Improving screening effectiveness

In a volatile AML-CTF landscape it is critical to improve the speed-to-compliance. However, achieving a faster response can be self-defeating if it introduces compromises to compliance effectiveness. Simply making existing processes faster might yield short-term tactical gains but can lead to a primary focus on supporting the status quo. This approach can lead to a lesser resource capacity for continuous compliance improvement. Innovation in screening programmes must therefore also consider how the standards of compliance effective can be raised in the short-term whilst also delivering capability and capacity that is ready for future challenges.

Screening capabilities for all target types

Compliance screening used to be a relatively binary process: governments issued lists of sanctioned geographies, persons, or entities; these lists were then screened, with the outcome of a determination if a target matched against a client record or transaction. Today the task is more complex. Screening requirements now include a broader range of risk types, for example, beneficial owners, persons of significant ownership, family members and professional associates, or even certain capital markets instruments, financial services, or manufactured goods. Furthermore, not all sanctions targets are cited on tangible lists or even pseudo-lists. This reality requires more investment in understanding screening data requirements and for the procurement of the right data. Institutions must also ensure that screening technology has a comprehensive technical capability to screen the full spectrum of risk, regardless of type. To be successful, appropriate screening methodologies must be implemented and maintained for each type of sanctions target.

Matching techniques for diverse risks

Expansive and complex sanctions requirements require a continuous review of the rules used to determine potential correspondence to risk. For example, would an alert be triggered for a sanctioned company from Russia if a Ukrainian variant of that name was transcribed phonetically for use in Germany? Phonetic name matching has been developed into many screening tools. However, achieving a deep understanding of how matching technology works – so that rules can be defined and maintained properly – is difficult if the “explainability” of matching algorithms is not a fundamental design feature.

Additional false negatives countermeasures

False positives reduction, or optimisation, is a priority for many institutions managing the inevitable consequences of screening massive client or transaction data volumes. Much progress has been made in these scenarios to deploy robotic automation or machine learning to investigate, categorise and route alerts quickly and efficiently. This push to increase operational efficiency has clear compliance benefit of releasing resources for more qualitative tasks. However, institutions could also consider implementing a second layer of controls to reduce the risk of false negatives. For example, re-screening data that did not trigger alerts in a primary screening process could identify undetected risks, notably when newer technology is used in a secondary process.

Responsive impact assessments

The intensity and velocity of AML-CTF screening – and the high cost of a compliance failure – has created operational environments that have little time to model the impact of new requirements and then to configure accordingly. This is often an issue when there is a dependency on older, less nimble technology that is difficult or time-consuming to test new rules quickly. The lack of a timely impact assessment can then create downstream operational issues. Moving to towards more responsive testing and modelling in can mitigate these issues and ensure a better focus on managing risk.

Beware – Technology Debt

In summary, technology should always be an enabler of compliance effectiveness, never an inhibitor. The focus of screening technology is, inevitably, on short-term imperatives. However, the impact of technology debt on long-term compliance should not be underestimated.

Audere est facere

The early months are critical for any start-up, and they certainly are for Facctum too. We have been thinking hard about the kind of culture we want at Facctum. In simple words, we are striving for a ‘connected’ culture. Our colleagues, customers, and partners to be always connected. Many exciting steps are being taken to achieve this – none more exciting than the highly talented colleagues already on board and several more in the pipeline, and another equally exciting project is our in-progress office at Vaswani Augusta @ Embassy Golf Links Road in Bengaluru. 

We have had multiple debates on the pros and cons of getting our own office. Do we really need it? In the end, we decided in favour of it because we believe that an office is the ideal setting to learn, contribute, challenge, and produce. Collaboration at all levels is key to building connected culture. We want to motivate rather than mandate. So now we are working hard to create a safe environment where our colleagues can enjoy their work, collaborate with one another, and achieve their objectives as well as those of Facctum. Our office represents a force for unity, stability. positivity, direction, and celebration. We, at Facctum, are passionate about real interactions – we want debates, discussions, and then decisions – all to enable our colleagues as well as Facctum to achieve our full potential. We want to work hard for our customers – we will go to any length for customer success. The design of our office is being done to create a modern setup with a clean and cosy experience. As employees seek greater connection with fellow colleagues and aspire to be part of a cohesive team, we believe that creating more opportunities to engage in team settings, especially for our younger colleagues, will accelerate learning and development for all colleagues at Facctum. When the day is not going well, an office setting can also be immensely helpful for emotional bonding. We will surely have a few of those days! 

