What makes an effective Sanctions screening compliance program?
International Sanctions regimes are currently in the spotlight. This is something which we have a duty to implement appropriately and an opportunity for us to demonstrate solidarity with the people of Ukraine.
Regulators and industry bodies across many sectors are reminding member organisations of their legal and regulatory obligations as focus shifts towards compliance. However this is not just for the regulated sectors to apply.
The following need to make sure they comply with sanctions regimes in the UK :
- anyone in the UK (including its territorial waters),
- UK nationals outside of the UK, and
- bodies incorporated or constituted under the law of any part of the UK.
UK sanctions measures are also given effect in the British Overseas Territories and Crown Dependencies. An organisation with international operations, or that deals in currencies other than sterling, will also need to understand the requirements of relevant local financial sanctions regimes.
Notwithstanding these legal and regulatory pressures there are also big reputational impacts for any organisation who fails to address these risks in an ethical way. Ensuring compliance with international and domestic sanctions regimes is therefore an essential element of any organisation’s Environmental, Social and Governance (ESG) program.
So what makes an effective sanctions screening process? We asked our very own Neil Tyson Director and Founder of Rightway Compliance for his thoughts and this is what he had to say:
“Unlike Anti-money laundering (AML) requirements there is nothing specified in UK legislation as to what organisations must do in order to comply, however there are legal and regulatory implications if an organisation breaches sanctions regimes. This includes criminal penalties (up to 7 years in prison) as well as civil monetary penalties for both individuals and corporate bodies. Some regulators have set out guidance and the most comprehensive is that from the Financial Conduct Authority.”
He goes on to say that:
“It makes sense to view your sanctions compliance framework in the same way as other financial crime risks, this includes having:
- an effective governance structure with clear roles and responsibilities;
- a documented risk assessment;
- documented policies and procedures;
- effective implementation through staff training and supervision; and
- ongoing monitoring and independent review
There are similarities between Sanctions screening and AML due diligence however there are also some important differences. For example under AML legislation if a customer or supplier is identified as a Politically Exposed Person (PEP) then that does not preclude an organisation from dealing with that person, if however a customer or supplier is identified as a sanctioned individual or entity then it is illegal to continue to deal with them unless a licence has been granted by the government.”
It is important to remember also that the destination of a payment is just as important as the ultimate beneficiary. In the recent enforcement case against Clear Junction Ltd a monetary penalty of £36,393.45 was issued as a result of 15 transactions made to accounts held at Russian National Commercial Bank (RNCB) in contravention of the Ukraine (European Union Financial Sanctions) (No2) Regulations 2014. These transactions were identified through analysis of the BIC code (bank account code) for the transactions which showed the receiving bank as RNCB. It is clear therefore that organisations must ensure they carry out due diligence on banks and financial institutions involved in transactions to ensure they do not breach financial sanctions. Although banks have their own role to play in this monitoring it is clear that all organisations have to play their own part too.
When conducting screening of customers, suppliers and third parties it is important that the screening is effective whether it is conducted manually or by using one of the many automated solutions on the market. If an automated service is used it is important to make sure it is screening against all relevant lists and that it is calibrated to reflect the organisation’s risk appetite and not just using the default settings of the software vendor.
A common mistake is for organisation’s to assume that the Office for Sanctions Implementation (OFSI) consolidated list includes the details of all sanctioned/proscribed individuals and entities. This is not the case particularly when it comes to terrorist groups and organisation’s owned by sanctioned individuals and entities.
At the heart of an effective Sanctions screening compliance program is a documented risk assessment using recognised risk management principles. For smaller organisations this could just be recorded in a simple spreadsheet however larger more complex organisations will probably need something more sophisticated. We use Arctic Intelligence’s Risk Assessment Platform to power all of our financial crime risk assessments for clients. Using a tool such as that is helpful to ensure consistency of approach and sharing results, it can also cope with consolidating multiple assessments across different departments or business units.”
Rightway Compliance has produced an on demand digital course which provides all the information you need to ensure your Sanctions screening program is effective .
We can also provide an independent review of your existing sanctions programme to provide assurance regarding its design and operational effectiveness. To discuss how we can help you implement an effective Sanctions screening program please get in touch or book place on our training (5% of proceeds from this training and services will be donated to charities supporting people impacted by the situation in Ukraine).