Having recently been included in the Chartis RiskTechAI50, we’re proud to announce that Ripjar has also been recognised as a Category Leader in two Chartis RiskTech Quadrants for 2025:
Name & Transaction Screening Solutions
Adverse Media Monitoring Solutions
Chartis defines Category Leaders as exhibiting “strength across the broadest set of capabilities in the segment, showing a clear execution of core strategy and innovation”.
Assessments were based on a number of criteria, and we’re delighted to have scored consistently highly across the board, reflecting our dedication to building the most advanced products to help our customers stay ahead of financial crime risks.
Our success in this quadrant came from having a high-performing, scalable infrastructure, with robust integrations and global data coverage. Our flexible deployment model also put us at an advantage in this space.
Ripjar scored highly across all criteria for name and transaction screening, with particular recognition for our data methodology, and reporting and auditing capability.
Adverse media monitoring
For the adverse media monitoring quadrant, success factors included effectively using GenAI to improve results, removing ambiguity through the use of sentiment and contextual analytics, and the ability to integrate a wide range of data sets and provide high quality multilingual name matching and screening.
Ripjar performed strongly across all adverse media capabilities, with significant strengths identified in data methodology and packaging. Our use of advanced disambiguation techniques to provide clear, accurate screening results also set us apart.
Ripjar’s position in the rankings reflects the strength of its proprietary analytics, particularly its matching methodology. Ripjar has also built full workflow and automation capabilities around its analytical, matching and data capabilities, enhancing the usability of its solution.
More complex and farther-reaching than ever before, supply chains make it possible for organisations to venture across borders, create new relationships, and launch new commercial ventures.
But supply chains are also more vulnerable than ever before. The more third parties that a firm integrates into its network, the more exposed it becomes to regulatory risk, including money laundering, terrorism financing, and sanctions evasion risk.
As the world’s largest economy, the United States has created a strict regulatory regime to counter the threat of global financial crime. Supply chain risk is an important part of that regime and firms that operate within US jurisdiction must factor that into their compliance solutions, including implementing effective adverse media screening measures.
However, in a regulatory environment as complicated and populous as the US, implementing effective adverse media screening isn’t always straightforward. In this post, we’re going to explore that challenge.
What is adverse media screening?
The term adverse media refers to any media that indicates compliance risk. Similarly, adverse media screening is the process of actively monitoring publicly available sources of risk data in order to accurately establish individual customers’ compliance risk.
By offering valuable enhancement to standard sanctions and watchlist screening, adverse media screening eables firms to uncover otherwise hidden risk.
Also known as “negative news screening”, adverse media screening should take in all relevant data sources, including traditional media such as print and television news, and online sources such as news websites, blogs, and social media platforms.
Adverse media screening is, essentially, a name matching process in which compliance teams search for their customers’ involvement in stories and other published content from across the global media landscape. With that in mind, adverse media screening solutions need to be able to account for both structured data, such as entries in lists and forms, and unstructured data, such as names that appear in sections of prose or in recorded audio and video files.
Screening solutions should also be capable of accounting for variations in language, such as different spellings, nicknames, aliases, initials, and so on.
Why is adverse media important for supply chain compliance?
An investigative news report, for example, may hint that sanctions against a specific person are in the works, prior to a later confirmation in a government press release, thereby enabling a firm to take prompt action to minimise or eliminate its risk exposure, and avoid regulatory penalties.
That utility extends to the supply chain, and to third-party screening requirements. While firms are typically used to managing the direct risk that their customers and clients present, third-party relationships up and down the supply chain can be much harder to scrutinise. Supply chains often hide their true compliance risk, especially if a network spans multiple parties, borders, regulatory environments, and so on.
The presence of bad actors within a third-party network adds even more complexity to the problem. Persons designated on sanctions lists, for example, may try to actively conceal their identities when dealing with business partners.
Adverse media screening in the US
US AML/CFT compliance regulations impose risk-based adverse media screening requirements. Although it’s not always an explicitly stated requirement, adverse media screening is typically a part of best practice recommendations, especially those relating to customer due diligence (CDD) and, for higher risk customers, enhanced due diligence (EDD).
Key adverse media screening considerations in the US include:
The Bank Secrecy Act (BSA): The cornerstone of AML/CFT regulation, the Bank Secrecy Act requires firms to implement risk-based compliance procedures, including monitoring for suspicious activity, which typically entails screening customers against adverse media.
The Customer Due Diligence Final Rule: A 2018 amendment to the BSA, the CDD Final Rule includes a requirement for “ongoing monitoring”, which (as mentioned previously) entails adverse media checks, even if they aren’t explicitly mandated.
The Financial Crimes Enforcement Network (FinCEN): The US’ primary financial regulator FinCEN also frames the requirement for adverse media screening as “ongoing monitoring” – a component of risk-based compliance with the BSA.
The Office of Foreign Assets Control (OFAC): Like FinCEN, OFAC does not impose an explicit requirement for adverse media screening, although it does require firms to conduct risk-based compliance when managing sanctions risk. With that in mind, adverse media screening is a best practice expectation.
The primary purpose of risk-based adverse media screening is to ensure that compliance teams get an up-to-date, accurate picture of their customers’ compliance risk. In the context of supply chain and third-party screening, and with the integration of automated search technology, there are numerous benefits.
Data management
Supply chain screening necessarily requires compliance teams to collect and analyse vast amounts of customer risk data, drawing on thousands of sources from across the globe. Automated screening solutions streamline and simplify that task, adding speed and accuracy to the name search process, accounting for structured and unstructured data, and reducing or even eliminating the potential for human data-handling error.
Language variations
Cross-border supply chain relationships often mean that compliance solutions need to screen data in multiple foreign languages. Screening technology can automate multi-language analysis requirements and account for regional variations in spelling, the use of nicknames and aliases, and the use of non-Latinate characters.
Real-time updates
Global supply chains and third-party networks are constantly evolving, with each new sanction or regulation introducing fresh compliance risks. Automated screening solutions mean that compliance teams can stay ahead of these changes, and be informed as soon as election results are announced, for example, or as soon as a relevant social media post is published.
Scalability
Business growth can also complicate supply chain risk exposure, especially when firms need to expand into new territories, and adjust for new compliance regimes. Automated third-party screening gives firms a way to scale their approach to screening along with their business ambitions, keeping pace with expanding risk exposure by simply augmenting the scope of their name search process to include new regulations, new customer populations, and so on.
More than compliance
For US companies, managing compliance risk is not just a question of avoiding financial penalties.
While regulators like FinCEN may punish firms for technical regulatory violations, members of the public may view association with unethical third parties just as negatively. That guilt by association may be applied even if the firm was not directly engaged with the offending entity and no regulatory violation took place. In a fast-moving and highly editorialised media landscape, the subsequent reputational fallout can be as (if not more) damaging than the government-imposed penalty.
To that end, robust supply chain screening solutions provide not only protection from regulatory punishment but valuable peace of mind that a firm is taking all possible steps to minimise risk and deliver on internal commitments to pursue ethical business practices.
