Regulators are now placing an increased focus on the quality of the self-assessments that firms perform on their sanctions screening programmes. Although the regulators’ attention is growing around how well sanctions screening software supports both compliance objectives and the wider crusade against financial crime, they are also becoming interested in the relationship between the firm and its technology.

The regulators’ emphasis on technology reflects the expanding importance of sanctions screening software in firms’ programmes. The speed of compliance requirements and the complexity around it mean that it is no longer possible for most firms to manage their sanctions screening programmes through mainly manual processes. The potential for operational risk and compliance risk is just too great. And firms who miss timely sanctioned screening are facing the risk of fines and media attention, damaging their reputations.

So, regulators now argue that for most firms, software screening technology is essential. However, because of the greater use of sanctions screening software by firms, regulators have increased their sophistication in terms of understanding the technology, and how firms should be engaging with it. So, regulators are examining firms’ self-assessment questions around their sanctions screening software, and how the answers reflect on the relationship between the software and the rest of the firm’s sanctions programme.

Thinking like the Regulator

So, firms’ self-assessment questions – and answers – need to help bring to light the relationship between the firm and its sanctions screening software. Ten key self-assessment questions that firms should be asking themselves, in light of this enhanced regulatory focus on technology, include:

1. Does your firm have a clear policy on which customers, counterparties, transactions, and related data are subject to screening?

2. How well do your sanctions screening policy and processes align to the risks that your firm is exposed to?

3. How does the firm become aware of changes to the sanctions screening lists that it follows?

4. How fast are sanctions screening lists updated when changes are made to the sanctions lists that it follows?

5. How robust is the accuracy and completeness – integrity – of the data used in the sanctions screening process?

6. Does your firm evaluate its screening capabilities so that its screening software is adequately calibrated for its needs, including the regulatory demands imposed by jurisdictions that are applicable?

7. Are customers rescreened after every update to sanctions screening lists?

8. What level of false positives are being generated by the sanctions screening process and how does this benchmark against other firms with a similar footprint?

9. Do you regularly test/measure the effectiveness of the software? How often is this done? How is this accomplished? 

10. Is the team responsible for sanctions compliance properly resourced and skilled to effectively perform sanctions screening? This includes having sanctions screening software in place, being trained to use and maintain it, and being able to explain the role of the software to other stakeholders?

Self-assessment questions that are focused on the role of the technology help the firm ensure that it is engaging with sanctions screening software to support its compliance goals. The right questions – and answers that show real engagement – also provide evidence to the regulator that the firm understands the role of technology and the value that it can bring to delivering compliance.

Building a Relationship

When purchasing sanctions screening software and watchlist data management solutions, firms should make sure that they are partnering with a company that is able to support an implementation that can deliver the right relationship between the firm and the technology. This will ensure that firms can deliver the right self-assessment outcomes over a period of time.