Companies in certain industries – banking, healthcare, and the like – are subject to many different regulations when it comes to things like how they store user data, required communications with customers, and what data can and can’t be collected.
For example, financial companies need to comply with Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT), as Ben Nguyen, sales engineer at data quality company Melissa, explained in Episode 2 of the six-part SD Times Live! Microwebinar series on data verification.
In Episode 3, Nguyen introduced another tool these companies can use to prevent financial crimes from occurring. National watchlist screening is the process of identifying if an individual is found in sanctions lists or may pose a threat to national security.
In addition to traditional banks, other industries that need to pay attention to this are investment firms, payment service providers, and cryptocurrency exchanges.
There are many watchlists that can be used. One popular option is the Specially Designated Nationals and Blocked Persons (SDN) list, which is maintained by the Office of Foreign Assets Control (OFAC). According to Nguyen, this list contains individuals and businesses who may be related to terrorism, narcotics, cybersecurity threats, or embargoed countries.
“There will likely be serious repercussions if any U.S. entities conduct any transaction or business with individuals or entities found on the OFAC Sanctions List,” he said.
Nguyen recommends any company looking to utilize national watchlist screening keep in mind the following challenges. One main challenge is verifying data accuracy, because watchlists may contain errors, duplicates, or outdated information. He recommends regularly validating data sources, implementing data cleansing and deduplication, and investing in high-quality providers.
There are also regulatory issues to comply with, and failure to comply could result in hefty fines, Nguyen explained. Therefore, it’s important that companies understand the regulations they are subject to so they can ensure that their screening program aligns with them.
Privacy is also a concern, as collecting and storing data to use for screening will require strict data protection measures.
There are also ethical considerations because of the fact that watchlist screening can produce false positives sometimes. “For example, John Smith may be found in a critical watchlist, but there may be multiple matches found when searching within a small area,” said Nguyen. “There are additionally many aliases found within these watchlists that may increase the total possible matches.”
Therefore, companies need to perform supplementary checks to verify if the customer is actually a legitimate match or just a false positive.
To ensure a successful screening program, Nguyen recommends following these best practices:
- Understand regulatory requirements, as mentioned above
- Follow a risk-based approach, where customers are assessed for risk based on factors such as legal history, and allocate additional resources for enhanced due diligence for higher risk customers.
- Choose reputable watchlist databases and ensure they are up-to-date
- Implement data quality control measures and regularly update customer information to reflect changes in names, aliases, and other identifying information
- Invest in electronic screening software that can automate the screening process
To learn more, watch Episode 3 of the microwebinar series with Melissa, where Nguyen explained further.