We are looking forward to move-in by July 1st – hoping to see our colleagues forge friendships, build relationships, and we invite you to come and experience Facctum at its best at our new Bengaluru location. We have colleagues in Pune and London locations, and these are and will remain strategic locations for Facctum. While we aren’t yet getting our own offices in these locations, we are still as committed to providing an office environment for our colleagues from co-working locations. After all, it is not about the office; it is all about belonging. 

We look forward to welcoming customers, prospects, partners, and of course our current and future Facctum colleagues.

Achieving effective speed-to-compliance

A critical objective of a financial crime risk management strategy is to ensure a rapid and agile response to new or evolving AML-CTF risks. Screening programmes that respond quickly and effectively to new compliance expectations not only reduce institutional risk exposure: they can also ensure that sanctions targets have less time to move or hide assets. 

However, achieving speed-to-compliance that is effective and sustainable operationally is increasing difficult. These challenges have increased in the contemporary context of complex, expansive and high velocity international sanctions following the invasion of Ukraine by Russia.  

In addition to the continuous assessment of threats and regulatory requirements, a strategic FCRM plan must also consider the capacity and utility of operations and technology resources. Components of an AML-CTF control framework that are critical in delivering speed-to-compliance include: 

List Management

Ensuring that all the sanctions lists required by an institution are available in screening programmes has become an increasing complex task. Unique list requirements are set by many different jurisdictions and by multiple government agencies within those jurisdictions; and these agencies can publish multiple lists. Operational complexity is increased by multiple types of data formats and targets. At the same time, a higher update velocity must also be managed to ensure that all required list data is available for continuous screening. Managing these tasks requires list management software that can be configured quickly in response to increases or changes in any of these variables and that there is adequate capacity to address future demands.  

Data quality assurance

Whilst there are laudable initiatives to standardise the formats of sanctions lists, it remains the case that an institution is likely to source sanctions data in many standards or formats. Once retrieved, these disparate data sets are typically primed for screening using various data management processes. Ensuring the speed, accuracy, consistency, and resilience of these processes is critical. As a result, additional investments are being made in data management and governance capabilities to improve data configurability, real-time reporting, and operational analytics – with the objective of ensuring the timely response of screening technology to compliance policy objectives. 

Screening speed and scalability

The expectation that screening technology will respond promptly to new compliance requirements is accompanied with the assumption that compliance goals will be met without compromise to search accuracy or performance. However. adjusting to increasing operational load and heightened expectations, whilst maintaining, if not improving, speed, is increasing difficult if incumbent screening technology is constrained by technology debt. This requires institutions to reassess whether screening operations can continue to deliver sustained operational excellence – and for how long – or if newer technology can provide improved speed, risk detection and scalability to increasing data volumes. 

Tuning and testing

Increases in the range of direct and in-direct sanctions targets have the potential to slow down compliance processes, especially if screening systems are not supported with additional resources. The traditional short-term response of adding headcount to operational capacity might still be valid but investment in AI-led automation is increasingly preferred. However, either approach can be made more effective and efficient by more focus on the upstream modelling and testing of the impacts of new screening requirements. To avoid a compliance gap, this testing should take place in real-time, without incurring an operational penalty. 

In summary, the pace and intensity of today’s regulatory compliance requirement is placing additional demands on screening operations. Technology innovation that delivers low-latency processing and capabilities for handling massive data can mitigate these challenges whilst increasing speed-to-compliance and providing additional capacity for future needs. 

The next post in the series will consider the challenges of improving the compliance effectiveness of screening and how technology can lead the response.