Sanctions screening, in its current state, is broken. In a time when cars can drive themselves and technology can outperform doctors in diagnosing brain tumors, false positive rates of 90% and above are viewed as acceptable within screening programs. It is time to challenge that status quo and redefine what it means to run an efficient and effective screening program.
A large U.S. bank screens tens of thousands of wire transactions a day. Conceptually, this screening is a fairly simple task—compare one set of information pulled from transaction data to another set of information found on a government watchlist. In 2019, it should be a fairly simple technological task as well. Yet, at a top 10 U.S. bank, a screening system flags one in every three wire transactions for manual review by a human. Ninety-seven percent of those transactions are cleared, most after less than two minutes of review because it is immediately apparent to the reviewer that the transaction poses zero sanctions risk. This bank is not alone—this is representative of an entire industry plagued by outdated technology.
It would not be a stretch to say that the complexity of sanctions policy has peaked in recent years. Since the September 11 attacks, the designation of sanctioned entities and places, as well as broader anti-money laundering regulation, has served as a key national security tool. However, that tool has been refined over the past 18 years, and that refinement has brought significant compliance challenges. Specifically, the addition and removal of persons, entities, aircrafts and vessels now changes on a weekly if not daily basis; the application of sectoral sanctions is unprecedented; and the increased use of secondary sanctions has expanded U.S. sanctions obligations far beyond U.S. persons or companies.
More recently, the U.S. Office of Foreign Assets Control (OFAC) has followed its complexity at the policy level with increased enforcement. In the first eight months of 2019, OFAC levied 20 enforcement actions totaling nearly $1.3 billion in civil monetary penalties. That is more than 16 times the total fines assessed in 2018, and nearly six times the total fines assessed in 2017 and 2018 combined. Moreover, the 2019 OFAC enforcement actions continue to raise sanctions obligations that are difficult to comply with, such as the “50 percent rule,” whereby a bank must discern the ownership structure of a company with which it is facilitating a transaction to ensure that such company is not 50% owned by another sanctioned entity or sanctioned entities. This is a rule that has been in effect since 2008, but has only been enforced in recent years.
In a sanctions compliance environment that is more intricate and filled with greater scrutiny, technology that is ineffective and detracts key resources from the real issues can no longer be accepted. Market-leading screening tools are using outdated fuzzy matching methodologies that flag transactions from senders in Alabama as potential matches to the terrorist group al-Shabab. They flag payments to Joe’s Pizza on 23 Cuba Avenue in Staten Island, New York as a potential match to an entity in the Republic of Cuba. They create repeated alerts on recurring transactions between the same two people. In the age of artificial intelligence and machine learning, screening systems should be able to discern the name of a person or entity from a location; they should be able to create rules for flagging transactions that are more sophisticated than identifying two common letters in a word; and they should be able to learn from past decisions made by trained analysts.
For too long, financial institutions (FIs) have accepted high false positive rates generated by market-leading tools as an indication or necessary part of a “safe” sanctions compliance program. This thinking, which exists on the part of FIs and regulators alike, has to stop. High false positive rates are not an indicator of extremely cautious screening; they are a warning signal of poor technology and potentially greater risks. The reality is that these same tools creating high volumes of noisy transaction alerts simultaneously fail during tests to catch complicated edge cases, such as transactions with misspellings, odd spacing and errors in punctuation. Moreover, every minute spent by a human reviewing an obvious false positive alert is a minute that the person could spend investigating truly suspicious activity. In a world where resources are finite, and global financial crimes compliance programs are catching only 1% of financial crime, head count cannot be wasted on matching errors. It must be allocated intelligently, and technology should facilitate rather than impair that smarter allocation. The screening technology stack of the future has to enable compliance teams to focus on true matches and true suspicious activity identified elsewhere in the compliance organization.
What is required is a paradigmatic shift across all stakeholders. Technology providers must internalize the unique challenges compliance organizations face and work to educate both clients and regulators on how their technology works in a hyper-transparent manner. FIs must embrace technology providers that have deep expertise in data science and machine learning and that understand the problem at hand. Last but not least, regulators must no longer treat market-leading tools that create dangerous inefficiencies with deference—if an FI cannot explain how their tool’s matching algorithms work, then that tool is not safer than a more innovative alternative just because it is already deployed.
A Starter: Things to Ask and Do When Considering a New Screener
- Is clear model documentation provided?
- What steps are used to cleanse, parse and enrich the underlying data before a match is made?
- Are different algorithms applied to different data types (e.g., free text vs. a name field), and can the thresholds for those algorithms be configured at the data-type level?
- How are alerts on reoccurring and duplicate transactions prevented?
- What are their average false positive rates?
- Pilot new technology in parallel test environments—a step the regulators encouraged in their December 2018 joint policy statement on innovation.
- How is ongoing system performance documented? Is there a breakdown by rule/trigger?
- How are various lists managed (e.g., added, deleted, changed)?
Investing in screening technology that reduces false positives does not inherently increase risk, nor is it solely motivated by cost savings. It is a step toward better resource allocation that can improve the detection and deterrence of financial crime. In a world in which compliance technology is effective, resources are freed to work on more fruitful initiatives, such as cross-team information sharing, collaborative relationships with law enforcement or conducting analyses to better identify high-risk indicators. When there is acceptance and investment in better technology, safety increases and improving the overall effectiveness of sanctions screening and compliance programs becomes possible.