Stronger, smarter screening with Ripjar
If your organisation is required to meet US supply chain screening requirements, it’s no longer enough to rely on manual adverse media processes – Google searches are both incredibly time-consuming and highly ineffective for this purpose. You need a comprehensive solution capable of capturing global risk, and delivering actionable financial intelligence in seconds.
Ripjar 3P60 is a next-generation screening platform designed to help compliance teams stay ahead of third-party and supply chain challenges. Leveraging advanced AI analytics to build flexibility and resilience into the screening process, Ripjar 3P60 cuts through the noise to identify regulatory and reputational risks from every direction as soon as they emerge, and ensure decision-makers have all the information they need to protect their businesses, and their reputation.
The European Banking Authority (EBA) released new guidelines on sanctions screening in November 2024. Scheduled to come into effect across the EU on 30 December 2025, the guidelines set out the regulator’s expectations for how financial institutions (FIs) should implement governance, policies, procedures, and controls for their sanctions screening solutions.
With less than 6 months left before the new compliance requirements come into effect, it’s critical that obligated entities prepare, by reviewing and uplifting existing screening measures or developing new measures. In this post, we’ll explore that process in more detail.
What are the EBA guidelines?
The EBA’s November 2024 guidelines actually comprise two sets of guidelines, and apply in the following ways.
1) Guidelines for All Financial Institutions (EBA/GL/2024/14)
The first set of guidelines concern all FIs in the EU; banks, credit institutions, investment firms, and so on. The guidelines specifically focus on governance and risk management systems for sanctions compliance, and require FIs to:
Implement and maintain up-to-date sanctions compliance policies, procedures, and controls.
Establish a clear, well-defined governance structure and allocate responsibility (including to senior management) for sanctions compliance.
Conduct a sanctions risk exposure assessment to inform decisions on the controls and procedures necessary to establish effective sanctions compliance controls. The EBA has stated that this assessment should “be based on a sufficiently diverse range of information sources”.
Implement regular training programmes to ensure compliance teams are able to identify, assess, and manage sanctions compliance risk.
2) Guidelines for PSPs and CASPs (EBA/GL/2024/15)
The second set of guidelines concern payment service providers (PSPs) and crypto-asset service providers (CASPs). They focus on bringing these FIs under the scope of existing sanctions compliance regulations when handling specific types of transactions, including transactions involving crypto-assets. The guidelines require PSPs and CASPs to:
Choose and implement reliable sanctions screening solutions, and test their reliability regularly.
Define the dataset that they will be screening against the EU sanctions list and, where relevant, national restrictive measures.
Ensure that their sanctions screening measures are capable of verifying designated names on sanctions lists, managing the inherent risks involved in the screening process, and addressing the risk that customers engage in sanctions evasion strategies.
Preparing Your Screening Solution for Compliance
With the implementation date now on the horizon, it’s time for FIs to prepare their compliance teams, and adjust their screening solutions.
Here are the key stages in that process.
1. Align policies and procedures
Conduct a gap analysis to determine how your existing sanctions screening framework measures up against the EBA guidelines. Focus on identifying weaknesses in governance, technology, training, and documentation.
2. Update investigative steps
Following any updates to your screening policies and procedures, codify the steps your compliance team will take when investigating sanctions alerts. For example, set thresholds for escalating sanctions name matches, and define responsibilities within the compliance team.
3. Documentation of compliance process
Ensure your compliance process is fully documented, with an option to log the reasons for compliance decisions in a centralised and secure location. Your compliance documentation may be critical to subsequent investigations by law enforcement agencies, and so your decisions, and the information on which they were based, must be explainable and readily available for audit.
4. Invest in technology
For most FIs, manual screening methods will not be capable of meeting the EBA’s screening requirements. In order to achieve compliance, FIs should invest in screening technology capable of searching thousands of global sanctions lists and watchlists, along with other critical risk data sources such as adverse media stories, beneficial ownership lists, and politically exposed persons (PEP) lists.
Given the scope of the new screening obligations, many firms will find value in AI-powered screening tools capable of advanced analysis of huge volumes of unstructured data, and of making connections between risk data points that human compliance teams and manual tools might miss.
5. Train people and test processes
Your screening technology is only as good as the human compliance experts managing it. Develop a training schedule to familiarise compliance team members with new screening policies and procedures, and new screening technology integrations. Similarly, perform regular testing to identify weak spots in the new compliance process.
6. Risk-based review
Implement different levels of review for higher-risk sanctions alerts, such as those involving high-risk jurisdictions. While a sanctions list check may be sufficient for routine transactions, higher risk alerts may warrant enhanced due diligence, including supply chain risk screening and global adverse media searches.
Stay Ahead of Sanctions Risk with Ripjar One
With the EBA’s new sanctions screening guidelines imminent, it’s up to you to make sure your team is ready, by putting the right people, the right policies, and the right tools in place.
Powered by next-generation AI, Ripjar One is designed to help FIs manage that challenge, and take on an increasingly complex sanctions landscape.
Consolidating static and dynamic risk data seamlessly, including sanctions lists, adverse media, beneficial ownership registers, and transaction alerts, Ripjar One is a comprehensive screening solution that empowers compliance teams to make faster, stronger compliance decisions, identify risks more effectively, and optimise compliance outcomes for both their businesses and their customers.
Sanctions risk is a fact of life for every global business but in the last few years, that risk has grown significantly. Geopolitical crises, such as Russia’s invasion of Ukraine, have prompted governments to add hundreds of new designations to sanctions lists, and renew or expand existing measures. The US, for example, added over 3,100 names to its Specially Designated Nationals (SDN) and Blocked Persons List in 2024 – a 25% increase on 2023.
In this climate, sanctions obligations don’t end with a round of basic checks of global watchlists. Compliance solutions need to be capable of dealing with the direct sanctions risk exposure posed to firms by their customers and clients, but also with the third party risk posed by their supply chains.
An organisation’s suppliers, partners and vendors may represent third party networks that span multiple jurisdictions, geographies, goods, intermediaries, and ownership structures. Add to that, the potential for bad actors attempting to evade sanctions, or conceal their actions with shell companies, and the supply chain risk factor quickly becomes considerable.
Given the complexity of this environment, and the potential regulatory penalties, it’s imperative that sanctions risk is treated as a core compliance priority as firms build their supply chain.
And the best way to approach that challenge is to build robust sanctions compliance into the supply chain from the outset, with a solution that can adapt to an evolving regulatory landscape and emerging geopolitical risks.
In this post, we’re going to discuss the key steps involved in doing just that.
Effective screening remains the best way for firms to learn about their clients and establish the sanctions risks that they pose. Accordingly, acquiring suitable screening technology should be your first priority when building a sanctions-ready supply chain.
However, while most approaches to sanctions compliance entail a screening process for clients, involving a search for names designated on the relevant sanctions lists (such as the SDN list), supply chain risk requires a much broader screening scope.
