May 20, 2021
By: Sadi Bezit*
In today’s world, it is critical for financial services organizations to have a single, 360-degree view of customer risk. Organizations need a view that is enriched constantly by internal and external data sources for accuracy. Moreover, this view should extend beyond the data that can be obtained from the current sanctions list providers.
The main underlying challenges most organisations are facing are twofold:
- How to quickly act on revenue opportunities while at the same time avoiding too much friction in your customer interactions? For instance, you may want to prevent your customer from going through too many onboarding steps, given the lack of information you have on his background.
- How to enrich customer and counterparty profiles with the latest intelligence so that a new level of customer centricity is reached, and you are in the knowledge of a full picture on the nature of his business?
These challenges can be overcome, but in order to do so, organizations need the right building blocks in place, such as comprehensive customer data; accurate sanction risk scoring; proven intelligence based on reliable information; ongoing monitoring to avoid a degradation of your scoring accuracy; and efficient detection of any changes in your customer profiles. These elements will create true customer lifecycle risk management which will avoid wrongly tagged customers and inaccurate sanctions risk ratings.
The Elements of an Effective Sanctions Technology Solution
If the proper building blocks are not put in place, there is a risk that the sanctions technology you choose to implement will be unreliable and the accuracy of your risk score may decrease. Also, in that context, the time and effort required to meet quickly changing regulations continues to outpace the teams hired to tackle them.
It’s clear that sheer manual horsepower isn’t the answer. Regardless of resources, it takes longer than ever to onboard new customers and conduct ongoing reviews. This presents competitive challenges, lost opportunities, and poor customer experience.
Therefore, if you want to avoid falling into this trap, the technology or platform you choose to implement will have to cover the following requirements:
- The capacity of this technology for orchestrating the aggregation of data from a comprehensive variety of global data sources, returning the intelligence needed to enrich customer profiles.
- The tracking of the data you have chosen to import or pick up when handling a customer case in your workflow—until final completion and approval for onboarding or rejection of this same customer.
- The capacity for this same technology to leverage the most modern and innovative AI-powered technologies in order to access both traditional and open-source content, structured and non-structured, and to learn from previous alert dispositions and case resolutions.
And the happy consequence of this advanced technology now made available to the market is:
Firstly, at the onboarding stage, your technology should be capable of efficiently handling multiple relevant sources of information, including complementary sanctions lists, BO & shareholder data sources. It should also allow you to set up configured searches customised to the needs of an organisation exposed to permanent sanction risk. This becomes important when failing to detect the sanctioned hidden entities which are connected to the main entity under investigation.
Secondly, and no less critical, this same technology will allow you to:
- Reduce the amount of effort needed to conduct research.
- Avoid hits repeating themselves.
- Constantly enrich your customer case once open in your workflow. This case will be reinforced by the extraction of insights from social media sources and other reliable data sources, allowing you to have it updated at any time.
- Keep away from long IT integration projects, as well as tasks that were formerly done manually or that required multiple steps, and which could now be completed quickly.
- Simply and automatically save time and effort while enabling investigation teams to comply with confidence their tasks.
- Reduce customer friction.
- Augment an investigation team´s reach and capabilities.
Case Study: Following the Adoption of the Previously Described Technology.
A major European bank addresses operational inefficiencies of the Sanctions investigation team and triples investigation capacity. The following observations are derived from an operational study on the grounds that I conducted as a consultant with a very detailed measurement of every step of the investigation process.
- What were the tangible benefits derived from the adoption of this technology?
The investigation was based on advanced workflow tools which intelligently and automatically aggregated and filtered data from a wide variety of data sources, returning the intelligence needed to enrich customer profiles. The underlying data ingestion engine was acting as a datahub. This data hub was using multiple connectors and APIs which has made possible this automated data consolidation from different sanctions and corporate data related providers.
And this was a significant step forward that the customer gave, compared with the previous situation where each and every investigator had to jump from one data source to another, perform manual searches with more or less focus according to the investigator´s skills and experience, and aggregate the information obtained under the same customer record. All this without having the certainty of having obtained the relevant information needed to characterize and profile any PEP or sanction related entity.
