Sanctions look-back reviews are a critical regulatory tool used when financial institutions fail to maintain adequate transaction monitoring or screening programmes. These reviews can range from analysing a subset of client transactions to reviewing the entire bank’s operations over multiple years.

Regulatory bodies often require financial institutions to engage independent third-party auditors to conduct these reviews, ensuring an unbiased assessment of compliance deficiencies.

Our Client

Our client is a Tier 1 British banking and financial services company headquartered in London, with primary retail, corporate, and investment operations in the UK and the US, as well as a presence in over 40 countries worldwide.

Following an investigation by US regulators, the client received a Cease & Desist Order (CDO), requiring a comprehensive overhaul of their compliance programme in relation to US economic sanctions. The mandate extended globally, necessitating significant improvements in internal controls and governance structures.

The Challenge

The client was required to conduct an internal review of USD payments processed over a period of nearly ten years to determine potential breaches of US economic sanctions laws. This review entailed identifying transactions involving sanctioned countries, individuals, and entities, and subsequently reporting any breaches to US authorities, including the Department of Justice (DoJ) and the Office of Foreign Assets Control (OFAC).

Similar to many of its industry peers, the client was accused of removing key details from payment messages, so-called “stripping” which concealed the true origin of funds from US financial institutions. Although the client had implemented customer and payment screening measures, these controls lacked consistency across global operations and were not present from the inception of all applicable sanctions. A comprehensive review was necessary to assess the extent of the institution’s exposure and non-compliance.

The sanctions look-back programme was an extensive, multi-year initiative involving numerous stakeholders, including:

• Internal and external legal counsel

• Sanctions and compliance teams

• Payment operations teams

• IT and data management professionals

• Internal audit departments

The scale of the programme was compounded by the vast number of accounts and transactions requiring scrutiny. Additionally, much of the historical data had been archived across multiple data warehouses, necessitating complex data extraction, normalisation, and analysis processes.

Our Approach

We played a critical role in this multi-disciplinary programme as follows:

• Collaborative Engagement: We worked closely with internal and external legal counsel, compliance teams, and other external consultants to ensure the sanctions look-back review met all regulatory expectations and compliance requirements.

• Data Extraction & Analysis: Using our LinkPro tool, we extracted complete and comprehensive payment information from archives and data warehouses, enabling accurate assessment of historical transactions.

• Forensic Payment Reviews: We conducted deep forensic reviews to determine whether payments were ultimately processed. This included scrutinising the individual legs of transactions to establish their true origin and destination.

• Controlled Review Processes: We designed a controlled review process that incorporated inherent completeness and accuracy checks, ensuring that all identified transactions were systematically analysed without gaps or inconsistencies.

• Transaction Identification & Narrative Building: Using our HorizonIQ tool, we identified relevant transactions, reviewed all associated material, and constructed detailed narratives explaining why, where, when, and how each payment was made.

• Identifying Suspicious Payment Patterns: We assessed whether customers had engaged in similar transactions that had been disguised or involved stripping of key information to evade detection.

  
  

• Voluntary Self-Disclosure & Reporting: We designed, built, and operated Voluntary Self-Disclosure (VSD) processes to investigate potential breaches and ensure accurate reporting to the US regulators.

Key Benefits & Measurable Outcomes

At the conclusion of the sanctions look-back review, our client was able to agree a Deferred Prosecution Agreement (DPA) with the US authorities. With our assistance, our client had confidence to accurately report sanctions violations supported by comprehensive reporting packs.

Our client was also able to take significant steps to enhance further its compliance programmes, including the further development and implementation of a global sanctions policy which included a prohibition of transactions with entities on the UN, EU, UK, and US sanctions lists. Substantial investment was made in market-leading payment and customer screening technology as part of an improvement in overall sanctions governance.

After the look-back project, we continued to provide assistance in the remediation programme, ensuring long-term compliance enhancements and risk mitigation.

Protect Your Business from Sanctions Risk

Stay ahead of regulatory risks with our expert consultancy services and advanced tools like LinkPro and HorizonIQ. We provide comprehensive sanctions look-back review support to enhance compliance and mitigate risks. Contact us today.