For many companies, the failure to keep fully compliant with expanding sanctions, regulations and procedures can be a fateful mistake. In this article, Parth Desai, Founder and CEO at Pelican outlines how a best-in-class sanctions screening process can be put in place.
The variety of companies hit by over £250bn in regulatory penalties issued globally since 2008 spans virtually every business size and type, from small solicitors to global consumer services enterprises.
PayPal for instance, was fined over US$7m for breaking the Weapons of Mass Destruction Proliferators Sanctions Regulations after unwittingly processing payments for a sanctioned individual. US medical company Alcon Labs was fined more than US$7m for selling medical equipment to customers in Iran and Sudan, while the PanAmerican Seed Company was fined US$4.3m for selling flower seeds to Iranian distributors.
Increasingly, personal executives have also been held to account and individually fined by regulators following corporate non-compliance, and the negative impact on business reputations can be even more significant than the direct financial penalties imposed.
“Despite these risks, there is still a reluctance among some companies to onboard proper sanctions screening processes, with many erroneously believing it is enough for their banks to do all screening,” says Parth Desai, Founder and CEO at Pelican. “As many companies have learnt the hard way, there is no excuse the regulators will accept for a failure to put in place adequate systems and processes to ensure all relevant sanctions obligations are adhered to.”
Facing increased instances of fraud and money laundering, financial regulators globally have introduced a wide range of additional measures to make it harder for criminal and terrorist entities to transfer and launder money.
“Aside from the obvious negative consequences of non-compliance, there are a number of positive benefits for companies ensuring suitable screening systems are in place – these can include enhanced credit status and improved access to working capital,” says Desai.
“In contrast, businesses found to have inadequate compliance procedures in place can expect a wide negative reputational impact – one that affects credit status and can even delay payments processing by their banking partners,” adds Desai, “All of which should be compelling reasons enough to review corporate sanctions screening.”
This is especially true for larger corporations, where legacy systems and processes can often be in place, and the number of territories they operate in can be greater.
The weakest link
In addition to compliance obligations, companies face the growing risk of payments fraud. There are several steps businesses can take to address these challenges.
“Any review of a company’s sanctions compliance and fraud prevention procedures should include a comprehensive overview of the payments system,” says Desai. “From client on-boarding to transaction management, it is essential to monitor and screen every process along the full payments chain, to understand each payment as it goes through a company, to identify where it came from, where it is going and why it is being sent.”
Ideally, systems should be put in place that act as a filter between all payments being received and being processed as part of a continuous process. All potential ‘hits’ discovered by the filter should be fully analysed to reduce the amount of false positive rates to between 5% and 10% – the same level as banks.
“Cutting the false positives by this number can help businesses significantly reduce the impact these have on both costs and time spent resolving issues,” notes Desai. “When we apply this to large multi-nationals – where transactions per month can be in the tens of thousands – this becomes a significant benefit.”
While many companies around the world are either planning, implementing or already using sanctions screening and fraud prevention solutions, others are still facing either compliance disaster or fraud exposure as they weigh up related costs.
How companies handle their data is no longer simply about compliance – it is a competitive differentiator. Firms that fail to have a cohesive strategy and programme in place will struggle to succeed at best, or create a ticking time bomb at worst.
“Action is better than inaction – and complacency can lead to disaster,” concludes Desai.