This summer, the FCA issued a letter to the Chair of the Treasury Select Committee, answering questions on new sanctions that have been created following the invasion of the Ukraine by Russia. In the letter the FCA said that it will be automating its review process. In the past, it conducted on-site meetings, using face to face interviews and document and process reviews to determine how effective firms’ sanctions systems were.
The FCA also announced plans to roll out a new analytics-based tool, which tests how effective firms are at identifying sanctioned parties. The tool will use test data, generated by the FCA, of around 100,000 entities. Firms will be required to run this data through their systems, which will enable the FCA to determine how effective a firm’s systems are in detecting sanctioned companies and individuals.
This new approach will be a lot less labour intensive and produce more accurate outcomes. And it means a lot more firms will come under the microscope and can instantly determine whether a firm is meeting the required standards. So financial firms really need to ensure their sanctions systems – and processes – are up to scratch. What are the questions your firm needs to ask to find out if your systems are fit for purpose?
- When was the last time you independently tested your screening platform? Testing is imperative as it help firms detect sanctions violations. The configuration of the screening solution needs to be tested for efficacy and efficiency. Testing often spells the difference between compliance and infringement to sanctions regulations.
- How well maintained and up to date are your platforms? It’s all very well having a system in place, but it’s only as good as its last update. Updates can include system performance updates and changes to improve efficiency, but regulatory notices and changes should also be taken into account. These will ensure your system is operating at maximum performance, robustness and efficiency.
- How well do you understand the fuzzy logic being used within the screening platform? Fuzzy logic is often the crux of sanctions screening systems. It sorts the wheat from the chaff, by setting a threshold within the settings to remove unnecessary ‘noise’ from alerts allowing teams to focus on the higher risk alerts. If this fuzzy logic is not fine tuned it could result in your resources being inundated with unnecessary alerts. Fuzzy logic is the area where the biggest savings can be made, but at the same time, brings the biggest risk that alerts could be missed. It’s a fine line to manage and requires constant monitoring, retuning and understanding of what it is doing and why.
- Does your platform consider ultimate beneficial ownership (UBO) and how is this detected? If not, you could be in serious trouble. Changes to UBO legislation has changed considerably with the Ukraine war and your systems need to be fit for purpose.
The FCA’s new approach means there is nowhere to hide. At the push of a button, the FCA can now prove how well your systems can accept, digest, screen and report on a substantial data set. So not only will they be interested in the results, they will also monitor the process to determine how robust and agile your system is. Things have suddenly got real with the FCA and its sanctions regime – real time, at least. And the firms that take no action, will be the ones that are left exposed.
Want to know more? Valcon can help you prepare for such tests, by independently working with you to assess your systems and controls or post testing to address any gaps or actions. Please contact the fincrime team for a discussion on how we can support [email protected].