That means that you must implement screening technology capable of covering all relevant counterparties that form part of the third party network – vendors, suppliers, partners, and so on – in those list searches. This comprehensive approach to sanctions risk shouldn’t stop at list searches, either, but should serve to acquire as much data as possible on search targets including:
Adverse media stories: Sanctions risk is often revealed in adverse media stories long before persons are officially designated on sanctions lists. Investigative journalists may break stories that impose sanctions evasion activities and indicate that you should change your compliance response.
Politically exposed persons (PEPs): Elected officials and government employees pose a greater sanctions risk because of their proximity to political and bureaucratic financial resources.
Following Financial Action Task Force (FATF) recommendations, sanctions screening solutions should be risk-based. This means that you must deploy compliance measures in proportion to the risk that your organisation faces: lower risks demand a less intensive compliance response, higher risks, a more intensive response.
However, the effectiveness of a risk-based screening solution relies on you being able to accurately assess your supply chain to determine the risk that it poses. The sanctions risk assessment serves to help establish your risk appetite, define thresholds for compliance decision-making, and then dedicate resources to achieving those compliance objectives.
To conduct an effective risk assessment, you need to map your supply chain and capture any relevant risk factors. These may include:
Sanctions lists: It’s important to identify the relevant sanctions lists that pose a compliance risk to your organisation. For example, firms in the EU must screen against the EU consolidated list, and so on.
Industry: Different industries pose different levels of sanctions risk. Persons involved in, or connected to the shipping industry, for example, or those that trade in dual-use items, often carry a high sanctions risk.
Location: Supply chains that contact certain geographic locations, such as Russia, China, and the Middle East, may carry an elevated risk.
Corruption: Supply chains that involve jurisdictions with comparatively weaker regulatory infrastructure may be more vulnerable to corruption and associated sanctions evasion activities.
Step 3: Leverage Technology and Data
The success of the steps outlined above is dependent on you being able to implement a technology solution capable of managing the vast amounts of data involved in the supply chain risk assessment process. The solution must also output high quality intelligence that facilitates effective compliance decision-making in a constantly evolving sanctions risk landscape.
Given the expanded data demands of supply chain compliance, you’ll need to move your solution beyond manual processes and focus on automating as much of the process as possible, enabling your compliance team to focus their time on the activities where their skills are best used. With that in mind, you need your sanctions screening technology tools to deliver the following capabilities:
Real-time monitoring to help identify suspicious activity, including red flag indicators of sanctions evasion.
Data integration from a wide range of sources, including sanctions, watchlists, PEP data, adverse media, plus your own internal data in both structured and unstructured formats.
Entity resolution and advanced analytics capable of revealing hidden links to sanctions risk, and connecting supply chains to persons designated on sanctions lists.
Global adverse media screening capabilities covering screen and print media, digital media, and social media content.
Multi-language tools capable of screening natively against foreign language sources, and accounting for regional spelling and naming variations.
Automation to streamline responses to sanctions risk, including triaging alerts, assessing evidence, and automatically reviewing and closing false positive alerts.
Step 4. Train and Raise Awareness Across Your Organisation
A sanctions screening solution is only as good as the human employees that run it. To that end, you’ll need to ensure your compliance team members understand the organisation’s risk appetite, and have the necessary expertise to deal appropriately with the outputs and alerts that your solution generates.
So, to keep compliance teams up to speed with the capabilities of your screening technology, and the latest regulatory developments, you’ll need to implement a schedule of regular training and skill development. Your goal should not only be to impart regulatory and technical understanding, but to create a culture of compliance in which emergent challenges don’t disrupt services, and teams can adapt quickly to new risks.
You’ll need to extend this culture of sanctions compliance across your wider business, especially if your firm is part of a larger group of companies where some may be operating in different regulatory environments. This could mean establishing your sanctions obligations at group level, identifying further obligations for different locations, developing additional training materials, and implementing a mechanism to verify that overseas branches, subsidiaries, and local partners have understood, and are compliant with, the relevant standards.
To facilitate this kind of organisation-wide transformation, think about:
Policies: Consider centralising your compliance policies while localising specific controls.
Overseas training: Focus on training overseas offices on key sanctions obligations and red flag indicators of sanctions evasion activity specific to their locations.
Tools and frameworks: Provide access to shared screening tools and decision-making frameworks to ensure a consistent approach.
5. Maintain Robust Third Party Due Diligence Processes
Your supply chain sanctions compliance work is never done – it’s an ongoing process that evolves and grows with the business relationships that you maintain, and the sanctions risks that you face.
It’s therefore important to think about the following third party due diligence processes:
Continuous monitoring: Don’t simply conduct a risk assessment at the beginning of a business relationship as a one-off. You’ll need to monitor third parties in your supply chain constantly to ensure their risk profiles remain accurate. Leverage technology to automate rounds of screening and integrate real-time adverse media monitoring tools to be notified of changes in risk as soon as possible.
Geopolitical risk: Stay informed of emerging areas of geopolitical risk as a way of anticipating sanctions risk. The greater your awareness of potential new risks, the better able you’ll be to adjust your sanctions solution.
Evasion strategies: Be aware of the latest sanctions evasion tactics. Monitor for updates and guidance from relevant national and international regulators, such as the FATF, to ensure you receive the correct information and advice when the global risk landscape changes.
Reassess regularly: Conduct periodic risk assessments to test the efficacy of your supply chain risk solutions. Reevaluate your risk appetite after regulatory updates and geopolitical events.
Master Supply Chain Screening with Ripjar
In a period of unprecedented geopolitical uncertainty, it’s more important than ever to protect your organisation, and your reputation, from risk. You can do that by extending your sanctions compliance priorities to your supply chain, and leveraging technology to shoulder the increased data burden.
Ripjar’s AI-powered screening platform Ripjar 3P60 is designed to help firms meet that goal. A scalable, comprehensive approach to third party risk management, Ripjar 3P60 builds automated efficiency, flexibility, and resilience into your third party screening process, leveraging advanced machine learning to help you spot supply chain risks, and deal with them before they can harm your business.
The proliferation of weapons of mass destruction (WMDs) is one of the critical security issues of the 21st century. With geopolitical tensions rising, the business community must play its part in preventing terrorist and criminal organisations not only acquiring these types of weapons, but facilitating their movement around the world.
In this climate, spotting potential proliferation financing activity is a compliance priority. This means that firms must understand the relevant regulations, and adjust their screening solutions to account for risk exposure.
What is Proliferation Financing?
Proliferation financing (PF) is the act of providing funds that support the movement of WMDs, including nuclear, chemical, and biological weapons, around the world.
Given the elevated global risk of terrorist attacks, and the challenges involved in detecting financial crimes, governments have placed regulatory obligations on businesses, and particularly on financial services firms, to help combat PF and target its sources.
PF shares characteristics with other financial crimes, specifically money laundering and the financing of terrorism, and so may be detectable via existing screening measures. Persons involved are often designated on sanctions lists, for example, or may attempt to conceal their transactions via shell companies and corporate infrastructure.
