How to Technologically Enhance Money Laundering – to make it harder to trace illicit cash.

Technology enhanced money laundering

We’ve noticed that despite our target audience being the financial compliance industry, when we post with a heading to attract criminal attention, it gets read more!

So welcome to this post. In it we will discuss the steps that criminals take to use technology to hide their assets.

Firstly, a basic understanding of Placement, Layering and Integration are needed, you can find that here if you do not understand these three steps.

In the main, technology aids steps two and three. It helps criminals to layer their asset with repeated levels of trade of one sort or another. It then helps them to ‘cash out’ in the integration stage.

We do not make a distinction between a money launderer (professional) or a criminal (commits the predicate offence) other than simply. Similarly, with something like 150 definitions of an organised criminal or their enterprise, this post sets out to use the terms colloquially, inasmuch as any one of the three can act in any capacity so it’s fair to call them all criminals.

Europol define organised crime, not on a personal level as to state the activity of a single individual, but as to the commodities, groups and hubs that make up an OCG (Organised Criminal Gang). In the UK, the definition (loosely termed) relates to activity of a group rather than an individual or specific crime type. It more relates to criminals acting as groups at level two and above (above ‘street’ level crime and cross regional/international).

Money laundering is characterised as a secondary offence to the predicate offence that generated the illicit funds. It is a dynamic and flexible process with launderers actively adapting to fluctuating situational conditions. It is these dynamics that make it difficult to define, describe and prosecute. The levels of convictions are pitifully low globally and this is one area FATF are starting to push with the move to ‘Outcome’ based mutual evaluations at the national level.

As in our post describing the links between Nations that are high on the Corruption index and Bitcoin pricing, the links between laundering and regions that have lax controls and high levels of corruption are sought out by organised criminal groups to layer their transactions to conceal the real origin of the revenue. A research paper into Money Laundering has described it as the third largest industry globally, only oil and agriculture generate more revenue, this indicates just how professional the ‘sector’ is and the sometimes insurmountable odds the industry, regulators and prosecutors face.

Indeed it is these odds, and a nascent belief that the financial sector is inextricably and on occasion corruptly linked to OCGs that is forcing the political agenda to get tougher with sanctions and fines for firms that transgress and get caught. Certainly there are more huge fines than there are ‘bellies against the charge desk’ as I used to say in a former career.

I am going to deliberately steer away from the more obvious routes to launder money. This site covers the more obvious routes in other posts (search for money laundering in our search box and posts will come up). Instead I hope to show you more nuanced methods that a ‘professional’ launderer would use and hopefully point to ways for firms to identify those efforts.

It is obvious that the nearer the point to the actual criminal predicate offence, the more risk there is to laundering cash. The further the cash is layered, actually or digitally, the harder it is for an investigator to track the asset backwards. This is especially true of asset that moves across borders. It is also evident that the regulated sector, spends most of its time trying to detect this first placement into the system. Defeat the placement stage and the professional launderer has the odds stacked in his favour.

The key to laundering is therefore, the successful first step. To conceal it the launderer needs a Trojan horse. Digital transactions and cryptography along with ‘straw-men’ hide the identity of the original criminal. Again, in nations that have a large populous of poor communities, people are prepared to have their identity used as a placement vehicle; this influences the regional choices of OCGs. There are also cases showing more ‘middle class’ white collar workers prepared to lend their identities to support business transactions involving laundering transactions further into the layering process – this includes allowing legitimate business be used to clean money. It is these reasons that money laundering causes capital flight from an economy, investors fearful of the instability and risk attached to the market.

The Trojan Horse


A simple use of technology, a photocopier. Used in high value sales around the globe to prove the outlet checked the identity of the person purchasing- especially when paying in cash. It is a simple task to obscure the image of a passport, make it too dark or otherwise unidentifiable to help the launderer evade any future scrutiny. Purchasing gold, jewels and other high value goods.

Intelligent Deposit Machines

These machines were used to great effect in Australia where a gang used them to launder tens of millions of AUD. Enabling placement and movement of cash through the machines even when the banks were closed. The gang used a network of the machines at lower than threshold amounts to avoid suspicion.

e-commerce and mobile payments

OCGs setting up online storefronts that trade in transactions and not goods to help the launder layer his transactions in what appear genuine stores. No goods are actually moved. This problem is set to get worse as more fintechs operate in this space with a ‘less than conservative approach’ to regulations. One that shall remain unnamed even switched off its transaction monitoring for several months because it was alerting too much (!!)

Virtual World

An International internet payment provider was suspected of laundering on an industrial scale. Implicated were digital currency exchanges, precious metal dealers and more. The OCG had effectively infiltrated the entire system to move large sums in apparent legitimate trade.

Online Betting

An OCG used online betting and internet payment system to launder the proceeds of narcotic dealings. The gang used the two services to receive transactions and then move the funds offshore. In an investigation, it was found that two of the enterprises had the same registered physical address (our intelligence system would flag this as the transaction processed – even across institutional business lines). The gang transferred revenue acting as a remittance service and this disguised the origin of the transaction when the bank conducted the transactions. The gang also used the accounts to simply store funds, making passwords widely known so multiple members could draw on the accounts.

Sales Registers and CCTV

A nightclub had CCTV all over its premise except in the VIP lounge for ‘privacy reasons’. That lounge was then used to till up huge sums of cash transactions as ‘revellers’ purchased $800 champagne in huge quantities. Not so elaborate but an easy way to place cash into the legitimate system through bogus purchases of high value goods/services.

An old colleague of mine filmed a car wash over aperiod of several months to prove vehicles were indeed never washed there, helping to secure the conviction for the predicate offence and ML.

Elaborate ways to facilitate the first stage of money laundering are constantly evolving. As we have stated this is the most risky part of laundering. Not only because it’s the first and easy to trace back to the predicate offence, but also because policy focuses compliance agent attention on this first stage through transaction monitoring and identity checks.

Placement of the cash is the most risky stage of laundering

It is also likely the algorithms being adopted through machine learning technology are focusing on this ‘thick edge’ of transactions. At the front of the process. The more involved and professional launderer will adopt moving and flexible processes to move the money many times over, using no set pattern and through many jurisdictions, transaction types and institutes. This way, unless the whole financial sector had one Ai system, the individual systems in each firm will fail to spot the patterns of transactions/behaviour.

Other technologies are also being used by OCGs. From encrypted communications to virtual services and products and the darknet facilitating on a huge scale the market-place for many OCGs and their gang members.

It is safe to say that criminal gangs have business processes very similar to legitimate businesses. They use highly skilled financiers and skilled business people to move money and assets around as we have discussed previously in our post about cyber crime and money laundering.

This post only details a few examples of ‘how’ criminals use technology. It explains ‘why’ they use it. There is a much bigger study currently ongoing to identify the methods regulators, policy-makers and the industry can use to identify how to combat the professional OCG by understanding their methods. Unfortunately, my experience in these matters tends to lean me towards the opinion that this will be mostly wasted effort. The reason I say this is because;

  1. OCGs will know the models adopted before they are launched – they will almost certainly have informed people on the inside.
  2. The policy-setters will take far too long through bureaucratic channels to put something live.
  3. OCGs will adapt and change and this requires not a look to the past but an accurate prediction of the future to enable swift machine learning from new sets of learning data.

Here at CYW we are developing a networked system that will, for the first time, link the institutes intelligence together. With over 300 metrics to monitor from outside the sector, we will merge data and intelligence to pass it at the speed of transactions to enhance red flags and reduce false positives.

This is essentially providing public level enforcement typologies to the private sector to provide more effective and efficient means to stop transactions and put the onus on the criminal to prove it is innocent. It is our view this is the only way the industry can proceed to force change, cause reductions in criminal use of the financial system and increase the amount of seizures being made. stand alone transaction modelling, even with machine learning functionality, will be hampered by the lack of full data as money moves outside their dataset and comes back in again through different entitites/routes. The firm would have no way of tracking it outside of their own institute.

If you think this post is worthy of a like or a share we would really appreciate you taking the time to do so. We need more readers to influence the agenda.

Thank you.

60 Best Money Laundering Research Papers, Books and web links.


Research into money laundering goes deeper than reading ACAMS or Linkedin. Here we have provided links to the 60 Best Money Laundering Research Papers, books and web articles.

In the coming weeks we will be blogging about these articles and what they mean to the industry. Stay tuned and register with the site (bottom of the page) if you want to get our posts via your inbox (sent once a month only – no spam!)

