top of page

Case Studies

Sanctions screening assurance

Are you missing something?

Sanctions Screening

You send and receive hundreds of thousands of messages everyday, so how do you know the right ones are screened?

 

OpusDatum can help you demonstrate that you are screening the correct messages.

The client

 

Our client is a global financial services provider engaged in retail, corporate, investment banking and wealth management. It has an extensive international presence in Europe, the Americas, Africa and Asia.

The problem

 

To service its global customer base, the client moves, lends, invests and protects money worldwide. It must comply with sanctions regulations. To meet its obligations, it must screen relevant messages against sanctions lists, such as OFAC and HMT. This should minimise the risk of any payments being made in breach of sanctions regulations.

 

The client’s sanctions policy, reflecting its risk appetite, prescribes which messages should be screened and which lists they should be screened against. Like many of its peers, the client’s policy excludes most domestic messages from the screening process. The policy was then interpreted by the business with the technology teams building it into the payment systems.

​

The risk owners in the business wanted to be able to demonstrate that all messages that require screening are actually delivered to the sanctions filter. With systems selecting which messages to screen, there is a risk that this decision is not in line with sanctions policy.

 

The client asked us to identify whether there were any screening gaps in their messaging environment. They also required a root cause analysis to determine what were the underlying reasons behind the potential screening gaps.

The scale and complexity of the UK’s financial services sector continues to make it attractive for criminals and corrupt elites seeking to launder the proceeds of crime.

National Risk Assessment 2020, HM Treasury & Home Office

What we did

 

Using our bespoke sanctions screening completeness testing methodology and OD Link tool, we were responsible for the end-to-end investigation. The following diagram provides an overview of the sanctions screening assurance process.​​​​​​​​​​​​​​​​​​​

 

Sanctions screening process

Key steps included:​

 

  • Understanding the multiple messaging systems operating in a highly complex global landscape.

  • For each system deemed in scope for the review, extracting several million messages from the data warehouse.

  • Loading the extracted messages into our review database.

  • Reviewing the client’s sanctions policy to establish a set of screening rules.

  • Building the rules into the review database and applying them to the extract of messages.

  • Making an independent decision as to whether each message would require screening according to the policy.

  • Taking an extract from the logs of the sanctions filters.

  • Looking for evidence that a message requiring screening was present in the logs.

  • Documenting all messages that were not presented to the filters for screening as required by the sanctions policy.

  • Investigating any exceptions to determine the root cause.

  • Modelling the client’s complex message routing algorithms to work out why it was not included.

  • Reporting findings to risk owners.

Outcome for the client

 

Our client now has confidence that they can demonstrate that they are sending messages for sanctions screen in line with their policy. Senior management and key stakeholders have good visibility over a process that was previously difficult for them to see.

Get in touch to speak to our team.

bottom of page