In other contexts, however, it is harder to detect PF because related transactions and activities do not necessarily share the same red flag indicators of criminality. For example, criminals may seek to bypass regulations and screening measures by transporting only legal component parts of WMDs, or by transporting “dual use” materials that may be repurposed for the construction of WMDs by end users.
The risk of PF goes beyond persons directly paying for the transport of WMDs, and extends to persons that may be providing services unknowingly. On the other hand, persons that are knowingly involved in PF often employ sophisticated evasion tactics to evade screening measures. In some cases, heavily sanctioned governments may engage in PF activity, and use state apparatus to do so.
High Risk Countries
Certain countries represent a higher PF risk than others, these include:
North Korea: The government of North Korea is actively pursuing a nuclear weapons programme and has demonstrated a willingness to attempt to evade sanctions.
Russia: Heavily sanctioned by multiple countries since the invasion of Ukraine in 2022, Russia is attempting to evade restrictions by importing dual use materials for use in military weapons technology.
Iran: The government of Iran has demonstrated an ongoing desire to develop a nuclear weapons programme.
China: China has demonstrated a desire to expand its own nuclear arsenal, and has facilitated other countries’ evasion of sanctions, including North Korea and Russia.
Syria: Under its previous government, Syria was known to have deployed chemical weapons, and financed its acquisition of WMDs via the sale of oil and petrochemicals.
Global Regulatory Response
Governments around the world are increasingly framing PF as a serious criminal risk, however, other than designation in sanctions programmes, dedicated PF regulations lag behind those applicable to similar financial crimes, such as money laundering and terrorist financing.
In light of the FATF’s strengthened focus on PF, the United Kingdom has led the international community in taking regulatory action. In 2021, for example, the UK government conducted its first National Risk Assessment of Proliferation Financing (NRAPF). Given the UK’s status as an international financial hub, the NRAPF suggested that the UK government put regulatory measures in place to address PF risk.
Accordingly, in 2022, the UK government amended the Money Laundering and Terrorist Financing Act to introduce new PF identification and risk screen requirements. The UK has also applied strict liability to sanctions breaches, meaning that penalties may be applied regardless of knowledge or intent behind the violation.
Firms that break PF rules and regulations face serious financial and even criminal consequences.
In the UK, for example, under the Money Laundering Act, the Office of Financial Sanctions Implementation (OFSI) has the authority to impose unlimited fines, and prison sentences of up to 7 years for PF rules breaches. Those penalties may be imposed in addition to existing sanctions rules, under which OFSI can fine companies up to £1 million, or 50% of the value of the offending transaction (whichever is greater), and name and shame companies publicly.
Regulatory Risk to Financial Institutions
Banks and financial services organisations are on the front line in the fight against PF, and may be exposed to compliance risk in numerous ways. Key examples of PF risk include:
Layered transactions: Persons designated on sanctions lists may route transactions through multiple accounts in order to obscure their origin and evade screening measures.
Dual use materials: Companies trading in dual use materials, particularly technology such as aerospace components or microelectronics, pose an elevated PF risk.
Shell companies: Criminals may attempt to use shell companies or complex corporate infrastructure to obscure the origin and destination of PF-related transactions.
Missing or incorrect transaction details: Criminals may intentionally withhold or misspell PF-related transaction details in order to evade AML/CFT scrutiny.
High risk countries: Transactions that involve parties in high risk AML/CFT territories (such as those listed above) carry an elevated PF risk.
Cryptocurrency: The anonymity of cryptocurrency transactions puts them at a higher risk of involvement in PF activity.
Third Party Risk
PF activity typically involves firms’ relationships with third party organisations, such as shipping and transportation companies. With that in mind, PF compliance screening should go beyond a singular focus on companies in the financial sector, and include relationships up and down the supply chain.
That means screening measures should account for the complexity of supply chains, and the potential for regulatory disparity across international borders. Key third party and supply chain risk factors include:
Persons designated on global sanctions lists.
Companies trading in dual use materials.
Suppliers operating in high risk industries, such as shipping.
Suppliers operating in high risk jurisdictions.
Persons designated on politically exposed persons (PEP) lists.
While third party risk factors may not necessarily result in direct regulatory violations, firms that are revealed to have relationships with third parties that are exposed as being involved in PF often incur reputational damage.
Implementing a Proliferation Financing Risk Management Strategy
The scale and complexity of PF risk means that firms should carefully consider their compliance posture, and, ideally, integrate an AML/CFT screening solution to help them manage their threat environment.
An effective PF risk management strategy should involve the following measures and controls:
Screening during onboarding
Firms should establish new clients’ PF risk levels as quickly and as accurately as possible. This means conducting robust customer due diligence (CDD), and applying suitable screening measures during onboarding, with a focus on sanctions designation, and designation on PEP lists. The screening process should be global in scope, which means searches should be conducted in multiple languages, and include scrutiny of other critical risk indicators, such as adverse media stories.
Beneficial ownership
As part of the due diligence process, firms should aim to establish the beneficial ownership of client companies in order to account for the possible misuse of shell companies or complex corporate structures as a means to disguise PF activity.
Continuous monitoring
Following onboarding, firms should continuously monitor their clients for PF risk in order to account for changes to risk profiles over time. This means maintaining a regular screening schedule with a focus on updates to sanctions lists, suspicious transaction patterns, changes in company ownership, and emerging adverse media stories.
Risk scoring and segmentation
PF screening should be risk-based. With that in mind, firms should seek to establish a risk scoring system to enhance their risk assessment process, with higher scores applied to higher risk jurisdictions, industries, and transactions, or to persons designated as PEPs. Similarly, audience segmentation – the process of grouping audiences by risk characteristics – can help compliance teams conduct risk assessments more efficiently.
Sanctions and watchlists
Effective sanctions and watchlist screening is a critical component of PF compliance. Firms must implement sanctions solutions that capture domestic and international sanctions designations, and listings on the relevant watchlists.
Adverse media
Changes to a client’s risk profile may be revealed by the media before they are confirmed officially. With that in mind, PF screening should include automated adverse media searches, in multiple languages, and with sufficient scope to capture third party risk.
Going Beyond the List
Given the global scale of PF, it’s critical that compliance solutions “go beyond the list”, which means going further than simple sanctions and watchlist name searches, and instead building out the most complete risk profile possible for each client.
That means leaving manual screening processes behind and, instead, implementing automated AML/CFT screening tools with powerful name search and identity matching capabilities. The tools that you choose should be able to screen against thousands of data sources, in multiple languages, while accounting for sanctions evasion tactics, disparities in spelling and naming, and the possibility of PF risk emerging from third party relationships and PF-adjacent activities. With those factors in mind, and the need to manage vast amounts of customer screening data, it’s worth leaning into the efficiency benefits of AI-enhanced search technology, which can not only boost the accuracy of PF screening results, and reduce false positives, but support stronger compliance decision-making.
This is what every compliance officer says when talking about screening today. Little to nothing has changed on the technology and data front, despite ever increasing demands placed on compliance professionals.