We would really appreciate you sharing this resource if you find it useful – it took a long time to research!! Thank you. Simply use one of the sharing links or copy the web address and post about it.

NB: Scroll left and right for small screen views

Title & LinkAuthor & Link to BibliographyDescription
(scroll to left to read)
Money launderingM Levi, P Reuter – Crime and Justice, 2006 – journals.uchicago.eduTechniques for hiding proceeds of crime include transporting cash out of the country, purchasing businesses through which funds can be channeled, buying easily transportable valuables, transfer pricing, and using “underground banks.” Since the mid-1980s …
 Dirty money: The evolution of money laundering counter-measuresWC Gilmore – 1999 – ncjrs.govThe first chapter provides an overview of the problem, as it notes that estimates of money from criminal activities range from 300 to 500 billion US dollars annually, money that is available for laundering. Such quantities of money, often linked with organized crime …
How big is global money laundering?J Walker – Journal of Money Laundering Control, 1999 – emerald.comKnown incidents of money laundering involving large amounts of money generated from crime are of tremendous public interest and are consequently given wide publicity. A wide range of national and international agencies have attempted to quantify organised crime …
 Macroeconomic implications of money launderingPJ Quirk – Washington, Fondo Monetario Internacional, WP, 1996 – elibrary.imf.orgThis paper reviews the main analytical, empirical, and policy issues related to the macroeconomic implications of money laundering. The paper discusses, first, how money laundering can be measured, given that it is unobservable, and reports cross-section …
 Chasing dirty money: The fight against money launderingP Reuter – 2005 – developed to reduce drug trafficking, efforts to combat money foundering have broadened over the years to address other crimes and, most recently, terrorism. In this study,[the authors] look at the scale and characteristics of money laundering, describe and …
 Money laundering: a new international law enforcement modelG Stessens – 2000 – book gives a broad analysis of the legal issues raised by the international fight against money laundering. It offers an extensive comparative research of the criminal and preventive law aspects from an international perspective. Stessens portrays money laundering as a …
Money laundering: muddying the macroeconomyPJ Quirk – Finance and Development, 1997 – search.proquest.comIMF staff went to a small island country to assess economic developments. As they walked around the capital, they noticed a surprisingly large number of small banks (more than 100 in a country of less than 100,000 people). A year later, it was revealed that many of these …
Money laundering and its regulationM Levi – The Annals of the American Academy of Political …, 2002 – journals.sagepub.comThis article examines definitions of” money laundering” and the conceptual and actual role its regulation plays in dealing with drug markets. If laundering is prevented, incentives to become major criminals are diminished. It identifies and critiques three aspects of harm …
Money laundering: the economics of regulationD Masciandaro – European Journal of Law and Economics, 1999 – SpringerEconomic research has not yet systematically undertaken the analysis of the existing interactions between criminal economy and financial markets. The present work belongs to a research field increasingly interested in such issues and focuses on the economic analysis of money laundering …
Money laundering: some factsF Schneider, U Windischbauer – European Journal of Law and Economics, 2008 – SpringerThis paper tackles the quite difficult topic of money laundering. After defining money laundering, and after explaining the three stages (steps), placement, layering and integration, the paper tries a quantification and estimation of the volume and development of …
Money laundering and the international financial systemV Tanzi – 1996 – ideas.repec.orgThe IMF Working Papers series is designed to make IMF staff research available to a wide audience. Almost 300 Working Papers are released each year, covering a wide range of theoretical and analytical topics, including balance of payments, monetary and fiscal issues …
Measuring Global Money Laundering:” The Walker Gravity Model”J Walker, B Unger – Review of Law & Economics, 2009 – degruyter.comMeasuring global money laundering, the proceeds of transnational crime that are pumped through the financial system worldwide, is still in its infancy. Methods such as case studies, proxy variables, or models for measuring the shadow economy all tend to under-or …
Money laundering—a global obstacleB Buchanan – Research in International Business and Finance, 2004 – ElsevierOne of the biggest obstacles to maintaining an effective operating international financial system is money laundering. A global phenomenon and international challenge, money laundering is a financial crime that often involves a complex series of transactions and …
An inquiry into money laundering tools in the Bitcoin ecosystemM Möser, R Böhme, D Breuker – 2013 APWG eCrime …, 2013 – provide a first systematic account of opportunities and limitations of anti-money laundering (AML) in Bitcoin, a decentralized cryptographic currency proliferating on the Internet. Our starting point is the observation that Bitcoin attracts criminal activity as many …
 Black finance: the economics of money launderingD Masciandaro, E Takats, B Unger – 2007 –” The recent dramatic wave of terrorist attacks has further focussed worldwide attention on the money laundering phenomena. The objective of this book is to offer the first systematic analysis of the economics of money laundering and its connection with terrorism finance …
 Critical reflections on transnational organized crime, money laundering and corruptionME Beare – 2003 – crime, organized crime, money laundering and corruption are four concepts that have gained and continue to gain an international and domestic profile. Is the information given to the public concerning these concepts distorted by the vested interests of …
 The amounts and the effects of money launderingB Unger, M Siegel, J Ferwerda, W de Kruijf… – Report for the Ministry of …, 2006 – ftm.nl0.4. The amount of money laundered is sizeable 0.5. Where is the criminal money being laundered and placed? 0.6. The Netherlands are a transit country of crime and criminal money 0.7. What are the effects of money laundering? 0.8. The long term dangers of money  …
The consequences of money laundering and financial crimeJ McDowell, G Novis – Economic Perspectives, 2001 – ncjrs.govMoney laundering is seen as critical to the effective operation of transnational and organized crime. However, money laundering effects a country’s economy, government, and social well-being. This article briefly reviewed both the economic and social costs of money laundering …
 Money laundering: A guide for criminal investigatorsJ Madinger – 2011 – changes have occurred in the twenty-five years that have passed since the enactment of the Money Laundering Control Act of 1986. The law has been amended, new underlying crimes have been added, and court decisions have modified its scope. The Act remains an …
 The hawala alternative remittance system and its role in money launderingPM Jost, HS Sandhu – 2000 – peacepalacelibrary.nlThe components of hawala that distinguish it from other remittance systems are trust and the extensive use of connections such as family relationships or regional affiliations. Unlike traditional banking or even the’chop’system, hawala makes minimal (often no) use of any …
The fight against money launderingH Geiger, O Wuensch – Journal of Money Laundering Control, 2007 – emerald.comPurpose–To provide an economic view on the costs and benefits of anti‐money laundering (AML) efforts. Design/methodology/approach–Based on a international, comparative study conducted in Switzerland, Singapore and Germany, the authors outline the impact of AML …
Bitcoin and money laundering: mining for an effective solutionD Bryans – Ind. LJ, 2014 – HeinOnlineTechnology forges ahead at a rapid pace, whether we like it or not. Criminals recognize this inevitability and use technological improvements to advance their craft,’committing crimes from half a world away in real time. Meticulous criminals also use technological …
Corruption and money laundering: a symbiotic relationshipD Chaikin, J Sharman – 2009 – Springer
 Financial havens, banking secrecy and money-launderingJA Blum, M Levi, RT Naylor, P Williams – 1998 – major money laundering cases coming to light in recent years share a common feature: criminal organizations are making wide use of the opportunities offered by financial havens and offshore centres to launder criminal assets, thereby creating roadblocks to criminal …
A typological study on money launderingP He – Journal of Money Laundering Control, 2010 – emerald.comPurpose–The purpose of this paper is to make objective descriptions on various money‐laundering techniques and to put forward countermeasures in order to combat money laundering more effectively and efficiently. Design/methodology/approach–This paper …
 Reference guide to anti-money laundering and combating the financing of terrorismPA Schott – 2006 – elibrary.worldbank.orgThis second edition of the Reference Guide is a comprehensive source of practical information on how countries can fight money laundering and terrorist financing. Aimed at helping countries understand the new international standards, it discusses the problems …
 Money laundering policyPC Van Duyne – Fears and Facts, 2003 – petrusvanduyne.nlIt is difficult to argue about the nature of smells. Some of them do not even have names. But one kind of smell has certainly been nominated and changed in our appreciation: the ‘moral smell’of money. Today the adage ‘money does not smell’does not apply any more. Now we …
Responding to Money LaunderingE Savona – 2005 – to Money Laundering has its origin in the International Conference on Preventing and Controlling Money Laundering and the Use of Proceeds of Crime: A Global Approach organised by ISPAC, the International Scientific and Advisory Board of the United …
 Dirty money: the evolution of international measures to counter money laundering and the financing of terrorismWC Gilmore – 2004 – is the third edition of this publication which explores key issues in the fast evolving field of money laundering and terrorist financing, and which has been restructured so as to fully reflect the high international priority given to tackling the financing of terrorism since …
Money laundering and globalizationP Alldridge – Journal of law and society, 2008 – Wiley Online LibraryThe article traces the various imperatives generated by the combination of the money laundering panic of the late 1990s with the advent of globalization. If there is to be an attempt legally to regulate laundering, it (laundering) must be a relatively serious offence …
