The Wolfsberg Group’s guide on sanctions screening defines screening as ‘a control used in the detection, prevention and disruption of financial crime and, in particular, sanctions risk.’ Explained simply, it compares data sources, usually strings of text, from a financial institution’s operations, such as customer, transactional, and other records against lists and other indicators of sanctions risk. These lists typically include sanction lists, Politically Exposed Person (PEP) lists, adverse media lists from regulators or data vendors, and even bespoke white/ black lists of financial institutions (FIs).
The generation of a match or alert through this process indicates a risk, which can then be investigated to confirm or discount any potential activities of money laundering or illicit financing. Although this seems straightforward, much complexity is added to this when processing large volumes of transactions, customer onboarding and sophisticated criminals trying to circumvent controls.
The most common red flags which indicate your screening processes aren’t up to the mark are:
1) Generation of too many false positives/ false negatives
With so much data to be processed and analysed, it’s essential that systems capture data in a clear, structured way. The more relevant data you have for verification, the lower the risk of false positives and false negatives occurring. This means, for example, gathering title, first, second, and last names in different fields. Not only does this avoid any potential ambiguity, but it becomes easier to match against data in external sanctions, watchlist or politically exposed persons (PEPs) lists. Exclusion subsets/whitelists or suppression rules can also be used to manage common false positive alerts requiring unnecessary manual reviews.
Advanced filtering and secondary scoring can be used alongside sophisticated name-matching algorithms to enable auto-discounting further reducing false positives. Even when there is a high confidence of a name match other secondary data such as date of birth/ registration, country of citizenship/registration/ residence etc may not match. These secondary data attributes can be automatically matched alongside the name to enable auto discounting when certain combinations/thresholds of both name-matching confidence and secondary data matching are not met.
By testing, tuning and running ‘what-if scenarios’ on a snapshot of historical data in an isolated environment, organisations can optimise rules without committing to changes in the live environment, thus reducing false positives to enhance operational efficiency.
Read more: 5 ways to reduce false positives in screening, from Napier AI’s Chief Product Officer
2) Lack of autonomy for compliance analysts
Many compliance analysts struggle to create financial crime typology rules effectively themselves. Testing new rules can take weeks to months, often reliant on external data scientists and consultants to manage the rule changes at great expense. In the absence of sandboxes, compliance teams often have prolonged cycles of communication involving explanations of rules and data, along with the refinement of rules. This process can result in significant frustration and increased costs for everyone involved. Some also take the approach of setting up an additional environment to run alongside the production system, which has proven to be both expensive and disruptive during upgrades.
This can be tackled by choosing an anti-money laundering (AML) SaaS which offers prebuilt typologies, and a sandbox environment. A sandbox is an environment that provides compliance officers a controlled and isolated space for testing and developing customised rules in their AML systems. A modern AML system must let you modify, test and improve AML rules in real-time and with live or test data in the sandbox area without any need to understand code or upgrade the software while adhering to your organisation’s risk policies and appetite.
This enables compliance professionals to compare and contrast results with current live screening configurations before making changes to the live environment via user access based controls.
Read more: 3 risks you’re taking if you don’t have a sandbox for AML
3) Integration challenges across multi-org businesses
Integration challenges across large businesses over multiple jurisdictions to newer platforms are a significant red flag in anti-money laundering screening solutions, often leading to additional costs in bridging these systems. To effectively tackle this, adopting modular solutions that offer autonomy, customisable workflows, and scalability is crucial as transaction volumes increase.
Multi-screening configurations are particularly beneficial, enabling businesses to adapt the solution across multiple jurisdictions as their needs expand. The right tools should deliver both simplicity and specificity: a multi-org deployment of an AML solution with multi-screening configurations allows for distinct risk management controls as business needs expand across jurisdictions.
This approach helps maintain varied risk appetites across different parts of the organisation within a unified structure, aligning with information security requirements and regulatory commitments. It mitigates technological and operational risks by giving organisations full control over permissions, data access, and workflow management within business units.
Additionally, cloud-based solutions leveraging architectural approaches like containerisation ensure effortless integration via APIs, seamless upgrades, and optimised resource utilization. This eliminates the need for costly and time-consuming maintenance and upgrades, thus reducing operational inefficiencies and enhancing overall effectiveness in AML efforts.
See how Banco do Brasil optimised sanctions screening with multi-org configurations
4) Difficulty optimising alert discounting
Once an alert is flagged, it's essential for the system to effectively automate the alert discounting process and identify which alerts require manual review. Utilising AI and machine learning insights can significantly enhance the optimisation of alert decisions and investigations. By dynamically learning from screening data, AI can enable decision recommendations and auto-decisioning of alerts, which in turn supports the ongoing refinement and tuning of screening configurations to further reduce false positives as risks evolve.
AI tuned to the bespoke risk appetite and decision making criteria of your institution should be trained to recognise what a good match looks like and determine whether an alert needs to be auto discounted/ decisioned.
Read more: Alert discounting in client screening, do’s and don’ts
5) Lack of regulatory reporting knowledge and reporting challenges
Another significant red flag in AML screening is the gap between regulatory knowledge and technical skills of analysts. Regulatory bodies often require a comprehensive understanding of the narrative behind rule modifications, including the sequence of actions, testing methodologies, and outcomes, while also ensuring data privacy and security. A robust sandbox environment with version control can bridge this gap by providing a centralised repository with a complete audit trail of screening configurations and version control.
Submitting Suspicious Activity Reports (SARs) remains challenging due to stringent global regulations. Collating the necessary data for a SAR is often time-consuming and complicated, as the required Know Your Customer (KYC) and transaction data typically reside across multiple sources. This manual process can result in poor-quality reports that enforcement agencies may overlook or reject.
Modern AML solutions, like Napier AI’s screening and monitoring, help automatically complete up to 80% of these forms for effective regulatory reporting. This greatly improves the speed and quality of reporting, alleviating the stress of missing the required reporting deadline.
Improve your compliance processes with Napier AI’s award-winning screening solutions
Get in touch to see how our intelligent platform can help your organisation transform its compliance; or request a free demo to see it in action.