This once simple compliance process is now anything but. Sanctions screening has grown beyond simple Latin alphabet name matching to include multi-alphabet and street address matching, not to mention the newer regulatory requirement to identify related and “network” members. Politically exposed person (PEP) identification has moved well beyond matching against established third party lists, to include potential unrelated and non-network “close associates”. Adverse media screening, once destined for the privileged few, is increasingly being demanded across all client segments.
Despite this changing landscape, regtech providers haven’t budged. “Static” data providers continue to generate lists based on their own assessments of who is important, and who isn’t, regardless of your risk tolerance. Or, worse, they provide media feeds of literally billions of articles, asking you to filter relevance. Screening tech firms are even worse, employing “fuzzy logic” (lots of fuzz, little logic) ostensibly to show their solutions’ ability to reduce false positives, even though regulators, from the beginning, primarily emphasise avoiding false negatives.
But from a risk perspective, the situation is even worse.Screening occurs on many levels – clients, payments and counterparties. The risk demands are similar across all levels, however the regtech solutions produce at times materially different outcomes. Screening at each level differs, as name matching and risk scoring typologies differ markedly. Similar risks are treated differently, causing frustration for any risk manager.
All this changes today.
It’s time to move to a 21st century solution and embrace the latest in technology from advanced data science, probabilistic programming and AI, all brought together in Ripjar’s powerful tech. Combine all your static data, including third party lists from sanctions, PEP and adverse media providers, as well as your own lists such as Do Not Do Business (DNDB), Approved Counterparties, and “Reported”. Then integrate this with your dynamic information, such as payment and account transaction data, to create a single “risk brain” – a holistic assessment process that produces the far too elusive “one pane of glass” for all clients, counterparties, originators, beneficiaries and, even, vendors.
Ripjar One
Unlimited data integrations
Enhanced with UBO data and transaction monitoring
Continuous live risk scoring with Dynamic Risk Profiles
Networking and advanced workflow capabilities
Backed by Ripjar’s powerful Digital Assistant
Welcome to the Ripjar One family of products
Ripjar One’s product family uses dynamic risk profiling to give compliance officers the power to achieve in today’s environment. Rather than relying on static risk profiles judgmentally created by third parties, dynamic risk profiling creates your own unique profile for each of your clients, counterparties, and even payment originators and beneficiaries. Powered by the latest AI technology, each profile is live, constantly checked in accordance with your rules, scored against your risk appetite, and continuously updated for new developments from both the outside world (such as sanctions or adverse media) and the inside (such as a new transaction monitoring alert or DNDB designation).
How dynamic risk profiling works
Centralise: Combine all your client name screening activities into one engine, regardless of whether the data is structured (by a third-party or your firm) or unstructured. This is then all searched as one, powered by the latest probabilistic-based name matching capability, and expandable to incorporate the results of your transaction screening and transaction monitoring systems’ outputs.
Unify: Subject all your processes to a single risk scoring methodology, completely configurable to meet your needs. All your screening risks will be treated not just in a similar, but the same manner.
Clarify: Build your own profile for every client and counterparty. Relevant output from your third party and internal sources is blended into your very own curated, dynamic risk profile. The profile is AI-generated, summarising the critical data points, and even highlighting links with other related and unrelated parties. The profile has a unique ID so it can be easily retrieved in milliseconds. The profile is the alert, sent to your team for review. And your Digital Assistant double checks your team’s work, notifying you of potential discrepancies.
Monitor and update: Your Digital Assistant works in the background constantly to update profiles when material changes occur and alerting you when necessary. These changes are highlighted to expedite review.
The benefits are numerous
One risk profile from all systems transforms static data into a dynamic answer, constantly updated, giving you the most complete risk picture.
One system eliminates redundant work arising from running multiple systems and processes, substantially increasing productivity.
False negative risk is substantially reduced through consolidating different characterisations from different lists into a uniform whole and having your Digital Assistant work as a “sixth pair of eyes” to double check your screening team’s work.
False positives are nearly eliminated from the use of a mathematically-driven probability matching schema and AI assessed alerting which prioritises alerts for review according to your rules, providing exponential ROI.
Identify hidden relationships and networksto significantly improve your compliance efforts.
Supply chains are critical to the global corporate landscape, but any reliance on a third party also comes with a level of regulatory risk, which firms must factor-in to their compliance solutions.
From breaches of anti-money laundering (AML) and counter-financing of terrorism (CFT) rules to institutional corruption, cyber-security failures, and human rights abuses, the consequences of third party risk can be just as damaging as internal regulatory failures – not least because incidents often also inflict reputational damage. Third party risks are not a low-priority issue: a focus on cybersecurity risk alone reveals that up to 98% of organisations worldwide have had a business relationship with a third party vendor that has suffered a data breach.
Awareness and understanding are key to identifying and managing third party risks, and to implementing effective mitigation measures. In this post, we’re going to examine some of the key pain points associated with third party risk management, and how firms can deal with them.
Supply chain risk
Most organisations are comfortable managing the challenges of their immediate risk environment, including carefully calibrating their screening and monitoring solutions. When it comes to the risk environments of their suppliers, however, identifying threats becomes more complicated.
Supply chains typically cross multiple borders and multiple risk environments, which complicates the risk assessment process. Not only do firms have to think about a higher volume of threat vectors, but take steps to ensure that their suppliers are operating in compliance with the relevant regulations. The complexity of a supply chain magnifies the compliance challenge: cross-border chains carry a higher likelihood of regulatory disparity, while multiple different entities make different internal compliance approaches more likely.
Key supply chain compliance risks include:
Suppliers that operate in high risk industries, such as shipping or payment services.
Suppliers that operate in jurisdictions with lower AML regulations.
Sanctions designations against persons or countries within, or connected to, a supply chain.
The presence of politically exposed persons (PEPs) within supply chain companies, or connected to them via friends or close associates.
The principles of supply chain risk management are similar to those applied to customers. That means firms must implement suitable supply chain due diligence measures, along with screening and monitoring processes, in order to assess and establish risk as accurately as possible.
Reputational risk
We’ve focused on the regulatory risks that supply chains pose, but third party risk is not just about legal consequences – it also includes reputational damage. In fact, reputational damage can occur even in cases where there is no technical breach of law, and can hurt a firm just as much as a financial penalty.
In some contexts, the mere existence of a business relationship between one entity and another can be enough to create a negative public impression, regardless of whether a client organisation has broken compliance rules. With that in mind, reputational damage is often a result of negative environmental, social, and governance (ESG) factors, which may include:
Carbon emission levels
Preservation of biodiversity and natural habitats
Ethical labour practices
Workplace diversity, equity, and inclusion
Health and safety practices
Corruption
Human rights abuses
The consequences of reputational damage can be difficult to predict, but may translate to customer boycotts, adverse media stories, and increased regulator attention. The sheer diversity of reputational concerns can be a particularly problematic factor for corporate entities with large global footprints, or with extensive supply chains. Reputational risks can be managed in the same way as other compliance concerns but, again, may require firms to extend the scope of their screening and due diligence measures.
Ongoing due diligence
The supply chain and reputational risks listed above represent ongoing compliance concerns, and mean that firms must factor them into their risk-based compliance solutions. In practice, this means treating third party relationships in a similar manner to business relationships, including performing due diligence in order to inform risk assessments.
Where conventional customer due diligence (CDD) measures help firms verify that customers are who they say they are, supply chain due diligence helps to verify that suppliers are meeting the standards that they claim to be. Supply chain due diligence is often a compliance pain point because it involves an intensive manual collection process of third party documents and information such as:
Company names, addresses, tax numbers and incorporation documents
Beneficial ownership details
Historical financial data such as tax reports
Internal risk assessment data
Internal financial data such as cash flow, debts, and liabilities
Regulatory environment information and historical AML/CFT compliance records
Supply chain due diligence should take place at the start of the supplier relationship and should be refreshed on a regular schedule to capture changes in a supplier’s risk profile. Ideally, that ongoing due diligence should be supported by peripheral compliance measures, including adverse media screening, and sanctions and watchlist screening.
Stay ahead of third party risks
Third party risks typically require firms to expand the scope of their compliance solutions, rather than taking a different approach to existing screening, monitoring or due diligence. That need adds volume to the compliance burden – a factor that can put unsustainable pressure on firms that rely on manual techniques to establish risk, such as searching for customer names on Google, or manually entering names into sanctions lists or PEP lists.
Fortunately, compliance teams have options for mitigating the challenges of third party risk, not least by supporting or (where possible) replacing manual processes with automated software tools. Automated screening software adds valuable speed to tasks that would have taken hours to complete manually, and high detail accuracy which reduces the potential for human error.
Most importantly, automated third party risk screening enables firms to dramatically boost the scope of their searches to a truly global scale. Automated name searches, for example, can cover thousands of global data sources, including news reports, sanctions lists, watchlists and more, delivering actionable intelligence in seconds, and helping firms make faster, stronger compliance decisions about every third party relationship.
It’s no longer enough to simply search for a customer’s name on a sanctions list in order to meet regulatory compliance obligations.
Risk-based sanctions compliance rules – imposed in jurisdictions across the globe – ask more of compliance teams, and typically require analysts to go beyond government-issued lists, and consider a much wider range of data when making decisions. Complying with these rules also brings a number of practical considerations for organisations.
In November 2024, Ripjar and FINTRAIL hosted the Sanctions Masterclass webinar “Going Beyond the List”, assembling a panel of experts to discuss the ways that firms can harness technology to add depth to their sanctions screening processes. In that discussion, Ripjar Operational Data Science Lead Abhijith Rajan drilled down into strategies that enhance customer name searches, and how artificial intelligence (AI) tools are helping compliance teams take their screening processes beyond the limitations of traditional name matching.
Organisations tend to be conservative in the way they do sanctions screening, but there are ways that technology can help us understand things about a name.”
Abhijith Rajan, Operational Data Science Lead, Ripjar
Industry Opinions: Screening Technology Impact
The Sanctions Masterclass captured the opinions of an industry audience in a poll that focused on the specific impacts that compliance teams would like technology to have on the screening process.
The poll suggests that firms value screening efficiency and accuracy, with results weighted towards the remediation of false positives, and managing an increasingly complex and crowded regulatory environment. Scrutinising that data, Abhijith suggested that the efficiency and accuracy challenge might actually start from an over-reliance on names in the first place:
“Sometimes even names can be problematic,” said Abhijith. “You might not be allowed to screen in the script that the name is originally available in. And going from a script you might be unfamiliar with to a script you are familiar with is usually a poor process. It leads to false positives, and might end up meaning you have to build in a set of rules to assess the data.”
That challenge suggests that a new approach to screening is needed.
Traditional vs Identity-Based Sanctions Screening
Traditional screening processes, in which financial institutions attempt to match names to designations on the relevant sanctions lists, are limited for a number of reasons, including:
Having a sole focus on the names designated on sanctions lists.
High rates of false positives.
The increased likelihood of missing hidden or indirect connections to sanctioned entities, especially if screening for a common name with no additional information.
Given the expanding sanctions compliance burden, the limited scope of traditional screening can expose organisations to significant regulatory risk. Abhijith raised the prospect of a better way to screen – essentially “going from names, to identities”.
In this identity-based approach, instead of focusing on names alone, compliance teams search for customer identities, capturing the vast amount of additional risk data behind every individual.
An identity-based approach to screening:
Incorporates all available risk data.
Reduces false positives and false negatives by capturing nuance and detail.
Future-proofs compliance solutions by adapting to increasingly complex regulatory demands.
Incorporating Linked Data
We need to make sure that we’re challenging ourselves to be screening with more information.
Abhijith Rajan, Operational Data Science Lead, Ripjar
Identity-based screening requires compliance teams to enhance their search processes, typically by integrating technology tools. In this context, Abhijith suggested that the name can serve as a foundation for the effective application of screening technology:
“You can immediately look at a name and have a sense of what kind of rules should be applied to screening,” said Abhijith. “Then you can start to do intelligent things around screening. It gives you ways of building in technology and applying different rules for different customers.”
With that in mind, when screening for identities, financial institutions should move beyond only using traditional fuzzy matching, and seek to implement software that links names to other types of data. This might include considering name origins, or partial-name matches, but should extend across all available data types, including email addresses, customer behaviour, bank codes, and, importantly, adverse media.
Taken in isolation, each of these data points might offer little compliance value. Linked together, on the other hand, they help financial institutions build customer identities into ‘risk profiles’, which add critical contextual intelligence, and enhance the proactive identification of sanctions risk.
Screening software that facilitates the use of linked data helps compliance teams assemble all relevant sanctions information in one place, which not only adds efficiency to risk analysis but speeds up decision-making.
Enhancing With Adverse Media
Adverse media is particularly useful in identity-based screening, not least because sanctions evasion risk may be reported by news organisations long before governments make designations on official sanctions lists.
However, effective adverse media screening is challenging for a number of reasons, not least because of the vast amount of complex data that financial institutions must search through to find relevant risk information, and the noise that data generates – all of which can lead to an overwhelming amount of false positive alerts.
With the Sanctions Masterclass poll suggesting that false positives are a top priority for financial institutions, Abhijith again pointed to the value of technology in enhancing the sanctions screening process with adverse media, including reducing noise, refining results, and reducing false positives.
Specific adverse media applications include:
Creating and leveraging curated adverse media feeds that focus on relevant risk categories.
Screening customer profiles for matches, rather than screening articles.
Applying filters for jurisdictions, entity types, or level of activity.
Tailoring alerts for specific industries and regions.
Incorporating Relationships
Identity screening also helps firms uncover the compliance risk presented by relationships, including not only family members of sanctioned persons, but their friends and close associates.
Abhijith emphasised the importance of using risk profiles to uncover relationship connections – an approach that leans in to the capabilities of search technology to capture data, including adverse media.