Money launderingN Morris-Cotterill – Foreign Policy, 2001 – JSTORFrom Moscow to Buenos Aires, money laundering scandals sap economies and destabilize governments. Policymakers blame crime cartels, tax havens, and new techniques like cyberlaundering. But dirty money long predates such influences. Without unified rules …
The economics of crime and money laundering: does anti-money laundering policy reduce crime?J Ferwerda – Review of Law & Economics, 2009 – degruyter.comAnti-money laundering policy has become a major issue in the Western world, especially in the United States after 9-11. Basically, all countries in the world are more or less forced to cooperate in the global fight against money laundering. In this paper, the criminalization of …
 Dirty dealing: the untold truth about global money laundering, international crime and terrorismP Lilley – 2003 – and ReviewsEntertaining, well written and well presented.JOHN MULQUEEN, The Irish TimesPaints an alarming picture of the power and scale of todays crooked and corrupt financial world. Lilley has done his homework.THE IODS DIRECTOR MAGAZINESChoice of …
System and method for analyzing and dispositioning money laundering suspicious activity alertsBJ Kloostra, C Dalvi, BN Behm – US Patent App. 12/258,784, 2009 – Google PatentsA system and method for analyzing, dispositioning, recording, reviewing, and managing potentially suspicious financial transactions. In some cases, the system models the steps taken by a subject matter expert to reach a conclusion so that a novice can follow similar …
A theory of “Crying Wolf”: The economics of money laundering enforcementE Takáts – The Journal of Law, Economics, & Organization, 2011 – academic.oup.comThe article shows how excessive reporting, called “crying wolf”, can dilute the information value of reports and how more reports can mean less information. Excessive reporting is investigated by undertaking the first formal analysis of money laundering enforcement …
Power and discourse in policy diffusion: Anti-money laundering in developing statesJC Sharman – International Studies Quarterly, 2008 – academic.oup.comTwenty years ago not a single country had a policy against money laundering; currently, over 170 have very similar anti-money laundering (AML) policies in place. Why have so many countries with so little in common adopted the same policy so rapidly? This extensive …
 Global financial crime: terrorism, money laundering and offshore centresD Masciandaro – 2017 – scope for financial crime has widened with the expansion and increased integration of financial markets. Money laundering, terrorism financing and tax crime have all changed in both nature and dimension. As new technologies reduce the importance of physical …
AI fights money launderingJ Kingdon – IEEE Intelligent Systems, 2004 – bank had approached Searchspace, formed by re- searchers from the Intelligent Systems Lab at University College London in 1993. It applies adaptive and learning- systems approaches to a range of business and finance tasks. However, until then, we had principally developed …
 Transnational criminal organizations, cybercrime, and money laundering: a handbook for law enforcement officers, auditors, and financial investigatorsJR Richards – 1998 – BY A LAW ENFORCEMENT PROFESSIONAL FOR OTHER LAW ENFORCEMENT PERSONNEL IN THE TRENCHES This book examines the workings of organized criminals and criminal groups that transcend national boundaries. Discussions …
Trade-based money laundering and terrorist financingJS Zdanowicz – Review of law & economics, 2009 – degruyter.comMoney laundering can be defined, generally, as the process of concealing the existence, illegal source, or application of income derived from a criminal activity, and the subsequent disguising of the source of that income to make it appear legitimate. Deception is the heart of …
The tenuous relationship between the fight against money laundering and the disruption of criminal financeMF Cuéllar – J. Crim. L. & Criminology, 2002 – HeinOnlineThis article examines the fight against money laundering as a case study of the separation between an enforcement system’s objectives and performance. To launder money is to hide its illegal origin. The fight against money laundering is supposed to disrupt laundering in its …
 Detecting money laundering and terrorist financing via data miningJS Zdanowicz – Communications of the ACM, 2004 – dl.acm.orgThe use of international trade to move money, undetected, from one country to another is one of the oldest techniques used to circumvent government scrutiny. Either overvaluing imports or undervaluing exports can achieve this transfer. If an imported prod- uct is overvalued, the foreign …
Money laundering regulation: the micro economicsD Masciandaro – Journal of Money Laundering Control, 1998 – emerald.comThe analysis of the interactions between the criminal economy and the financial markets has not yet been systematically studied by the economists. This study belongs to a current research interested in this area, ie the economic analysis of money laundering. The work is …
Money laundering: The crime of the’90sGR Strafer – Am. Crim. L. Rev., 1989 – HeinOnlineIn the Money Laundering Control Act of 1986,’codified at sections 1956 and 1957 of Title 18 of the United States Code, Congress for the first time attempted to define and prohibit a category of activity known colloquially as” money laundering.” During an election year frenzy …
Applying data mining in investigating money laundering crimesZ Zhang, JJ Salerno, PS Yu – Proceedings of the ninth ACM SIGKDD …, 2003 – dl.acm.orgIn this paper, we study the problem of applying data mining to facilitate the investigation of money laundering crimes (MLCs). We have identified a new paradigm of problems—that of automatic community generation based on uni-party data, the data in which there is no direct …
Turnover of organized crime and money laundering: some preliminary empirical findingsF Schneider – Public choice, 2010 – SpringerAfter a short literature review, the paper quantifies the turnover of organized crime with the help of a MIMIC estimation procedure for the years 1995 to 2006 for 20 highly developed OECD countries. The volume of turnover from organized crime was US-270billionintheyear1995forthese20OECDc …
Money laundering: an international challengeLA Barbot – Tul. J. Int’l & Comp. L., 1995 – HeinOnlineIn the words of South American drug barons,” dirty money is best passed through clean hands.” 1 Money laundering is often defined as” the process by which one conceals the existence, illegal source or illegal application of income, and then disguises that income to …
Money laundering and its regulationA Chong, F Lopez‐De‐Silanes – Economics & Politics, 2015 – Wiley Online LibraryThe recent wave of terrorist attacks has increased the attention to money laundering activities, and the role played by the regulatory frameworks controlling feeder activities. We investigate empirically the determinants of money laundering and its regulation in close to …
 Money laundering: a concise guide for all businessD Hopton – 2009 –, anti-money laundering regulations and legislation have become one of the weapons of choice of governments that are fighting global terrorism and criminality. In this updated edition of Money Laundering, Doug Hopton explains how The Money Laundering  …
Virtual money laundering: the case of Bitcoin and the Linden dollarR Stokes – Information & Communications Technology Law, 2012 – Taylor & FrancisThis paper presents an analysis of the money laundering risks of two virtual currencies, the Linden dollar, the in-world currency of the interactive online environment Second Life, and Bitcoin, an experimental virtual currency that allows for the transfer of value through peer-to …
 Anti-Money Laundering: international law and practiceWH Muller, CH Kalin, JG Goldsworth – 2007 – Laundering is the definitive reference on money laundering and practice. First an outline will be given of the general approach taken by supra-national organisations like the United Nations and the European Council. Next the approach taken by international …
 Crime, illicit markets, and money launderingP Williams – Managing global issues: Lessons learned, 2001 – carnegieendowment.orgPhil Williams organized crime is perhaps best understood as the continuation of commerce by illegal means, with transnational criminal organizations as the illicit counterparts of multinational corporations. During the 1990s, transnational organized crime—and the …
 Criminal finance: The political economy of money laundering in a comparative legal contextK Hinterseer – 2002 – it or not, money launderers are major players in the world’s economy. Their strategies constrain national economic policies and undermine financial institutions. With the advent of secure transfer technologies, and with the help of modern financial theories of derivatives …
A comparative guide to anti-money launderingM Pieth, G Aiolfi – 2004 – academia.eduMoney laundering is the process by which criminals attempt to conceal the source and ownership of the proceeds of their illicit activities; if successful, the criminal maintains control and access to these funds when and where he chooses. The efforts to combat this …
 Money launderingFAT Force – Policy Brief July 1999, 1999 – bahamasb2b.comThe goal of a large number of criminal acts is to generate a profit for the individual or group that carries out the act. Money laundering is the processing of these criminal proceeds to disguise their illegal origin. This process is of critical importance, as it enables the criminal to …
Money Laundering: The Scope of the Problem and Attempts to Combat ItS Sultzer – Tenn. L. Rev., 1995 – HeinOnlineMoney laundering is the process of taking the proceeds of criminalactivity and making it appear legal. Money laundering has been called the” lifeblood” of crime because, without cleansing the profits of crime, the criminal enterprise cannot flourish. While drug money  …
Money laundering law: Forfeiture, confiscation, civil recovery, criminal laundering and taxation of the proceeds of crimeP Alldridge – 2003 – Bloomsbury Publishing
Money laundering and financial means of organized crime: some preliminary empirical findingsF Schneider – Paolo Baffi Centre Research Paper, 2008 – papers.ssrn.comAfter giving a short literature review, the paper tries a quantification of the volume of money laundering activities, with the help of a DYMIMIC estimation procedure for the years 1995 to 2006 for 20 highly developed OECD countries. The volume of laundered money was 273 …
Money‐Laundering: Estimates in FogPC Van Duyne – Journal of Financial Crime, 1994 – emerald.comThe paper examines certain problems in determining the extent of money‐laundering. The author first discusses the methodological problems inherent in assessing its volume. He then discusses two methods to estimate the extent of money‐laundering. One method is …

