The political process by which sanctions are agreed is difficult but the process for implementing them is worse. As a result, sanctions are not nearly as effective a weapon as we would like to think they could be. Ten RegTech building blocks are on the table for discussion – how do we configure a case to deploy them?
To discuss JWG’s latest research, we assembled policy, compliance and operational gurus, Neil Whiley, UK Finance, Chris Beevor, GAM, Simon Hornibrook, Commerzbank and Oliver Bodmer, SIX to discuss the problems, potential solutions and what they are most looking forward at JWG’s RegTech seminar on 23 June
Sanctions implementation challenges
The industry is plagued by operational timing issues, data gaps and poor communications between public and private sectors.
In the UK alone, 40 billion transactions are processed each year with £100,000,000,000,000 in value. This means £250k is processed every minute and every time a transaction is stopped, a real world event is put on hold.
With numbers this large, even small issues with lack of policy clarity, data quality and timing will have a huge ripple effect on banks’ workload. From a technological standpoint, the sheer volume of data generated, as well as the false positives generated by that data, is enormous. This is not only time demanding, but it may also result in an unfair and unjust impact on customers and clients.
Sanctions teams are under pressure to modify operating at a breakneck speed in a constant daily drumbeat. Two years’ worth of sanctions listings were issued in a six-week period this year and customer alert screening activity is up 400%.
Though the political will to align exists, governments are taking divergent approaches to implementing sanctions policy. Even straight forward activity-based sanctions like defence and military goods and technology have differed. For example, the US targeted Russian and Belarus aerospace and maritime exports while the UK restricted the same to anyone “connected with” Russia and the EU restricted brokering or ‘other services’ and financing or financial assistance.
With varying legal frameworks, complete alignment is an impossibility and with so many minor differences either in the prohibitions or the listings and with differing time frameworks, even a broad policy alignment is likely to fall short.
Top 10 Sanctions RegTech building blocks
Our panellists noted that the problems with Sanctions are not new. The volumes are new, the size of the target is new and the will for political alignment also appears to be new.
Now is the right time to step back and look at the right way to deploy sanctions and RegTech will play a key enabling role.
So what building blocks are we likely to hear about in our seminar?
- Public/ Private operations. Listing, prohibitions and timings differ today. This can mean that sanctioned individuals get tipped off and accounts are empty when a list is published. Is a common ‘run book’ on the cards?
- Public sector data. The industry struggles with different reporting regimes with slightly different data for different agencies – some of which implement them differently (e.g., EU Member States). Is a consolidated data specification on the cards?
- Data sharing. Each firm wrestles with an individual view of an international network of bad actors. Linkages between assets, counterparties, payments and other data sets are required. Privacy enhancing technology has been proven – will we see the public sector finally recognise the need for its deployment?
- Data privacy. Sharing personal data across borders is always hard. Currently, there is no ‘Patriot act’ for sanctions which would give firms and public bodies the protection they need to share information on the network. Are GDPR updates in this area likely soon?
- Global rule book. Sanctions are implemented in each jurisdictions’ rule books in different ways. Deep experts are required to interpret them. Could a common ontology of sanctions obligations help build collective intelligence for humans to make better decisions?
- Feedback loops. Many requests are issued and many reports are produced. How do public and private sectors manage the discussion of ‘what good looks like?’ Could user new data quality standards and reporting packs be in the offing?
- Risk models. Many manual touch points and uncertainty of linkage between data in the system challenges people to make the right decisions. AI models are needed but they need to be deployed in the right way. Could more, detailed global best practices be on the horizon?
- Data normalisation. Any person with a 50% or high share or stake in a company or firm is subject to the same sanctions as the company or oligarch originally sanctioned. Could more be done to identify common information like this that needs to be identified by every firm?
- Data standards. Data providers produce sanctions screening tools today, but much heavy lifting is required to normalise the regulatory ‘ask’ across the globe. Will standard ISO 20022, XML formats, APIs, protocols and tagging schema be part of the 2023 RegTech conversation?
- New technology. Today’s information requests rely on yesterday’s spreadsheets. Could block chain technology be deployed to revolutionise the system?
To listen to a robust discussion of some of these ideas see the RegCast here.
The case for change
Ultimately the world is adjusting to these new volumes of sanctions, but the financial services industry seems only ever one global event away from having ‘the wheels fall off’.
With a new liability regime for UK managers in force as of this month we are on the cusp of a real case for deploying more digitally-native approaches to sanctions compliance.
It is up to all of us to work out how we can deliver on the Sanctions promise. There is a big opportunity to come together on the ‘how’ via a policy simulator now.
Listen in live and figure out what it means for you at our virtual seminar on 23 June which is available to registered delegates for 6 months.