It also has enabled us to continuously monitor data sources for list and record updates, event changes, correlating and matching this third-party data with enterprise data to remove duplicates and provide an accurate single source of truth about the customer. The previous situation lends itself to conflicts of records and names, given that there was no matching and entity resolution being performed between the internal customer records of the organisation and the newly obtained customer records from external data sources and sanction lists. As an example, would the PEP Smith Journey be appropriately matched against an existing customer Smith John Journey and once the matching was performed, would any new negative news on this PEP be ingested against this single consolidated record?
- Was it beneficial enough for the investigation team and to what extent?
Risk decisioning was made much faster and earlier enough in the investigation cycle, requiring fewer investigation resources. This would translate in practical terms into having the certainty for the investigator, with a high enough probability level, that the record is clean enough at the onboarding stage, free of any suspicious related sanctions or negative news inputs.
Also, the new improved accuracy provided on the customer record in terms of the underlying ownership structure, and verification of legitimacy, as well as consistency of the activities being declared, has allowed the firm to take on a new level of customer centricity and quickly act on opportunities and threats throughout the customer lifecycle. It also enabled relevant external record databases to be automatically matched against internal customer databases. With a matching logic based on specific entity resolution rules and matching logic really making sense to the organisation, avoiding a redundancy or conflict of records inherent to each and every organisation nowadays.
Results were impressive, with 90% of investigations cleared within minutes with accompanying investigation results reports.
Previously to that new implementation, investigators were not able to build audit reports summarizing the investigations undertaken, the information obtained, while proving that an exhaustive search had been undertaken on the customer record. With seamless access to all reachable web and data sources, saving themselves a tedious report elaboration work and manual insertions into those same reports.
The other reason being that mapping those sources from a report tool environment requires IT skills which are not necessarily available to users. Also, when a new release of the report tool had been installed, or the data sources feeding the report were subject to underlying new database release updates, as this is the case for most of the IT environments, the mapping had to be redone and users fall again under the constraint of having to depend upon IT resources to solve their issues.
Another significant benefit was that the investigation process was standardised. It resulted in consistently high-quality automated investigation reports incorporating firm logo and good & relevant data classification. Also, date/time stamped PDF were elaborated on, allowing the creation of permanent records, therefore fulfilling regulatory requirements, which was of a great relief for users. And those reports would include critical fields such as:
- UBO & ownership structure / description
- PEP & adverse news related information
- Background checks on activities being declared
- Court filings
- International Maritime Organization “IMO” number of vessels being declared
- Terrorist & Sanctions lists / external repositories against which searches have been performed
- Google & Google Maps search results
- Public domain repositories such as Companies House in the UK and results of the checks which have been performed.
Also, it would no longer be possible for manual sorting and filtering to trigger a risk of non-detection of suspicious activities at the onboarding stage. This would significantly lower the risk of obtaining a false negative.
- What did I observe on the ground with an accurate measurement of time using a stopwatch?
The team was comprised of 60 investigators who were conducting an amazing total of 40+ steps per investigation. Databases including World-Check, RDC, Lexis, and credit bureau reports were each consulted separately.
The typical investigation time was drastically reduced from one day ( 5 effective investigation hours ) to almost 1 hour, which enabled investigators to complete, on average a new rate of around 30 investigations per week. The previous capacity was therefore more than doubled upon the customer requirements to accelerate the onboarding over one week, at the same time that the workforce was reduced to around 20 investigators.
Last but not least, and we all know that the devil is in the details, investigators would never have to key the entity (e.g. Robert Jones or ABC Corp) and supporting information repetitively to initiate each individual database search. Therefore, they would not find themselves with messages like, “You’ve exceeded the maximum number of search results.”
* Sadi Bezit works as Fraud & AML Subject Matter Expert, applying his knowledge and more than 20 years experience to support organizations mitigate their risks from serious and organized crime in the regulatory landscape. Sadi is also a Member of the ACSS Sanctions Innovation Technology Task Force (SITT).
* The results mentioned in the study have been consensuated with the customer.