Conservative Firms less likely to be involved in Money Laundering

A recent study has found that firms that adopt a culture of conservative accounting are less likely to be involved in money laundering scandals.

The authors used three measurements of the concept of conservative accounting, and in all three the results were the same.

The degree of conservativism is significantly and negatively associated to the firm’s risk to money laundering

Bolgorian, M., & Mayeli, A. (2020). Accounting conservatism and money laundering risk. Accounting Research Journal, 33(2), 343-361.

The study reviewed 924 firms across a five year time-span and accounted for metrics like firm size and sector in the findings. The results open up questions that the financial compliance industry may find useful to consider.

  1. The lack of regulatory framework in offshore jurisdictions may encourage firms to be less prudent with standards.
  2. The lack of requirement to submit accounts in offshore jurisdictions may cause less routine rigour in day to day activities.
  3. Offshore regions may be more susceptible to money laundering and terrorist financing simply due to these points, as well as the more liberal use of business registrations without full due diligence.

Accounting conservatism has been shown to reduce risk in the value of a business crashing via the stock price and to favour longevity as opposed to ‘quick win’ capitalistic strategy.

It follows that the concept ‘dampens’ the temptation to over state accounts within a firm and inculcates throughout the firm a more robust approach to audit.

The questions raised by the paper relate a different reasoning to offshore money laundering from the firm side of the transaction. That is to suggest that criminals come to offshore for the perceived secrecy and confidentiality cloak, whereas the firms (Law, Accounting, Corporate Support, Accounting, Audit) operate more loosely because necessary regulatory rigour is absent. This effectively inculcates a less than conservative approach to business.

We suggest because of these two aligned concepts, regulators are more likely to find money laundering, tax evasion, bribery, fraud and other white collar crime in offshore regions because the criminals want to exploit the opportunity and the firms are less likely to turn them away. if they adopt a more relaxed approach to prudence.

Firms are advised to be cognisant of this research established metric and understand the culture in their firm to reduce the risk of wittingly or unwittingly facilitating criminality.

Contact us to review your firm’s cultural conservatism.

Financial Crime Solutions

Financial Crime Solutions

What Financial Crime Solutions are Available?

The world of finance moves so fast with speed of light transactions how on earth can anyone counter financial crime? You’ve found the right place as we point to some detail to help you to fight financial crime and find the solution that meets your needs.

Preventing Financial Crime

We have written extensive mitigation controls to help our clients reduce the opportunity for financial crime occurring in their business. Talk to us to help you.

Improving Monitoring to Reduce Financial Crime

It’s not all about banking and transaction monitoring. The focus always goes to that. And yet the criminal knows it. Sophisticated criminals will get around transaction monitoring easily. You need to be smarter. Talk to us about how we can help you solve your issues.

Maybe the Solution is Internal?

Just take a look at the darkweb and you will see there is a volume of financial professionals working to clean dirty money and assets and selling their services to the highest bidder. We can route them out of your business. Forever.

Talk to us today to make your life less stressful – we have the financial crime solution for you.

AML-Resources U to Z

AML Resources U to Z

A to EF to JK to OP to TU to Z

Bring yourself up to date with this useful list of AML resources and help documents. We design training packages for your staff, the below is just a small section of our knowledge base. It is important to consider your requirement for bespoke training aligned to your risk.

See our training page to book some training


  • United Nations Convention Against Corruption
  • United Nations Convention Against Illicit Traffic in Narcotic Drugs and Psychotropic Substances
  • United Nations Convention for the Suppression of the Financing of Terrorism
  • United Nations Convention Against Transnational Organised Crime and the Protocols.



  • SEC Rules on Whistle-blowing
  • Wolfsberg Private Banking Principles. – The Principles were initially formulated in 2000 (and revised in 2002) to take into account certain perceived risks associated with private banking. Such risks continue to warrant appropriate levels of attention, no less today than ten years ago. Regulators continue to expect strong anti-money laundering standards, robust controls, enhanced client due diligence and suitable AML policies and procedures. The Wolfsberg Principles detail the groups considerations. –
  • Wolfsberg Guidance on Sanction Screening




A to EF to JK to OP to TU to Z

AML-Resources K to O

AML Resources K to O

A to EF to JK to OP to TU to Z

Bring yourself up to date with this useful list of AML resources and help documents. We design training packages for your staff, the below is just a small section of our knowledge base. It is important to consider your requirement for bespoke training aligned to your risk.

See our training page to book some training





  • New Zealand – Audit of AML/CTF programs and risk assessments


  • OECD – Standard for Automatic Exchange of Financial Account Information in Tax Matters
  • Organised Crime – United Nations Convention Against Transnational Organised Crime and the Protocols.-

A to EF to JK to OP to TU to Z

AML-Resources F to J

AML Resources F to J

A to EF to JK to OP to TU to Z

Bring yourself up to date with this useful list of AML resources and help documents. We design training packages for your staff, the below is just a small section of our knowledge base. It is important to consider your requirement for bespoke training aligned to your risk.

See our training page to book some training






A to EF to JK to OP to TU to Z

AML-Resources P to T

AML Resources P to T

A to EF to JK to OP to TU to Z

Bring yourself up to date with this useful list of AML resources and help documents. We design training packages for your staff, the below is just a small section of our knowledge base. It is important to consider your requirement for bespoke training aligned to your risk.

See our training page to book some training


  • PEPs. FATF guidance on PEPs –
  • POLICY – An Anti-Money Laundering and Terrorist Financing Policy is the document that guides all AML activity and helps your organization guide staff. It is a critical document that should detail a lead from the top of the organization. Below we provide three institutional policies for you to peruse contrast and compare (the first is a Real Estate policy, the second/third are banking policies) . We make no comment on the quality. We provide this service for you to reassure you, your policy will meet the required regulatory rigour.
  • AML/CTF Policies and Procedures template – Seek our advice before using this. –



  • Real Estate Policy Template. NB: Seek advice this is a guide only.
  • Risk Assesment and AML/CTF program audits – New Zealand
  • Risk Assessment – BSA/AML Example – for a bank. We do not warrant the quality of this document. –


  • Securities Exchange Commission Rules on Whistle-blowing
  • Guidance on Sanction Screening from Wolfsberg –


  • Standard for Automatic Exchange of Financial Account Information in Tax Matters OECD
  • Template for AML program for a small firm – US centric NB- We do not warrant the quality of this document. You must seek our advice.
  • Template for AML/CTF Policies and Procedures – Seek our advice before using this. –
  • Template for Real Estate AML/CTF Policy. NB: Seek our advice this is a guide only.
  • Terrorism. United Nations Convention for the Suppression of the Financing of Terrorism –
  • Transparency International Exporting Corruption Report
  • Company Trusts. FATF guidance on Company formation agents and Trusts – A risk based approach to their work and the risk they face in the climate to remove hidden Beneficial Ownership. For a summary and the full report go here, or download the full report.

A to EF to JK to OP to TU to Z

My Wife Thinks White Collar Crime is Acceptable, Do You? – A debate.

Greed is good

I was a police officer and detective rising to DI (captain in the US) for 26 years.

