Blog article
See all stories »

Sanction screening and AML control: the right or wrong approach?

Over the past decade the requirements for sanction screening and anti-money laundering (AML) control have increased dramatically, and regulators have stepped up enforcement. Estimates indicate that fines of over $25 billion dollars have been issued in the last ten years for AML and sanctions violations by regulators across North America, Europe and Asia Pacific.

The growing scale of the problem is also recognised by the EBA – with the banking watchdog warning recently on a wave of dirty money across Europe. This of course raises questions for both national and European regulators in combatting the problem. But banks must also take a proactive approach in financial crime prevention. The question is, are they handling sanction screening and AML controls in the most secure and efficient way?

Some banks only check incoming and outgoing SWIFT MT103 messages, for example by connecting using the sanction screening software on SWIFT Alliance. They pass the SWIFT messages through the sanctions screening system and only those messages that don’t show a violation continue. Similar solutions are implemented to check outgoing SWIFT messages, after they are produced by the relevant production solutions.

In my view this approach is short-sighted for a number of reasons. Firstly, it’s not exhaustive as some transactions are handled outside of SWIFT, e.g. using XML messages towards other payment platforms. Secondly, if you think about SWIFT MT103 messages, the information included is very limited and there isn’t enough data available to fully support sanction screening and AML control. Thirdly, many banks are unable to run these checks in real-time. This means certain business events may already have been processed and a new set of SWIFT messages created, before anyone realises there has been a violation. All related messages and accounting entries must subsequently be cancelled after the fact – a costly and time-consuming process for all involved. And that’s before we touch on the risk of sanctions and AML violations not being caught in time – with the potential for costly fines and reputational damage.

I advocate a different approach – one that ensures the relevant controls are carried out on the business events themselves in any product solution – not just on incoming and outgoing SWIFT messages. All checks should take place in real-time before any new outgoing messages are generated. Just as you check if the funds are available in an account before authorising a payment, so the sanction screening and AML controls should take place at the same time.

It sounds straightforward, but not all systems are set up to mange the controls in this way. With new ISO 20022 requirements for payments and master data management on the horizon for 2021 and the requirements for sanctions screening and AML only likely to increase, it’s essential banks start taking steps to prepare now.

4387

Comments: (1)

A Finextra member
A Finextra member 25 June, 2019, 15:23Be the first to give this comment the thumbs up 0 likes

In response to your third point, more banks are compelled to run such checks in real-time by the regulator and banks are carefully scrutinised to demonstrate their capabilities.  There are solutions in the marketplace, NetReveal being one I've implemented in a Challenger bank in the UK.  I agree its a costly process to establish and maintain for all banks but, non-compliance is not an option. Reliance on the MT103 message format is seen as a weakness, but as you rightly state ISO 20022 opens other doors to better execution.  

Rolf Hauge

Rolf Hauge

CEO

Commercial Banking Applications (CBA)

Member since

12 Jan 2018

Location

Oslo

Blog posts

6

Comments

0

This post is from a series of posts in the group:

EBAday

EBAday is the annual event for European payments professionals organised by Finextra and the Euro Banking Association. This community has been created to deliver a forum for EBA delegates to exchange views on instant payments, open banking and new developments in payments processing and technology.


See all