APIs for watch list screening: Fueling your credit union’s risk mitigation

As technology becomes more sophisticated and continues to influence the way organizations conduct business, the need for efficient and dependable watch list screening increases exponentially. For those caught dealing with a blocked entity on the Office of Foreign Assets Control’s (OFAC) Specially Designated Nationals (SDN) List, the financial penalty now often reaches into the millions.

In fact, OFAC alone imposed $4.37 billion in fines between 2006 and 2018. The violators include medium asset-size credit unions and local businesses alongside large, sophisticated conglomerates. Many of their enforcement actions noted the lack of an adequate or formal compliance program.

Given the increasing complexity of regulatory environments, credit unions need to realize what’s at stake when they violate watch list sanctions. More importantly, they must understand the most effective and efficient way to mitigate that risk.

Changes in the Regulatory Environment

Several converging factors make watch list screening more complex than ever. The purpose of OFAC’s SDN List has not changed—to prevent U.S. citizens and companies from engaging in business with potential terrorists, money launderers and any other persons or entities deemed enemies of the United States. Neither has the purpose of the lists from the Department of Commerce’s Bureau of Industry and Security (BIS), which restrict export privileges and enforce specific licensing requirements of targeted individuals and businesses.

However, since the turn of this century, several factors have vastly increased the significance of restricted party watch lists:

• Expanded Regulatory Reach: Prior to the 9/11 attacks, federal regulators mostly scrutinized watch list screening at banks and credit unions. The USA PATRIOT Act changed that with its expanded definition of “financial institution,” adding the following businesses with a higher risk for money laundering and OFAC violations:
  • Casinos
  • Importers and Exporters
  • Insurance Industry
  • Jewelry, Precious Gem and Metal Dealers
  • Money Service Businesses
  • Non-profits and Charities
  • Real Estate Firms
  • Travel and Tourism Industry
  • Vehicle Dealers
• Increasing OFAC Fines: In addition, the amounts of OFAC fines have risen drastically in the last several years. For instance, in 2008, OFAC fines totaled $3.5 million, with the largest single fine coming in at $1.2 million. For 2014, those numbers were $1.205 billion and $963.6 million, respectively.
• Watch List Update Frequency and Unpredictability: On any given day, OFAC, BIS and other watch list sources may add, change or delete multiple parties to their lists, often with multiple name variations for each party. A review of the SDN List updates for one month—January 2018—revealed more than 350 changes over nine unpredictable days.

Best Practices for Automated Watch List Screening Solutions

The most effective watch list screening program includes an automated solution that incorporates the following technology, functionality and methods to strengthen and streamline compliance and reduce the risk of costly fines:

• API Integration: APIs have recently emerged as a game changer in watch list screening. They facilitate full integration between otherwise separate systems. In other words, APIs can help your watch list screening solution communicate across your institution’s various systems in real time. With APIs incorporated into the solution, credit unions see a unified, cohesive view of their compliance across their entire organization.
• Streamlined Screening: For the best and most cost-effective watch list screening results, your automated solution should monitor, gather, cleanse and deploy list updates in real time; allow you to screen multiple lists simultaneously via one data integration; screen retroactively; and do it all while ensuring your transactions flow uninterrupted.
• Sophisticated Matching: The veracity of individual matches is a vital best practice. A solution that generates too many false positives creates unnecessary, costly work and may lead to missed true matches, while also harming the customer experience.
• Additional Technology, Tools and Services: There are several other functions that are considered crucial for watch list screening, including:
  • a centralized, cloud-based API Gateway
  • audits and reports
  • customization
  • outsourced watch list services

When you automate watch list screening with an API-powered solution, your credit union can easily and quickly incorporate the best practices described here. To learn even more, download CSI’s new white paper, Fueling Modern Risk Mitigation with APIs: A Quintessential Guide to Watch List Screening.

Co-Authored by: Fred Teumer is technical product manager with CSI’s Regulatory Compliance Group, and is focused on bringing high-tech solutions to the forefront of the financial regulatory industry.