I’m a fairly hard nosed detective that doesn’t give much quarter to a criminal. I’ve dealt with quite possibly all types of major crime in one guise or another.

My wife is an altogether different animal. She is also a detective. She works in Child Protection dealing with the most depraved abuse one can imagine. She is even more hard nosed than me. Definitely no quarter!

We had a discussion this morning about white collar crime and my wife’s reaction was to shrug her shoulders and say “Oh well, it doesn’t really matter does it”.

I nearly fell off my chair.

I compared with her an executive criminal to a burglar. Now don’t get me wrong, I don’t like burglars. But it seems to me, from my experience, society condemns them without a side-ways glance. It is completely unacceptable behaviour to break into someone’s home and steal from them. I would say the average burglar is maybe stealing around $2,000 to $10,000 worth of goods from a home. Of course they violate the home so that’s the really bad bit – not the property value.

Yet they’ll sell those goods for no more than a couple of hundred dollars/pounds.

They steal to live. Burglars are in the main from the bottom of the societal feeding pool. Usually un-employed, mostly with a habit to feed and definitely with no food in the cupboards at home. Those with a family still need to feed them. Yet my wife would say, it’s a personal choice to take drugs. Everyone knows the risks when they first do it and everyone knows how it’s going to turn out. And in that statement she writes off the entire population of burglars.

Now let’s turn to white collar criminals – and yes I do call them criminals.

One of the things that repeatedly concerned me in the police was the chasing of ‘easy prey’. The down-trodden. The ill-educated. The poor. I don’t have the statistics but I do have experience, and that experience tells me the average prisoner filtering through a police detention centre is below average intelligence, below average economically and below average health. I’m not here to sort out society.

But I am here to espouse equity.

Those that commit crime above the bottom tier are less likely to get caught. Not because they’re better at it but because the police don’t put resource into it. The police have access to a huge range of resource both technical and human. 90% of it is chasing burglars and their associate criminals. The rest is doing back office function. I say this having come through different periods of policing ‘style’. ‘Performance driven’ – that really does chase the down-trodden and the clear up rate becomes nirvana. ‘Austerity’, where no one was chased and virtually all specialist crime resource was reduced to skeleton provision – no-one chasing the white collar criminal then.

We have a post on this website about crime prevention. A large part of the theory and practice covered in it relates to the risk matrix facing any criminal. How raising the risk to them when committing a crime makes them think really carefully before committing it. For a burglar, he isn’t so easy displaced because they are stealing to live and have little to lose. But an executive? They have the lovely house in the Hamptons and little Rebecca’s bought education to fund – so they do have a lot to lose.

The theory goes that raising the risk will put them off committing the crime.

The average white collar criminal, even when caught, generally isn’t prosecuted. There’s usually a deal done somewhere down the line. The recent tax evasion scandal with Bank Hapoalim is a case in point. This case saw the bank hide nearly $8 billion from the US treasury in offshore accounts. They deliberately hid the accounts in false names and other tactics to help US wealthy citizens evade their tax.

The executive team at the bank knew this was endemic and yet authorised/approved of its use. The investigation has taken several years and I am not privy to what deals were done but it appears the entire executive team were let go and a new team put in place. Once that transition was made the bank started to co-operate with the US authorities and the rest is history.

Yet not a single executive is facing any charge for conspiracy to defraud the US. Even if a prosecution isn’t criminal, why no civil pursuit?

If we compare these individuals to the burglar.

  • They are wealthy
  • They have taken performance related bonuses
  • They are acting in full knowledge.
  • They have no need to steal to survive.

Yet they face no punishment?

At a time when the human race is facing the most significant threat in living memory, we need every tax dollar we can get our hands on. We need to properly resource hospitals and their staff. We need to provide full protective equipment to all front-line workers.

All of this money comes from people paying their taxes. It isn’t a choice. It’s a duty.

Yet society seems to accept white collar crime with a shrug of its shoulders and a ‘well why wouldn’t they’, passing comment.

I’m kind of hopeful that something good is going to come from COVID 19. Something that changes the way we live for the better. Not chasing the next car, or the bigger house, not polluting our air but recognising when we have all we need and society can function the way, morally at least, it should. But I fear that is looking at the world through rose tinted glasses. I fear we will simply return, when the lock-down is gone, to exactly the same process of greed is good. Because executive white collar crime is exactly that.


Sanctions Screening Guidance

Sanctions Screening Guidance – Introduction

Sanctions screening is a control employed within Financial Institutions (FIs) to detect, prevent and manage sanctions risk. Screening should be undertaken as part of an effective Financial Crime Compliance (FCC) programme, to assist with the identification of sanctioned individuals and organisations, as well as the illegal activity to which FIs may be exposed. It helps identify areas of potential sanctions concern and assists in making appropriately compliant risk decisions.

In light of the continuous expansion and growing complexity of international sanctions regulations, this post will provide guidance to FIs as they assess the effectiveness of their sanctions screening controls, whether automated, manual or both. The post assumes that the reader has a basic understanding and familiarity with sanctions controls terminology, much of which is also covered in the Glossary at the end.

Transaction Screening and Customer Screening

Most FIs will deploy two main screening controls to achieve their objectives: transaction screening and customer screening. Transaction screening is used to identify transactions involving targeted individuals or entities. Customer or Name screening is designed to identify targeted individuals or entities during on-boarding or the lifecycle of the customer relationship with the FI. Together, transaction and customer screening are designed to form a robust set of controls for identifying sanctions targets. It should be recognised that there are a number of limitations in the way in which these controls are managed and should always be employed as part of a wider FCC programme.

As with the management of all financial crime risks, an FI should first identify and assess the sanctions risks to which it is exposed and implement a sanctions screening programme commensurate with its nature, size and complexity. In doing so, consideration needs to be given to:

  • The jurisdictions where the FI is located, and its proximity – geographically, culturally and historically – to sanctioned countries;
  • What customers the FI has – international or domestic, where those customers are located and what business they undertake;
  • The volume of transactions and distribution channels;
  • What products and services the FI offers and whether those products represent a heightened sanctions risk, for example, cross-border transactions, foreign correspondent accounts, trade related products or payable-through accounts;

This post sets out the use of sanctions screening as a control, the fundamentals of which are derived from legal and regulatory requirements and expectations, as well as global industry best practice. It is not intended to suggest all FIs should apply all elements in this post to the same level, rather, it attempts to demonstrate where sanctions screening can be an effective part of a wider sanctions compliance programme, where it has limitations as a control, and where a risk based approach is required, notwithstanding the strict liability nature of sanctions compliance.

Consideration has been given to topics such as what is meant by sanctions screening, looking at both reference data and transaction screening, the timing of screening, technology and the use of automated systems, the criteria for alert investigation, as well as testing and quality assurance.

What is Sanctions Screening?

Data accuracy and relevance
Data accuracy and relevance

Sanctions screening is a control used in the detection, prevention and disruption of financial crime and, in particular, sanctions risk. It is the comparison of one string of text against another to detect similarities which would suggest a possible match.

It compares data sourced from an FI’s operations, such as customer and transactional records, against lists of names and other indicators of sanctioned parties or locations.
These lists are typically derived from regulatory sources and often supplied, updated and maintained through external vendors specialising in the amalgamation, enhancement, formatting and delivery of these lists.

FIs may also augment these with lists of sanctions relevant terms, names or phrases, identified through their own operations, research or intelligence.
The generation of an alert as a result of the process of screening is not, by itself, an indication of sanctions risk. It is the first step towards detecting a risk of sanctions exposure, which can be confirmed or discounted with additional information to evaluate whether the similarities in the text reveal a true sanctions match.

While this concept sounds simple, it can be complex when it comes to determining what actually constitutes a “true match” across a range of variables such as alphabets, languages, cultures, spelling, abbreviations, acronyms and aliases. When screening is automated, additional complexities are introduced such as “fuzzy matching” algorithms, workflows and match rules.

A Programmatic Approach to Sanctions Screening

Software specialist
Software specialist

While this post focuses on screening as a control to manage sanctions compliance risk, screening as a control is not sanctions specific and should be deployed as part of an integrated risk based FCC programme.

Sanctions Screening Programme

Fundamental pillars of an FCC programme, including key enabling functions, should be applied to screening, not in isolation, but in conjunction with other financial crime risk prevention and control processes:

  • Policies and Procedures – defining requirements for what must be screened, in what context and at which frequency, and how alerts should be adjudicated, paying particular attention on how to resolve alerts where information is unavailable, incomplete or potentially unreliable.
  • Responsible Person – ensuring appropriate skills and experience in understanding the nuances of often arcane sanctions requirements and how these might influence screening outcomes and decisions, as well as the technical capabilities of screening software.
  • Risk Assessment – applying risk based decisions to resolve specific questions of what data attributes to screen, when to screen, what lists to use and how exact or “fuzzy” to set the screening filter. The decision making and governance structure needs to be clearly articulated, documented and supported by analysis and testing. This is addressed in more detail below.
  • Internal Controls – implementing screening control processes requires an understanding of the various methodologies and technologies available and their operational consequences. There is no clearly defined approach to technology or configuration that is better or worse, and each will have its own strengths and limitations. Understanding those strengths and limitations is critical. FIs are expected to document how their screening systems are configured in order to demonstrate that the configuration is reasonably expected to detect and manage the specific sanctions risks to which the FI is exposed and, importantly, to ensure transparency of any system limitations or risk based decisions which the screening controls are not designed to detect.
  • Testing – conducted to validate that the screening system is performing as expected and to assess its effectiveness in managing the specific risks articulated in the FI’s Risk Assessment. Regular testing of the system should be supported by metrics, analysis and reporting.

Applying a Risk Based Approach

Data accuracy and relevance
Data accuracy and relevance

Sanctions screening can never detect every possible sanctions risk due to the wide range of variables in which a string of text could be altered and still convey the same meaning. Sanctions screening is dependent on a range of factors, including the type, availability, completeness and quality of data, as well as the inherent sanctions risks to which an FI, its products, customers and services are exposed.

Consequently, the effectiveness of screening as a control will vary between FIs, even where FIs are using the same third-party screening solution, and screening is not necessarily appropriate for all products and services. Screening, therefore, requires a programmatic approach through which each FI must assess its own risks in order to define the manner, extent and circumstances in which screening is employed. This process of evaluating the risk to the design, configuration and maintenance of a screening programme is built around the following core principles:

  • Articulate the specific sanctions risk the FI is trying to prevent or detect within its products, services and operations. For example, a global FI may determine that its policy is to prohibit any dealing with any party sanctioned by the U.S., the U.N., the E.U., its home country and any number of its core jurisdictions of operations. A smaller FI operating only in one country, however, may determine that its policy is limited to complying with the sanctions laws of the sole jurisdiction in which it operates.
  • Identify and evaluate the inherent potential exposure to sanctions risk presented by the FI’s products, services and customer relationships. For example, screening may be more meaningful to mitigate sanctions risk in the context of cross-border payments between a potentially wide range of parties, as opposed to payments between parties within the same jurisdiction, where all account holders are required by law to be compliant with that jurisdiction’s sanctions and KYC requirements. In the latter, the KYC, on-boarding processes and regulatory requirements are known and consistent, lessening the incremental value of transaction screening as a control.
  • A well-documented understanding of the risks and how they are managed through the set-up and calibration of the screening tool. For example, with list based sanctions programmes, the red flag is the presence of the sanctioned party’s name, which is readily available to detection through screening of customers and transactions. By contrast, for certain Sectoral Sanctions programmes, only a defined subset of activities is prohibited, and screening payments for targeted parties will not detect the sectoral sanctions risk without further additional information about the specific underlying activity and, therefore, may not be appropriate or effective.
  • Assess where, within the FI, the information is available in a format conducive to screening. For example, transactions solely containing International Securities Identification Number (ISINs). In some cases, an FI may identify that the information within its operations is insufficient to assess a screening alert and distinguish a true match from a false match. In these cases, the FI may need to consider alternative controls or adopt new business processes. In other cases, the FI may decide not to screen a category of information because this specific information, while in a format conducive to screening, is not sufficiently actionable to manage sanctions risk. In these situations, the FI should implement alternative controls to identify and manage the sanctions risk.

Screening Technology and Generating Productive Alerts

What is often thought of as a simple name-matching process can be a complex set of processes in which data is transferred from several, often disparate, technology systems and sanctions lists for comparison, using matching algorithms and risk based alert creation rules intended to ensure compliance with multiple regulatory regimes.

For larger or more complex FIs, there is an expectation that the screening programme will require the use of a technology application that includes certain core functionalities to ensure appropriate alert creation by, and governance over, the screening process. Such functionalities include the capability to implement risk based screening rules, generate good quality alerts for review, provide relevant metrics and reporting, ensure data integrity and facilitate independent testing and validation. A robust operating model employs expertise from IT, Operations and FCC working together to ensure appropriate alert generation and adjudication.

For further information on Sectoral Sanctions see OFAC FAQs,

Principles for Generating Productive Alerts

Identifying and implementing risk based screening decisions, in order to maximise alert quality and minimise the number of low quality or irrelevant alerts, should be undertaken prior to the deployment of a new screening system and thereafter on an on-going basis. Risk based decisions may include:

  • Lists – an FI may establish criteria and technology processes to ensure that lists are only screened against a subset of data relevant to a specific jurisdiction (see List Management – below)
  • Exclusions – the addition of a party that poses low sanctions risk to a list of parties omitted from screening; or the use of conditional screening rules using list data or source data attributes
  • Suppression – use of suppression rules or “Good Guys” lists to manage common false positive alerts requiring unnecessary manual review
  • Data – removal of reference data from screening once the data is no longer risk relevant
  • A governance framework should contain the documented rationale for risk based decisions, such as those made in support of the creation of screening rules and threshold settings, as well as the risk acceptance or remediation efforts in relation to material deficiencies or changes.

Alert Generation and Review

The core aspect of any screening application is alert generation. The screening application must clearly present an alert for review by trained sanctions personnel. While the application’s workflow may vary according to many factors, including reviewer expertise or an FI’s risk tolerances (for example, whether the review process involves a maker-checker/four-eye requirement), the application must present all relevant data from the FI and the sanctions lists for decision making and allow reviewers to make a decision based on the validity of that data and, thereafter, record relevant rationale.

Metrics and Reporting

Centralised data repository

Personnel with responsibility for governance and oversight of the screening application and processes should receive risk-relevant metric reporting that enables the identification of sanctions and operational risk, as well as any data integrity issues. Such metrics may include, for example, the number of alerts generated by list, by jurisdiction, by business, or the identification of unintended data and list omissions.
This reporting and documentation should be used to disseminate relevant information to stakeholders.

Independent Testing /Validation

FIs should deploy an independent risk based testing regime to ensure that the screening application generates expected alerts, threshold settings and/or screening rules to forego or suppress undesirable alerts in accordance with the FI’s risk appetite. Similarly, the accuracy and completeness of the data used in the screening process should be reviewed to ensure the integrity of data uploaded.
Independent testing may be carried out by qualified teams with appropriate technology expertise in internal audit, an independent group within the FI’s compliance division, a third-party vendor engaged for this purpose or a combination of these. The screening application may also be submitted for consideration as a model and, if so considered, any associated governance framework.
The results of testing should be reviewed at a minimum by the team within the FI with primary responsibility for sanctions compliance, which should determine whether risk acceptance or remediation is appropriate with respect to any relevant findings.

Data Integrity

The aggregation of data from multiple sources for sanctions screening creates the possibility that data integrity issues may arise. An FI should consider establishing processes to ensure source and list data used in the screening process is both accurate and complete.

Internal Technology Build or Vendor Selection

Successful implementation of a sanctions screening application requires an FI either to build the screening application internally or to source it from a vendor. As each FI’s size, geographic presence, business and technology environment are unique, this determination must be derived from an analysis of identified sanctions risks and functional requirements.
Elements to be considered from a risk standpoint include:

  • The sophistication and configurability of the matching software
  • Availability of screening rules to optimise alert creation/suppression
  • Support for the screening or transformation of data in non-Latin characters
  • Ad hoc, one-off or manual screening functionality
  • Workflow configurability
  • Availability of metrics reporting

From a functional standpoint, consideration should be given to the volume of data to be screened; support for multiple local or a single centralised installation; the existence of, or support for, data integrity processes, and the ability of the application to integrate effectively within an FI’s technology infrastructure.

Once risk and functional requirements have been identified, an FI should achieve a balance between the standard vendor functionality and configurability of a purchased solution against the cost to build and maintain a more bespoke application internally. It is critical to understand whether sufficient compliance and technology expertise and resources exist within the FI or chosen vendor (and will continue to exist) to sustain the design, build and/or implementation processes, while remaining well-informed on emerging sanctions risks that arise as a result of evolving regulatory frameworks or business expansion and strategy.

Reference Data/Customer or Name Screening
– What is Reference Data Screening?

Reference data screening is the process of screening the information an FI collects and maintains on the parties it does business with, or specific types of products and services it offers. While it is often referred to as “name” or “customer” screening, the concept of reference data screening encompasses any data set within the FI’s operations, separate from its transactional records, that may present a relevant sanctions risk indicator and be conducive to detection through screening on a periodic basis.
The most common types of reference data relevant for sanctions screening include:

  • Customers, including all parties, whose identity is collected by an FI to meet its Know Your Customer (KYC) and Customer Due Diligence (CDD) standards, such as beneficial owners and related or connected parties
  • Employee data
  • Third-party service providers, for example, vendors, landlords of FI-occupied premises, tenants of FI-owned premises
  • International Securities Identification Numbers (“ISIN”) or other sanctions-relevant identifying features of assets held in custody by the FI
  • Recipients of the FI’s corporate donations or sponsorship

Determining Sanctions Relevant Attributes in Reference Data

Not all the data elements within an FI’s records are relevant for sanctions screening. When determining what reference data should be screened, an FI should identify and differentiate the data within its operations and records that are relevant to sanctions risks, how they are relevant, and ensure they are conducive to effective screening. For example, the names of individuals and entities with whom the FI has a relationship are relevant for screening against name based sanctions lists; however, they are not relevant for geographically based sanctions programmes.

While the data elements contained in the addresses for these parties (most commonly, cities and countries) are relevant for screening against geographic sanctions programmes, these same address attributes are also relevant as identifiers in name based, list based programmes to differentiate a true name match from a false name match.

An FI should also define other data elements that may be relevant for sanctions screening in some situations and not others. Date of birth, for example, is relevant as a distinguishing factor to assess a true match from a false match on an individual and might be used for screening in combination with another attribute, such as name. In each case, FIs should weigh up the relative incremental value of screening the data element against the reliability of the data, and whether an alert against the data will meaningfully assist in detecting or preventing a sanctions risk that would not be reasonably detected through other controls, or by screening different data attributes.

Manner, Timing and Frequency of Sanctions Screening

An FI’s reference data is typically maintained in electronic files. It is most effective when screened through an automated process and repeated at defined intervals. The use of manual screening can be considered when the risk is sufficiently low, and where the reference data cannot be sourced reliably, either electronically or in a format necessary for automated screening. For example, if an FI has identified only a small population of names requiring screening, it may choose to forego investing in an automated screening system and instead manually input these names into an online screening filter.

An FI’s policies and procedures should clearly define when reference data screening takes place. As a general principle, screening should be done when establishing a new relationship, to ensure the relationship is permissible, and then at regular intervals, either upon a trigger event or as customer and/or list information changes, to validate that the relationships remain permissible. Where either internal or external data sets change frequently, periodic screening may be as often as daily, but longer intervals between periodic rescreening may be acceptable in situations where change is less frequent or the risk of a potential sanctions exposure is low.

Transactions/Message Screening

Transaction screening refers to the process of screening a movement of value within the FI’s records, including funds, goods or assets, between parties or accounts.

Transaction Screening, including Payments and Trade

Transaction monitoring
Bank Transaction monitoring

In order to determine the scope of transaction screening relevant for sanctions risk management, an FI should focus on those transactional records necessary to the movement of value between parties and at a point in the transaction where detection of a sanctions risk is actionable to prevent a violation. Consideration should be given to higher sanctions risks factors, such as:

  • Cross-border transactions
  • The currency used as part of the transaction
  • The routing of the transaction

Screening cross-border payments prior to completing the transaction is common practice and known as screening in real-time. By contrast, screening domestic payments in real-time may be unnecessary for FIs that are subject to the same local regulatory requirements, including the jurisdictions’ local sanctions and KYC requirements when on-boarding clients. For these FIs, imposing screening at the time of each transaction is likely to be duplicative and less likely to identify any new or additional risk indicators.

However, an FI that is also subject to a different jurisdiction and regulatory mandate would likely want to assess its applicable requirements and decide to screen its transactions to address that specific risk. An FI also may decide to screen a defined set of transactions, where it assesses the sanctions risks within the local economy or financial system to be outside of its own risk tolerance.

Data Elements within Transactions

An FI should initially assess which transaction types are relevant for sanctions screening. In the same way as reference data, it should then identify which attributes within those records are relevant for sanctions screening and the context in which they become relevant. Names of parties involved in the transaction are relevant for list based sanctions programmes, whereas addresses are more relevant to screening against geographical sanctions programmes and can be used as identifying information to help distinguish a true match from a false match. Other data elements, such as bank identification codes, may be relevant for both list and geographically based sanctions programmes.

In a sanctions context, some data elements are more relevant when found in combination with other attributes or references. For example, detection of sectoral sanctions risk typically requires detection of multiple factors, such as those where both the targeted parties and the prohibited activities are involved. Many controls may not be capable of detecting both factors simultaneously and, therefore, may not be effective.

In addition, certain data elements offer little or no risk mitigation through screening, for example, amounts, dates and transaction reference numbers have no relevance from a screening perspective.
Some of the most common transactional attributes screened include:

  • The parties involved in a transaction, including the remitter and beneficiary
  • Agents, intermediaries and FIs
  • Vessels, including International Maritime Organisation (IMO) numbers, normally in Trade Finance related transactions
  • Bank Names, Bank Identifier Code (BIC) and other routing codes
  • Free text fields, such as payment reference information or the stated purpose of the payment in Field 70 of a SWIFT message
  • International Securities Identification Number (ISINs) or other risk relevant product identifiers, including those that relate to Sectoral Sanctions Identifications within securities related transactions
  • Trade finance documentation, including the:
    • Importer and exporter, manufacturer, drawee, drawer, notify party, signatories
    • Shipping companies, freight forwarders
    • Facilitators, such as insurance companies, agents and brokers
    • FIs, including Issuing / Advising / Confirming / Negotiating / Claiming / Collecting / Reimbursing / Guarantor Banks
  • Geography, including a multitude of addresses, countries, cities, towns, regions, ports, airports, such as:
    • Within SWIFT Fields 50 and 59
    • Place of taking in Charge / Place of Receipt / Place of Dispatch / Place of Delivery / Place of Final Destination
    • Country of origin of the goods /services / country of destination / country of transhipment
    • Airport of Departure / Destination

Manner, Timing and Frequency

Transaction screening should be performed at a point in time where a transaction can be stopped and before a potential violation occurs. This typically occurs at a number of points in the lifecycle of a transaction, but certainly prior to executing any commitment to move funds. Particular attention should be directed to any points within the transactional process where relevant information could be changed, modified or removed in order to undermine screening controls.

Transactional records are typically found in large volumes and within business processes predicated on speed of execution. These transaction types are generally in electronic form and conducive to systemic, automated screening. Some transaction types, however, still rely on documentation in various formats and varying methods of presentation. These may require manual screening processes, where relevant information is physically added into a system for screening.

Trade finance documents often require this type of manual screening, although, more advanced information capture techniques are increasingly available, including Optical Character Recognition (OCR), where documents are scanned and then automatically transposed into a system prior to screening. OCR requires quality assurance validation to ensure the information has been captured fully and accurately.

Certain paper based transactions, such as paper cheque clearing, where the volumes can be high and the manual screening process creates high rates of errors, may rely on controls other than screening, such as KYC processes, where the sanctions risks for the product are assessed as being low.

List Management

Sanction list
Sanction list

Screening is dependent on data sets and lists of sanctions indicators, against which an FI looks for potential matches within its reference and transactional data. These lists must be accurate, reliable, up-to-date, refreshed frequently and relevant to the risks the FI is attempting to manage. These lists are generated both by external authorities and created internally based on the FI’s own information and knowledge about its exposure to sanctions risks.

List management refers to the end-to-end process of determining and managing regulatory and internal lists used for screening. Rigorous list management promotes screening which is consistent with the FI’s risk appetite, including the identification of potential sanctioned targets.