“People get married, they get divorced. You want to be able to see this information updated on a regular basis,” said Abhijith. “At Ripjar, we’re comfortable extracting information around things like close familial relationships, corporate relationships, and employee relationships from media.”
Using Ripjar’s screening platform as an example, Abhijith noted that relationships can be tracked visually in graphs or networks, or simply laid out textually as part of a customer’s profile. Even better, screening software can allow compliance teams to make connections with other sanctioned entities automatically, helping financial institutions uncover potential hidden links and networks.
Understanding AI Advantages
The need to incorporate linked data, from an expansive global landscape, represents a significant administrative burden for compliance teams, not least thanks to the increased volume of false positive alerts.
Acknowledging that challenge, Abhijith pointed to the potential of AI tools to not only broaden search reach and reduce manual effort, but to enhance detection and reduce false positive rates. Some of the the key potential benefits of AI screening include:
Natural language processing (NLP) tools for the analysis of adverse media and other forms of unstructured data.
Machine learning algorithms for the detection of behaviour patterns that indicate sanctions evasion.
The incorporation of unstructured contextual data in the compliance decision-making process.
The automation of decision-making for low-risk false positive alerts.
The benefits of AI were acknowledged in the Sanctions Masterclass audience poll, that found the vast majority of attendees see a role for AI in sanctions screening.
Managing AI Challenges
“AI is complicated. It’s not a transparent process, and very often you’ll find that even people who built the software will struggle to explain why a match has happened.”
Abhijith Rajan, Operational Data Science Lead, Ripjar
While AI holds promise for sanctions screening, it’s critical that firms also remember its limitations, including – in many instances – its lack of transparency. The transparency issue is a significant consideration in the integration of AI tools, and particularly generative AI (GenAI), in screening processes, since financial institutions must be able to explain a set of results to regulators during an investigation.
“Explainability in AI has become better, and it keeps getting better over time,” said Abhijith. “We need better transparency. The audit trails need to be very clear. Regular validation and fine-tuning of AI models is critical.”
The need for explainability was a recurring theme in the Sanctions Masterclass, with other panel members expressing a desire to see GenAI develop as a component of the sanctions screening process:
“It’s explainability and reliance,” said Parminder Turna, Wise Director of Product Compliance for Sanctions & Screening. “Explainability in AI has the same risk as placing reliance on a black box vendor. I would want to be able to sit in front of a regulator and explain how I’ve implemented GenAI. I think that’s the next hurdle.”
The limitations of AI don’t mean that financial institutions should shy away from using it in compliance contexts, but instead consider how they will implement it in a way that doesn’t compromise the integrity of their search results. To that end, Abhijith suggested that AI tools should be used with “guardrails” that ensure their validation and repeatability. These might include their integration with human oversight to balance efficiency and accountability, and ensuring that compliance teams receive comprehensive training in their use.
“Copilots are very common,” said Abijinth, referencing the way that Ripjar incorporates GenAI into its search solution. “The idea is that you have a GenAI support system that’s sitting next to you and allowing you to speed up your work. You allow AI to act as your first line analyst and give recommendations that can be adopted or rejected.”
Go Beyond the List with Ripjar
Going beyond the sanctions list means embracing the opportunities and challenges of a vast and evolving data landscape, and ensuring that your compliance team has the resources, skills, and tools they need to deliver results.
Financial institutions can make that process easier by exploring the capabilities of AI-powered screening platforms – such as Ripjar’s sanctions screening solution.
Supported by cutting-edge GenAI, Ripjar’s tool is capable of screening thousands of sources in seconds, including sanctions lists, watchlists, and adverse media. Customisable to the unique needs of an organisation, it captures and connects data from evolving risk environments, incorporating powerful screening features that add depth to customer name searches, and enrich the quality of search results, in order to facilitate stronger compliance decision-making.
Identifying risk in your client portfolio is a huge ongoing challenge, so one of the most critical questions Chief Compliance Officers (CCOs) must answer is whether to build or buy technological tools for negative news screening.
While building a tool from scratch gives an organisation total control over its development and use, it can become a burden on your time and resources. It demands specialist technical support, significant time for testing and deployment, and constant monitoring to keep it up to date with the latest technological advancements in AI and machine learning.
On the other hand, adopting a tool from a specialist vendor may reduce your level of control, but it offers technical expertise, ongoing support, and advanced, AI-led software that minimises disruption and boosts long-term efficiency.
Build: What are the limits of an in-house solution?
Many organisations will opt for an in-house solution. This provides the maximum level of control over the software, allowing firms to develop it according to exacting specifications.
But they also come with major limitations:
They can quickly become outdated with rapid technological advancements, especially surrounding artificial intelligence (AI) and machine learning, necessitating expensive and time-consuming ongoing development.
Solutions that fall behind in technology can produce overwhelming false positives, expensive backlogs, and poor client outcomes.
A lack of specialist in-house resources means tools may not perform optimally, such as with over-reliance on ‘fuzzy matching’, which often produces poor outcomes.
Sifting through false positives to account for non-optimal performance can be a lengthy task and a waste of precious human resources.
Organisations may lack the resources to promptly service an in-house system in case of an outage or other technical difficulty.
Buy: What are the advantages of an AI-led solution?
Sourcing an AI-led solution from a specialist vendor is the obvious alternative. Although many organisations may be wary of outsourcing a critical operation to a third party, they offer the kind of expertise and ongoing support some firms lack on their own.
An AI-led solution can:
Dramatically reduce false positives, provide intuitive and easy to understand analysis, and support a more robust screening capability.
Harness enormous amounts of unstructured data to produce new insights on customer risk, dramatically improve results, cut down on false positives, and overcome inefficiencies.
Give compliance teams complete oversight and control during investigations, cutting out the unnecessary middleman and ensuring more accountability, transparency, and efficiency.
Scale without necessarily needing to hire more staff members. This scalability means that AI-led tools have a positive return on investment, making the compliance function a growth enabler rather than a cost burden.
Remove redundancies and improve overall efficiency, allowing teams to focus on real instances of financial crime risk.
Furthermore, vendors specialising in AI-led technology for anti-financial crime have the resources and expertise to concentrate more effectively on technology advancements, specific regulatory requirements, and producing tools with a good and proven user interface. They also have clear roadmaps for improving their systems, often based on user feedback.
Screening Innovation: Labyrinth Screening, featuring AI Risk Profiles
CCOs must tackle a whole range of challenges when it comes to screening. Customer data can be limited and problematic, while media data can be noisy and imprecise. Many screening methods generate a large number of false positives, struggle to achieve accuracy at scale, and put a significant time burden on analysts.
Ripjar’s screening solution features AI Risk Profiles which are designed to address these challenges directly, saving analysts time and increasing accuracy in customer screening.
Data from both structured and unstructured sources is reviewed to build individual profiles for people and organisations, with advanced natural language processing extracting the most relevant items necessary to give a clear and complete view of relevant risks as quickly as possible.
AI-powered multilingual name matching and entity resolution are used to overcome screening challenges such as common or high profile names, helping ensure your organisation’s regulatory compliance by identifying risks other screening methods might miss.
