Why should you test a sanction screening system? 

Without testing a sanction screening system, its performance on a day-to-day basis is not understood. Testing a sanction screening system not only establishes its effectiveness and efficiency, but it also helps financial institutions meet regulatory requirements, minimise exposure to financial crime risk and ensure that robust detection systems are in place.  

Let’s look at these areas in more detail. 

Financial crime compliance (FCC): Testing a sanction screening system will help ensure that the financial institution/regulated entity is compliant with anti-money laundering and countering the financing of terrorism regulations (AML/CFT).

Risk mitigation: Financial institutions can identify any weaknesses in their sanction screening system and processes by testing regularly. Testing provides the knowledge and understanding to tune a system to improve performance which will reduce the chances of inadvertently engaging in transactions with sanctioned entities, mitigating risks and avoiding legal issues and reputational damage. 

Operational efficiency: Testing helps optimise the performance of the sanction screening system, ensuring that it operates efficiently without causing unnecessary delays or disruptions to operations. This involves assessing factors such as screening accuracy, false positive rates, and system responsiveness. 

Continuous performance improvement: Regular testing enables financial institutions to evaluate the effectiveness of their sanction screening system over time and identify opportunities for improvement. This might involve updating screening algorithms, enhancing data quality, or implementing new technologies to enhance screening capabilities. 

Audits and regulatory requirements: Many regulators require organisations to demonstrate the effectiveness of their sanction screening processes through regular audits and compliance reviews. Testing the sanction screening system provides evidence of due diligence and helps fulfil these regulatory requirements, getting regulators onside. 

Ensure sanction lists are up to date: Sanction lists are changing daily, quite literally. By testing sanction screening systems regularly, financial institutions are also ensuring they are up to date with the ever-changing landscape of sanction lists. 

Effective resource management: If a financial institution’s sanction screening system is working as expected, then resource is freed up to put to use elsewhere within the organisation, and not being taken up by a sanction screening system that is generating too many false positive alerts, for example.  

The three Es of sanction screening system testing 

Here at AML Analytics, we concern ourselves with the three Es, which are as follows: 

• Effectiveness: Demonstrating that your sanction screening system can create a reliable match against a sanctioned record either in its pure form or when the data has been manipulated using algorithms. 
• Efficiency: Demonstrating that your screening system can create a match against a correct record, without generating an unmanageable number of alerts against an incorrect record. This is often referred to as ‘noise’ or ‘false positives’ that will increase business cost and unnecessary resource use. 
• Explainability: Being able to demonstrate to a regulator and senior management that the business understands a system’s rules, settings, and configuration, and that a system is performing in line with the business’s risk assessment. Explainability also encompasses the intricacies of why certain outcomes have occurred during testing. 

 The objectives of testing a sanction screening system 

 When testing a sanctions screening system, we looks for the four key objectives: 

Does the system generate an alert when an unmanipulated sanctioned name is screened? 

An unmanipulated sanctioned name is how a name will appear on a sanction list. A sanction screening system should at least be able to flag a sanctioned name.  

Are the configuration and threshold settings effective, such that a manipulated sanctioned name generates an alert? 

This is commonly referred to as a system’s fuzzy logic matching capability. Some people on sanction lists will alter their names slightly to try and bypass a sanction screening system. Configuration and threshold settings should be tuned so any manipulated names generate an alert instantly.  

Are the levels of false positives manageable? 

False positives, that is, names that aren’t on sanction lists but still generate an alert, are a huge resource drain. If there are too many false positives, then more people will be required to investigate, which is an inefficient use of company time.  

Is the system performance in line with the regulator’s expectations? 

Fines and other measures, such as being put on the Financial Action Task Force’s (FATF) Jurisdictions Under Increased Monitoring list (or the ‘grey list’ as it is commonly known), could occur if a sanction screening system is not in line with a regulator’s expectations. The grey list “identifies countries that are actively working with the FATF to address strategic deficiencies in their regimes to counter money laundering, terrorist financing, and proliferation financing.” 

World-leading testing insight

Before we finish this article, we’re going to leave you with some advice. Having tested many sanction screening systems here at AML Analytics, we’ve come across some common occurrences in sanction screening systems. We thought we’d share our most important ones with you: