Menu Home

Time is of the essence

An essential question of any watchlist screening program is “when”, which actually comes in two flavors:

  • When does the company’s data need to be screened?
  • When do watchlists need to be updated?

I could weasel out of both of these by saying “in a timely manner”, of course – and I’d be right. However, let’s try to be more precise.

It is true that the frequency of data updates and screening processes is a risk-based decision. However, there are some limitations. For example, business transactions – things that transfer assets or create obligations to transfer those assets – generally have to be screened against sanctions lists “real-time”, which is to say, before the item goes out the door and/or gets finalized on the books (and gives the client access to those assets). Why “generally”, you might ask? While the most prominent sanctions regulations are designed to prevent sanctioned entities from having access to assets, some (South Africa being the one Mr. Watchlist is most familiar with) only require the reporting of suspicious transactions after the fact. If the assets are no longer in the firm’s control when the government moves to seize them, oh, well… (no, I’m not kidding – at least as of a few years ago).

I should note that transactions are less frequently screened against non-sanctions lists – especially the PEP list. A match to an off-the-books party doesn’t mean much if you can’t monitor their ongoing activity in the aggregate – with the potential exception of law enforcement lists. And you know Mr. Watchlist is not a fan of law enforcement lists because the generic nature of the names on the lists and the limited information about them – perhaps that’s why all the online most wanted lists are primarily photo indices.

Screening static data is a whole ‘nother kettle of fish. If assets are not entering or leaving one’s account, the impetus for timeliness is much less urgent. So, a weekly or monthly (or quarterly) screening against other list is not unheard-of – if you’re also screening the transactions.

There is one good argument for screening static data more frequently, though – and it’s all about staff allocation and productivity. If you screen more frequently, you will, in general, spread the manual review work out more evenly. In addition, when there are changes to lists that cause a real increase in matches, screening more frequently might allow a firm to make a rules-based false positive reduction (FPR) change that will pay more benefits sooner, reducing or eliminating the increase on the subsequent screenings.

Now, to the second question: how often do you have to update your watchlists? Economic sanctions lists should be updated as available from your data provider and as practical for your business. Translation, please?

First, there will be a lag between the time a list update is made by the regulator and the time it is made available by the data vendor. The data needs to be reformatted in your software’s format, and often will need to be enhanced to include things like matching phrases.

Second, with some applications, ongoing processing may halt or be slowed by processing a list update. Therefore, waiting until a slack period in the day (e.g. lunch time), or after hours is prudent and not unreasonable.

Let’s look to the OFAC Enforcement Guidelines again. OFAC considers how recently the listing which caused the violation was added to the SDN list as a mitigating or aggravating factor when assessing a violation. Miss an item issued two hours ago? You’re not going to get fined for that – that’s as close to a guarantee Mr. Watchlist will ever give. On the other hand, if you haven’t updated the SDN list in a month… that’s not a pretty picture to paint for the regulator or auditor.

Beyond sanctions lists, the question of how frequently to update your lists is largely up to you. For example, one PEP and adverse media provider updates its database daily, while another data provider provides weekly updates. Obviously, the sooner you can identify a potential problem, the sooner you can decide what to do about it. On the other hand, unless you’re planning on terminating a relationship that matches one of these lists, an extra day, week or even month is unlikely to make a real difference to your risk in the overwhelming majority of cases.

So, like Mr. Watchlist said, with the exception of screening business transactions, you have to handle these things “in a timely manner”. And you get to define “timely”… it’s a wonderful thing.

Categories: Business Process Due Diligence Lists Law Enforcement Lists Operational Procedures PEP Lists Sanctions Lists Watchlist Data

eric9to5

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: