
EY Secondary Screening tool analyzes historical operations decisions and intelligently prioritizes new sanction and politically exposed person (PEP) alerts based upon their likelihood of being a true match. Alerts identified as likely false positives can then be rapidly disposed of at the institutions’ discretion. Using a risk-based approach, it can consistently reduce alert volume by over 70%. The solution uses the following to help prioritize alerts:
- Risk-sensitive thresholds, to grow client appetite with regard to PEP and sanctions risks to drive the disposition of alerts.
- Advanced risk indicators to score each alert.
- Machine learning to identify false positives based on similar historical investigator decisions, where cases have been correctly closed or escalated.
- Network and entity analytics to detect customers in the same extended network as known PEPs and sanctioned entities.
- Semantic natural language processing to derive understanding from multilingual data and to identify additional high-risk entities, previously unseen by the primary matching engine.
EY teams also has developed its Screening Engine Quality Assessment tool (SEQA), which performs more than 100 unique variations of tests against the screening engine for regulation, compliance and internal audit to assess screening performance, giving financial institutions vital insights into the efficiency of their screening process and the effectiveness of their tuning efforts.
Financial institutions value SEQA for its:
- Targeted results which enable financial institutions to pinpoint areas for improvement in their screening engine.
- Up-to-date synthetic test pack automatically generated based on current screening list entries.
- Interactive results dashboard with advanced drill-down capabilities, allowing screening functions to visualize and interrogate test results.
- Performance tracking and benchmarking against global banks or market peers.
- Customized reports, including detailed analysis on missed alerts, effectiveness and efficiency metrics.
Global banks are using the tool to optimize and test screening engines, and to validate effectiveness and efficiency ahead of regulator reviews.
How to adapt to the new era of sanctions screening
To comply with screening requirements in the shifting sanctions framework at a sustainable cost, the region’s financial institutions need to:
- Urgently review their exposure
- Adjust their risk tolerance as required
- Put in advanced screening solutions that can identify false benchmark performance demanded by regulators
- Rationalize their watch list scope to further improve matching efficiency scores
Get your system tested to avoid potential regulatory actions and reputational risk.