By Dr Larry Shapiro, Director of Linksfield Technologies
The issue of financial sanctions gained new prominence last week, with a historic fine levied by the Financial Services Authority (FSA) against the Royal Bank of Scotland Group. The fine, reduced from £8m to £5.6m for early settlement, was the first of its kind in the UK, and was issued for failure by the RBS Group to demonstrate adequate systems and controls that would prevent breaches of UK financial sanctions.
In reality, this issue has been growing in importance since October 2007, when the responsibilities managed by the Bank of England were transferred to HM Treasury, with the establishment of a new Asset Freezing Unit. This was shortly followed by the EU's Third Money Laundering Directive, which came into effect in the UK in December 2007, and which imposed an obligation for UK financial institutions to perform ongoing monitoring of their clients against the sanctions list.
This list comprises approximately 9,000 names of both individuals and companies, spanning (at last count) 86 countries across the world. It is drawn from UK, EU and UN sources, and there are up to 29 fields of information provided on each ‘target’. To add to the difficulty, the list changes regularly, but at undefined points in time; while it typically changes 5-7 times a month, in extreme cases, it can change up to 3 times a day!
The challenge for compliance officers performing these checks is thus apparent, and without suitable software to assist them, it would stretch credulity that these checks can be done manually.
During 2008 and 2009, in the depths of the financial crisis, installing the necessary computer systems to check against the sanctions list understandably took lower priority for many companies (who were focussed on survival). In the background, however, the UK authorities continued to monitor compliance, (or lack thereof), with an important review published by the FSA in April 2009, which highlighted how many firms were not complying with the searches.
The review also identified key features of best practice in this area, including “fuzzy matching” of clients to the target list – as rogues naturally try to alter their documents / identity to escape detection, making exact matches less likely.
In March 2010, a further crucial consultation document was published by HM Treasury on the new proposed asset-freezing bill, which introduces further burdens on UK firms. For example, under the new proposals, anyone who has been a client within the past five years would need to be checked on an ongoing basis. The reason for this is actually quite sensible: at the point where a person is added to the sanctions list, (which is not done lightly), the authorities desire an immediate picture of all recent financial dealings, which they now define to be going back five years.
Many misconceptions continue to abound regarding this legislation, for instance: the range of firms covered by it is more substantial than many think, spanning not only retail banks but specialist lenders, insurers, wealth managers, money transfer agents and casinos, to name but a few.
Those with responsibility for compliance also need to take account of other legislation that governs their activities, e.g. the Data Protection Act – so that when they select a solution, they ensure protection of their client data and consider carefully where the data is held. Ideally, personal client data would remain on their own systems, rather than being uploaded to unknown locations in “the cloud.”
One misconception though, has been cleared up in dramatic fashion this week. While some firms have been unaware that they are covered by this legislation, others have known they were covered but declined to invest in suitable systems, believing that the authorities would not enforce the rules. The FSA’s fine has sent a clarion call to the industry that Compliance Officers and Company Directors ignore this legislation at their peril!
Dr Larry Shapiro is a Director of Linksfield Technologies (www.linksfield.com), who specialise in providing technology to the financial services sector. Since 2007, Linksfield has provided a novel solution, the FSR Checker, for automating checks against the Financial Sanctions Register. The system provides a full audit trail of checks done, fuzzy matching, management of false positives, and local data storage of client details. The solution is used by firms spanning the mortgage lending, banking, wealth management and insurance sectors. In the UK bridging community, Linksfield’s sanctions checking software is used by Cheval, United Trust Bank, Affirmative Finance and Bridgingloans.com.
Leave a comment