About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

How Well Does Your Company Really Know its Sanctions Chain?

Subscribe to our newsletter

By Jay Rao, Co-founder of KYC Hub.

The war in the Ukraine brought a slew of sanctions from across the globe, creating a spider’s web that continues to be recast, is both complex and powerful, and gets added to and changed all the time. What’s more, if any part of the web is damaged or has gaps, then its overall value and strength is compromised. And just as all spiderwebs are unique, so are the sanctions chains each company must build.

The integrity of any sanctions chain is built on its data, and that is where one of the key fundamental issues lies. While organisations such as the European Banking Authority (EBA), or any other national equivalent, might lay out guidelines for 200 different risk factors that should be monitored, they don’t necessarily state that every organisation follows that guidance. Our experience often suggests it is less data points, rather than more data points, that are tracked. And even then, if some of those data points include hard to find data, the likelihood is that there is more likely to be a data gap, rather than a doggedly tracked down data point. If, indeed, the data can be tracked down.

The simple truth is that some data is a lot easier to find than other data. For example, if you are looking for company data in the UK, it is a fairly simple process to interrogate the Company Register at Companies House. It is high quality data, clean and largely up-to-date. For other countries, this can be a very different proposition. There might just be very little data, if there is data it might well have gaps, and there might be no data at all on what, if any, associated entities there are.

Back to the Companies House register in the UK. It is a single, central database, whereas if we take the US, each state has its own register. It is much easier to find data on listed, large companies than shell or private companies. Most often such data searches for harder to find data are executed manually, although using a bot to search would be far more efficient and likely more successful.

The challenges can seem endless. As well as company data, sanctions require a lot of data about individuals and their associates. Again, this can be easier said than done. If you hold good company data, then it might be relatively easy to track how individuals are associated or not associated with companies. If we are looking at Bob in Company A, good data might flag that Bob is also associated with Jo and, depending on the sanction chain, we will be able to determine if that association requires further interrogation. With poor or gappy data, we simply might never even get to hear about Jo.

So, you need to be asking if your tracking solution is able to monitor millions of adverse media sources to discover potential risks using the latest AI techniques. Using AI, rather than more manual approaches, ups the game and offers the capability to perform enhanced due diligence for high-risk customers. It also provides a much more holistic view of customer risk.

Sanctions also change, they get updated, people and entities can just as easily be taken off sanctions lists as they can be added. The same person or entity can have different sanctions in different territories. A person might also be known by different names in different territories. Sanctions on the same entity or person will be enacted at different times by different countries and regulators. All of this needs to be tracked and kept up-to-date. It all needs to be updated in your systems and sanctions chain. Decisions are taken hourly, daily, all the time. It’s relentless.

The reality is that the number of data sources is enormous, data timing is all over the place, data scarcity is a fact of life, and somehow, it all needs to come together into a single place for each company, in its own unique way. One caution is that a lot of data solutions are point-in-time checks, so will only flag someone on a sanctions list at the time it is interrogated. This doesn’t reflect the changing nature of sanctions we’ve already talked about.

Better to ask the questions of whether the solution updates its data, say every 15 minutes, has an audit trail, and takes a dynamic risk-based approach. Does the solution also have the ability to use natural language processing (NLP) techniques to check unstructured data? What about the ability to leverage sophisticated image processing algorithms to analyse videos, match facial biometrics, detect spoofing and determine ID document authenticity?

Good decisions are based on good data – but we live in a world of known and unknown data gaps, a world swamped with lots of different systems and methodologies, and an unkempt swamp of spreadsheets. What chance does a company have to really know the quality of the data chain?

The answer of course lies in transforming the approach by using advanced technologies and techniques now at hand. Bots, NLP and other types of AI for tracking down the data, and AI for extrapolating the data and turning it into intelligence. Using technology to get a dynamic, real-time view of your customers, suppliers, employees, partners or any other entity of interest, you can discover those hidden connections and proactively manage impending risks. Can this be done now? Can light be shone on the data darkness? Yes, it can.

Subscribe to our newsletter

Related content


Upcoming Webinar: An update on data standards and global identifiers

Date: 19 October 2023 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Data standards and global identifiers have been parts of capital markets’ practices for many years, and more are being developed, reviewed and shaped as the industry acknowledges their role in streamlining data management, reducing risk, improving transparency, and achieving...


ESG Data. A New Master?

By Mark Davies, Partner, element22. Master data management has long been an unsung hero. Understood by a handful of technologists and passionate data evangelists, while delivering consistency and control across complex organisations. Regardless of industry, those organisations that invest in mastering the data that really matters to their organisation reap substantial ongoing dividends. It is...


RegTech Summit New York

Now in its 7th year, the RegTech Summit in New York will bring together the regtech ecosystem to explore how the North American capital markets financial industry can leverage technology to drive innovation, cut costs and support regulatory change.


ESG Handbook 2023

The ESG Handbook 2023 edition is the essential guide to everything you need to know about ESG and how to manage requirements if you work in financial data and technology. Download your free copy to understand: What ESG Covers: The scope and definition of ESG Regulations: The evolution of global regulations, especially in the UK...