EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Limited, each of which is a separate legal entity. Ernst & Young Limited is a Swiss company with registered seats in Switzerland providing services to clients in Switzerland.
Recent Searches
Four questions to guide financial institutions on ongoing KYC that effectively – and continuously – mitigates the risk of financial crime.
In brief
- Name screening is an ongoing process that requires continuous refinement to remain effective.
- A proactive approach is essential to keep up – and comply – with regulatory expectations.
- Name screening should be embedded in the AML framework to minimize risk and ensure effective management of financial crime compliance obligations.
The risks posed by financial crime are constantly evolving, and financial institutions must remain vigilant in their efforts to identify and manage them. Money laundering, terrorist financing and fraud are an inherent challenge in the banking industry. To mitigate these risks and comply with regulatory requirements, banks perform various know your customer (KYC) procedures. One of these is name screening, which is a key control in the bank’s AML (Anti-Money Laundering) frameworks that allows banks to identify individuals or entities behind the customer and validate the plausibility of their stated source of wealth. It is crucial to understand if the relationship with the customer brings along sanctions risk, PEP risk and reputational risk to the financial institution.
We believe name screening is a journey, and not a destination. It is an ongoing process that requires continuous improvement and refinement to remain effective in meeting the evolving regulatory requirements and in staying one step ahead of bad actors obfuscating their source of funds that are proceeds of financial crime activities. In this article, we explore four questions that will guide financial institutions towards a more proactive approach.
1. As a financial institution, how can we ensure that our name screening process is effective in identifying potential risks?
In a first step, adoption of a risk-based approach to name screening is crucial so that it considers the nature of your customers’ business, transactional behavior and other relevant factors with respect to the risk appetite of the financial institution. You can enhance effectiveness further by following good practices as described below.
Define risk criteria
Establish clear and comprehensive criteria for identifying potential risk factors, including sanctions lists, PEPs (politically exposed persons), and adverse media.
Use data and technology
Identify and use reliable data sources for name screening, such as industry-specific lists, regulatory lists, and reputable news sources.Screening technologies can also be used to quickly and accurately search and analyze large volumes of data to identify potential risks.
Validate results
Ensure that the results of name screening are validated and reviewed by trained analysts to ensure accuracy and completeness.
Regularly moniter and update lists
Regularly monitor and update lists of sanctions, PEPs, and other potential risk factors to ensure that the screening process remains effective.
Train employees
Train all employees involved in the name screening process, including front-line staff, compliance personnel, and senior management, on the importance of effective name screening and the processes involved.By implementing these best practices, you can ensure that your name screening process is effective in identifying potential risks and protecting your institution from reputational damage and financial losses due to financial crime.
2. What are the regulatory requirements related to name screening, and how can financial institutions ensure compliance with these requirements?
Financial institutions must meet various regulatory requirements related to name screening, including anti-money laundering (AML) regulations, know your customer (KYC), and sanctions regulations. To comply with AML, financial institutions are required, among other things, to identify and verify the identity of customers, and screen their names against sanctions lists, PEP lists, and other relevant lists. KYC involves collecting and verifying customer information, including their names, as well as conducting ongoing due diligence to ensure that the customer’s risk profile remains up to date. Financial institutions are also bound by sanctions regulations, which prohibit transactions with individuals and entities that are subject to sanctions. To ensure compliance, financial institutions need to screen customer names against sanctions lists and reporting any transactions that violate sanctions regulations.
A comprehensive compliance program should include policies, procedures, and controls to ensure compliance with regulatory requirements related to name screening. You should make sure that you keep accurate records of name screening activities, including the results of screening and any actions taken in response to potential risks. That way, you can demonstrate their activities – and due diligence – over time.
3. What types of screening tools and technologies are available for name screening, and how can we evaluate these options to choose the best solution?
There are various types of screening tools and technologies available for name screening, including the following broad categories:
Database search tools
These tools search against different databases, including sanctions, PEP, and watch list databases, to identify any matches against a given name.
Risk-based scoring models
These models use a scoring system to assess the level of risk associated with a particular customer or transaction, based on factors such as transaction amount, geographic location, and other relevant factors.
Machine learning algorithms
These algorithms use machine learning techniques to learn from previous screening results and improve over time, reducing false positives and improving accuracy.
Natural language processing (NLP)
This technology uses artificial intelligence to analyze text and identify names and other relevant information, including potential risks and red flags.
Link analysis
This technology analyzes relationships between different entities, such as individuals, companies, and financial transactions, to identify potential risks and patterns of suspicious behavior.
When evaluating screening tools and technologies, you should also consider the accuracy and completeness of the tool: false positives should be kept to a minimum, while ensuring that potential risks are identified. It is also important that the tool offers adequate coverage of relevant databases and lists, including sanctions, PEP, and watch list databases, and should be regularly updated to reflect changes in these lists.
For a smooth experience, your screening tool should be easy to integrate with existing systems and processes, minimizing disruption to business operations. It should also be well-supported and maintained by the vendor, providing prompt and reliable technical support when needed.
By considering these factors, financial institutions can choose the screening tool or technology that best meets their needs and helps them effectively manage the risks associated with name screening.
4. How can we continuously monitor and update the name screening process to ensure that it remains effective in identifying potential risks?
By continuously monitoring and updating your name screening process, you can ensure that it remains effective in identifying potential risks over time. This helps to minimize the risk of reputational damage and regulatory penalties and ensures that you are able to effectively manage your financial crime compliance obligations.
Besides regular reviews and updates, your compliance team should test and validate the effectiveness of the name screening process on an ongoing basis. For example, you may wish to introduce periodic testing to evaluate the accuracy and completeness of the screening results. Validation provides valuable information for continuous improvement, alongside feedback from employees and external stakeholders. It can also make sense to incorporate new data sources or implement new screening tools and technologies. For example, data analytics and artificial intelligence can continuously monitor and improve the name screening process by using machine learning algorithms to identify patterns and anomalies in the data, and to develop more sophisticated screening models that result in less false positives while providing high quality risk coverage.
Ultimately, effective name screening is in the interest of all stakeholders and many financial institutions are embracing collaboration and information-sharing. Sharing information and best practice on name screening helps flag emerging risks and trends and ensure that the name screening process remains effective in addressing these risks.
A journey, not a destination
By addressing these key questions, you can ensure that your name screening process is effective, efficient, and compliant with regulatory requirements, ultimately reducing the risk of reputational damage and financial losses due to financial crime. Name screening is a journey rather than a destination: taking this view, you can better manage you financial crime compliance obligations and ensure that your financial institution remains effective in addressing potential risks.
Summary
Financial institutions must be vigilant and adaptable if they are to stay ahead of emerging risks and comply with changing regulations. But compliance is not just about avoiding penalties; it’s also about building a culture of integrity and trust. A robust financial crime compliance program – including continuous, proactive name screening – can help you establish and maintain a positive reputation, attract and retain customers and foster a culture of ethical behavior. But it’s an ongoing task – a journey, not a destination.