Europe: UK’s FCA Challenges Firms to Improve Sanction Screening Processes

By: Joseph Skilton, Michael Ruck, Rosie Naylor

The FCA has assessed and reported on the sanctions controls of over 90 financial service firms from a range of sectors including wealth management.

What are firms doing well?

• Horizon scanning and scenario planning, sample testing, tuning of screening tools and screening tools with built-in fuzzy logic were praised by the FCA.

What needs improvement?

1. Management Information: Some firms were not providing senior managers with sufficient information on sanctions processes.
2. Resources: Lack of internal resources and expertise in firms’ sanctions teams has led to unacceptable screening backlogs.
3. Screening:
   • Improperly calibrated tools which were either too sensitive or not sensitive enough.
   • Screening tools taking too long to update their lists following a designation.
   • Over-reliance on unchecked third-party screening tools.
4. CDD and KYC: Low quality CDD and KYC leading firms to not screen all relevant parties because the full ownership structure of an entity was not identified.
5. Breach Reporting: Taking weeks or months or entirely neglecting, to report sanctions breaches to the FCA.

What do firms need to do?

1. Ensure appropriate KYC and CDD is completed for all potential parties, including their controllers, shareholders and Ultimate Beneficial Owners.
2. Review current reporting procedures for potential sanctions breaches and ensure that all relevant staff are appropriately trained to meet their obligations under the relevant sanctions regimes.
3. Continue to enhance their screening tools and regularly test their efficacy.
4. Ensure information provided to senior managers on sanctions processes is sufficiently detailed.
5. Check there is sufficient oversight to ascertain the efficacy of any third-party screening tools in use.
6. Understand that the financial and reputational risks from sanctions breaches are growing as the OFSI increases its enforcement activity.