The following considerations are relevant to effective list management, and each should be well-documented and reviewed on a regular basis, to ensure the FI’s chosen approach remains in line with its risk appetite:

  • List selection – determine which sanctions related lists are relevant for screening. This should include regulatory lists, for example, the OFAC and E.U. lists, as well as other lists designed to comply with regulatory requirements and to manage risk.
    • Such lists may include internal or private lists of individuals/entities/terms known to have a sanctions nexus, lists of geographic terms including cities, towns, regions and ports or banking terms (for example, BICs), lists of prohibited securities and prohibited goods, where applicable.
    • List selection may depend upon multiple variables, including the type of data being screened or whether transactions are domestic or cross-border. For example, screening against lists of prohibited goods is currently unlikely to be conducted outside the context of trade finance transactions, or trade finance transactions likely do not need to be screened against sanctioned securities.
    • FIs should consider the impact that the introduction of new lists and terms, which could generate significant alert volumes, or spikes, may have on operational risk.
  • Sourcing of lists – determine which lists are to be generated internally and which lists are best sourced from external vendors, and the processes for generating/ingesting such lists.
  • List maintenance – determine the processes for adding and removing lists or entries to internal lists, where screening is no longer required or where the result is within risk appetite. Determine appropriate controls to ensure lists remain up-to-date and that only appropriate individuals can add or remove lists or list entries.
  • Data enhancement – determine whether certain list entries should be modified or enhanced based on additional information.
  • Whitelisting – determine the management of rules for automatically eliminating potential hits caused by the interaction of certain list terms and frequently encountered data, for example, customer names which have already been confirmed as false positives.
  • Geographic scope of list application – determine which lists should be screened in all jurisdictions of an FI’s operations and which, if any, could be screened only locally, within a certain jurisdiction or jurisdictions.
  • “Exact matching” versus “fuzzy logic” – determine which lists should be deployed within the screening filter on an exact match basis, and which would use fuzzy matching.
  • Frequency of screening – determine the frequency or the triggers for static data screening. For example, additions to lists and changes in customer data.

Regulatory Sanctions Lists

FIs typically source regulatory lists either from a third-party provider or directly from regulators. The use of a third-party can offer the FI a broad enrichment of data in a standard format and avoids duplicate entries that appear on multiple lists.

FIs should consider the means to ensure the quality and timeliness of updates made to the lists they screen against, including the following factors:

  • Delays between regulatory sanctions list updates and vendor provided screening list updates
  • Enrichment of listed terms; for example, foreign language name variations or addition of BIC codes for listed FIs.

When new designations are published on regulatory lists, the key priority for a list management function is to ensure the names are implemented into screening as quickly and accurately as possible.

Internal Lists

Internal lists are often referred to as ‘Private lists’ or ‘Grey lists.’ These are lists of individuals and entities which may present a financial crime risk to the FI, and have been identified through an FI’s internal procedures or intelligence. These names are generated and maintained internally within an FI’s risk appetite and, ideally, applied in screening for a set time frame, dependent on the risk.

Long term effectiveness of internal lists often depends on the data quality of entries added. Toward that end, an FI should consider the minimum inclusion criteria for internal list entries to be operationally effective, including minimum data attributes and quality, to complement alert investigation procedures and improve risk identification. Regular reviews of entries are helpful to ensure intelligence does not become stale or outdated.

Identifying Information and Weak Aliases

Along with entries on a list, certain identifying information is often provided to assist in distinguishing a true match from a false positive. This information does not need to be screened. It is provided to assist with the assessment of an alert. This includes attributes such as date of birth, nationality (where legally permissible) and place of birth.

In addition to identifying information, some authorities provide additional ancillary information of varying utility that can be useful to help distinguish a true match from a false positive. This ancillary information may include “weak aliases,” or “low quality aliases,” and describes broad or generic names of sanctions targets that often will add little value in confirming a match. These weak aliases may include ‘nicknames’ and common acronyms. It is not expected, nor is it typically productive, to screen against weak aliases.

Weak aliases can be identified into one of the categories below:

  • Character length (shorter strings are assumed to be less effective in screening than longer strings)
  • The presence of numbers in an alias (digits 0-9)
  • The presence of common words that are generally considered to constitute a nickname (example: Ahmed the Tall)
  • References to geographic locations in the alias
  • The presence of very common prefixes in a name where the prefix was one of only two strings in a name (example: Mr. Smith)

Historical Reviews (Lookbacks)

While the consideration of a lookback is not exclusively a sanctions control, an FI may identify potential sanctions risk where a sanctions related data point may have been previously undetected by the screening system, for example, as a result of a name variation. In these instances, the FI should consider whether or not:

  • Changes to the sanctions screening system (for example, configuration or lists) are warranted, and
  • A historical review (“lookback”) should be performed.
  • In considering a lookback to identify transactions that have already been processed, an FI should give strong consideration as to whether such a review would be useful to the FI and/or public policy interests.

In making this determination, consideration should be given to:

  • A clear understanding of what is the root cause
  • Whether the matter is an isolated, one-time event or is it likely to occur again, in order to inform the necessary activity and the consequences if it is repeated
  • Does the risk warrant mitigation? If yes, what steps need to be taken to mitigate the risk? For example, configuration changes, list content, non-screening controls
  • Is there a public policy or law enforcement interest in the identification of historical transactions and subsequent disclosure of those transactions/parties involved?
  • Mitigating factors for potential enforcement actions and regulatory disclosure
  • Detecting possible conduct issues
  • Identifying customer behaviour or patterns that pose increased sanctions risk


In summary, sanctions screening is a key control in the prevention of financial crime risk which FIs may otherwise be exposed to. It is essential that it is implemented and maintained as part of a wider set of financial crime compliance controls and within the risk appetite of the FI.

While recognising the need to meet regulatory and legal obligations, and demanding the highest standards of effectiveness in identifying sanctioned parties and locations, FIs should seek to adopt a risk based approach to sanctions screening and to consider all aspects of a comprehensive sanctions screening control framework, as follows:

  • The FI must have a robust FCC programme with a clear strategy in respect of sanctions screening, to mitigate the risk of being exposed to sanctioned parties and countries.
  • The FI’s approach should recognise that while sanctions screening is a primary control, it has its limitations and should be deployed alongside a broader set of non-screening controls to be truly effective.
  • It is important for FIs to document their systematic approach to screening by linking it directly to their risk appetite statements.
  • The accuracy and completeness of the FI’s own data is central to an effective and efficient sanctions screening process.
  • Technology remains a key enabler in the effectiveness of identifying financial crime risk through screening, more efficiently and on a real-time basis.
  • Robust governance and oversight mechanisms must be put in place across the FIs to ensure transparency of risk decisions to key stakeholders and risk owners.
  • The FI should ensure that people involved in the end-to-end risk event management are suitably trained, supervised and that the appropriate levels of quality control and assurance are in place to ensure compliance with requirements.
  • Robust management information should be made available to management to report effectiveness, trends and performance.


Alert Spike is a substantial increase in the number of alerts generated. A spike could be caused by, for example, remediation exercises, changes or updates to policies, procedures or Watchlists.

Four-Eye Review means that a certain activity, for example, a decision/transaction must be approved by at least two people (Maker and Checker). This dual control mechanism is used to increase transparency and ensure quality of reviews and subsequent decisions.

Fuzzy Matching is a varied and algorithm based technique to match one name (a string of words), where the contents of the information being screened is not identical, but its spelling, pattern or sound is a close match to the contents contained on a list used for screening.

Customer or Name Screening is the screening of full legal name and any other name provided by the customer, such as known aliases, against applicable official sanctions lists. Operational Risk is the risk of potential reduction, deterioration or breakdown of services provided by an FI caused by deficiencies in information systems or internal processes, human errors, management failures or disruptions from external events.

Sectoral Sanctions – in July 2014, the U.S. Office of Foreign Assets Control (OFAC) and the European Union introduced new Ukraine and Russia-related sanctions programmes prohibiting certain types of transactions with targeted entities in the finance, energy and defence sectors, as well as entities owned by 50% or more by the targets. OFAC refers to these sanctions as Sectoral Sanctions Identifications. Sectoral Sanctions Identifications aim to identify persons operating in sectors of the economy that may be subject to sectoral sanctions, deals and transactions that are prohibited.

Transaction Screening is the process of screening a movement of value within the FI’s records, including funds, goods or assets, between parties or accounts. In order to mitigate risk associated with trade finance transactions and international wire transfers, FIs conduct real-time screening of cross-border transactions against Sanctions Lists, where any of the Sending Bank, Originating Bank, Receiving Bank, Intermediary Bank or Beneficiary Bank are located in different countries.

True Match is a screening result, where the characters contained within the information being screened match the details of a designated entity on a list that is in scope for screening.

Weak Aliases/Low Quality Aliases is a term for a relatively broad or generic alias (including ‘nicknames’ and common acronyms) that may generate a large volume of false hits when such names are run through a computer-based screening system. It is not expected, nor is it typically productive, to screen against weak aliases.