Over the last several weeks, the Trump administration has given a whole new meaning to “know who you’re dealing with.” Within a matter of days, the U.S. imposed hardline sanctions against Venezuela, Iran and Russia, prohibiting companies from doing business with individuals, entities or agencies identified on the government’s Denied Party lists.
As these lists continue to expand and change, all companies—from Main Street to Wall Street—will need to take proper precautions to ensure they are not in violation of any trade restrictions. This means conducting vigilant screenings against hundreds of Denied Party lists maintained by both the U.S. as well as countless other countries, particularly for those conducting business overseas. What’s worse, many of these lists are nothing more than a data dump – the information is unorganized, inconsistent, and as a result, makes it incredibly difficult to determine if companies are actually in compliance.
While many companies have turned to technology to help identify and flag potential business conflicts within these lists, many more have yet to approach Denied Party Screening (DPS) in the most sophisticated fashion possible. In fact, some of the world’s most successful and admired companies have been caught in the line of fire.
In a July 2017 disclosure to the U.S. government, Amazon reported it had sold and delivered tens of thousands of dollars worth of merchandise—including electronics, toys, and books—to sanctioned parties in Iran between 2012 and 2017. One month earlier, Exxon Mobil was slapped with a two million dollar fine from the U.S. Treasury Department for violating trade sanctions against Russia. For foreign companies, the stakes are even higher. International businesses are some of the most fined entities for violating U.S. sanctions. Everything from selling American-made goods to illegal parties to using wire transfers to avoid raising red flags have resulted in massive penalties, negative media attention, and damage to invaluable brand reputation.
What’s more, the U.S. Department of State and the U.S. Department of Treasury are in hot pursuit of any company or individual who breaks the law, with fines ranging from hundreds of dollars into the billions for persistent and/or willful, intentional violations. Some of the larger fines in recent history (although later reduced) topped an astonishing $8.9 billion and $1.19 billion.
Additionally, smaller-to medium-sized companies with fewer resources to adopt and manage solutions to run scans (yet arguably more on the line should they be subject to hefty fines or penalties) are particularly vulnerable. For those companies, manual screenings are still fairly common, introducing an incredible amount of risk and potential exposure to the business as a result.
Manual screenings are problematic for a variety of reasons. First and foremost, they are extremely labor-intensive, subjective and highly error prone, often leading to false positives, or missed results all together. DPS lists may include hundreds of thousands of entities at any point in time. Combine that with spelling variations, as well as different languages and alphabets, there could be billions of possible search criterion and combinations. Without advanced solutions or processes in place, there is no feasible way for companies to adequately screen against these lists.
With the current administration’s aggressive stance on trade sanctions, as well as the financial and reputational fallout that can occur from violations, companies must take a more proactive and automated approach to DPS. This includes adoption of both sophisticated technology and modern processes needed to quickly and accurately identify potential conflicts before they materialize and negatively impact the business. To improve, companies are advised to:
- Ensure tools match business needs – There are many ways for companies to effectively screen against Denied Parties, and ultimately, the mode of delivery depends on what best suits the business. For some companies, a web-based SaaS solution is ideal. However, for ecommerce businesses, an API may be ideal, as it will screen each transaction as it occurs. For those who use an ERP solution, a transaction-level customer and/or vendor screen of data may offer the best best solution. Other businesses, such as those who frequently acquire companies, may benefit from historical screenings of previous transactions. For others, a periodic review of data may be the best solution.
- Capture updates in (near) real-time – Denied Party lists change in the blink of an eye, and thus, it’s important for companies to have access to the most up-to-date lists to ensure compliance. By partnering with companies that specialize in DPS solutions, companies can rest assured that any changes to Denied Party lists will be added in near real time. For example, after eight Venezuelans were recently added to the U.S. Specially Designated Nationals (SDN) list, Descartes added those individuals into its technology suite within two hours.
- Run dynamic searches – Sophisticated yet flexible search functionality is critical for identifying potential hits. For example, exact and inexact matching must be included within an effective DPS strategy to accommodate misspellings, inaccurate or missing information that can occur in Denied Party lists. In this case, the use of fuzzy logic search structures is especially useful in one-off or ad hoc searches. Due to the unique nature of global DPS lists and screening at a practical level, an effective tool should include options for both a fuzzy logic algorithm to locate close as well as identical matches.
- Apply common sense to data outputs – Just because a company gets a “hit” on a search query doesn’t mean a violation has taken place. Often, more scrutiny and analysis of the law itself is needed before action can be taken. Likewise, zero results won’t always mean a company is in the clear. Compliance professionals in charge of DPS must stay up to date on the latest sanction-related news and activity from government entities, ensuring any new additions are screened quickly and monitored closely.
With DPS lists evolving at lightning speeds and an administration in hot pursuit of companies that break sanctions laws, organizations need to improve their DPS tools and processes, or risk facing civil and/or criminal penalties as a result. While it’s impossible to remove all risks that may exist in the vast business ecosystem, a sophisticated DPS strategy can make all the difference.