This approach also captures a huge number of secondary identifiers – such as dates of birth, nationalities, locations and roles – from unstructured text.
This vast expansion of context leads to richer data and better recall. Standard watchlists are also enriched with these additional properties, improving sanctions and PEP screening accuracy.
80% of AI Risk Profiles contain secondary identifiers, which is key to reducing false positives. Testing has shown that there can be as much as a 91% reduction in false positives alongside a 5% improvement in recall.
By aggregating these properties across millions of articles, Ripjar’s screening tool can assign identifiers to entities at a scale which is simply not possible in human-curated profiles, and at an accuracy not achievable with article-based risk evaluation.
After financial disasters like Enron in 2001, and Worldcom in 2002, and more recent scandals such as the collapse of Wirecard in Germany in 2018, public focus on the behaviour of corporations has increased significantly. That focus has translated into governmental pressure, and the introduction of environmental, social, and governance (ESG) regulations to prevent these kinds of incidents from reoccuring.
In 2024, global ESG momentum is increasing, forcing firms to adjust their compliance posture to accommodate a changing risk landscape. In this article we’re going to explore what ESG means, why it’s an essential compliance concern, and how effective screening can mitigate ESG risk. We’ll also explore the latest key ESG regulatory developments from around the globe.
What is ESG?
The financial scandals of the 21st century shook public confidence in financial systems. To prevent that kind of corporate misconduct, governments began to introduce regulations that set higher ethical standards for businesses, and placed new legal responsibilities on executive-level employees. The US’ Sarbanes-Oxley Act (2002), also known as the ‘SOX Act’, is an early example of this kind of ethics-focused legislation.
In the two decades since SOX, the scope of ESG regulations has expanded to take in not just financial activities but a spectrum of labour, health, climate, sustainability, and community concerns. With those issues in mind, ESG may be defined as:
Environmental: Environmental factors such as carbon emissions, sustainable business practices, waste disposal, and impact on wildlife and plantlife.
Social: Treatment of its employees, customers, and the communities in which a company operates. Social factors may include workplace diversity and inclusion, health and safety performance, and charitable initiatives.
Governance: The way that a company makes decisions about itself, including avoiding conflicts of interest, acting in the interests of shareholders, and upholding both the letter and spirit of jurisdictional laws.
There’s a lot of overlap between ESG factors. For example, although carbon emissions are typically characterised as an environmental issue, they may also be understood as a social concern because excessive air pollution can cause respiratory illnesses in employees.
Why is ESG Important?
Climate change, social equality, and fair labour practices have never been more prominent in public discourse, and the rise of ESG reflects the global community’s desire to see corporations play their part addressing these challenges.
To that end, government regulatory activities have focused on executive level compliance controls and responsibilities, and on new reporting requirements that force firms to publicly disclose their progress towards the relevant ESG objectives. Under these regimes, firms not only face financial and legal penalties for noncompliance but have their ESG performance made visible and comparable to competitors, increasing the likelihood of reputational consequences.
ESG and Supply Chain Screening
Many ESG regulations require firms to consider not only their own ESG compliance risk but the risk presented by their supply chain and third-parties. Consider the following examples of supply chain risk:
Firms in the oil and gas industry face elevated sanctions risks because of supply chains that transit high risk countries.
Firms that source their products, such as clothing, from unscrupulous global manufacturers risk being connected to forced labour practices.
Financial services firms with international customers may be doing business with politically exposed persons (PEPs) who are involved in crimes such as corruption and bribery.
Since firms may be penalised if they do business with persons that violate ESG regulations, they must factor supply chain risk into their compliance solutions. This typically means integrating some form of supply chain screening capability.
ESG Compliance Regulations Around the World
The global ESG landscape is evolving. Noteable regulatory developments from around the world include:
The European Union
Corporate Sustainability Reporting Directive (CSRD): Taking a broad ESG focus, the CSRD imposes reporting rules on obligated firms across the EU. The CSRD requires firms to conduct a double materiality assessment of ESG risk, considering the impact on both internal operations and on external stakeholders such as customers or nearby communities. The CSRD is now in effect and will expand in scope in the coming years.
Corporate Sustainability Due Diligence Directive (CSDDD): Passed by the EU Parliament in 2022, the CSDDD (or CS3D) focuses on strengthening corporate supply chain due diligence as a way of protecting global human rights and reducing carbon emissions. The CSDDD will initially apply to larger firms, inside and outside the EU, with reporting rules likely to come into effect in 2027.
EU Deforestation Regulation (EUDR): Passed in 2023, the EUDR imposes strict supply chain due diligence rules that require firms to ensure their products are ‘deforestation free’. The scope of the EUDR includes products such as cattle, cocoa, palm oil and coffee, and the regulation will come into effect on 30 December 2024.
United Kingdom
Forest Risk Commodities (FRC): While the regulation has not yet been finalised, the FRC regime will be similar in application to the EUDR in that it will impose due diligence requirements on larger firms trading products like cattle, cocoa, and palm oil.
Corporate Governance Code (CGC): Sometimes known as ‘UK SOX’, the UK CGC sets out financial reporting obligations on larger UK businesses, with an emphasis on executive-level responsibility and compliance. An updated version of the UK CGC is scheduled to come into effect in late 2024.
ESG Rating Regulation: In 2024, the UK government announced plans to regulate ESG ratings agencies. The law will align UK ESG ratings with international counterparts, introduce oversight and transparency, and build industry confidence in the wider ESG regulatory regime.
Sustainability Disclosure Requirements (SDR): Similar to the CSRD, the UK SDR will impose ESG reporting and transparency requirements on larger UK businesses. Phased implementation of the SDR will begin in 2024.
United States
Customs enforcement: The US has strengthened existing customs rules in order to combat imports of goods that may have been produced using forced labour. A key example is the introduction of the Uyghur Forced Labour Prevention Act in 2022.
SEC Climate Disclosure rules: On 6 March 2024, the US Securities’ and Exchange Commission introduced federal regulations to standardise climate-related disclosures for public firms operating in the US. On 15 March 2024, following legal challenges by several US states, the SEC stayed the introduction of the rules.
APAC
China: In May 2024, China introduced ESG disclosure rules for its biggest companies. Known as the Self Regulatory Guidelines, the rules broadly align with the standards set out in the EU’s CSRD, and emphasise double materiality.
Adverse media stories typically offer firms a significant compliance advantage as they adjust to their ESG risk landscape. Environmental, governance, and financial scandals may be reported widely by news organisations (and in other media) before any official confirmation, giving firms that are vigilant an opportunity to gauge their risk exposure and take prompt action to avoid penalties.
With this in mind, automated adverse media screening solutions can transform the ESG compliance challenge, offering an expansive global perspective on risk and the flexibility to adjust quickly when the landscape changes.
Ripjar’s Labyrinth Screening platform provides this kind of screening power, enabling name searches across thousands of unstructured data sources, including global news outlets, sanctions lists, and watchlists, and delivering actionable intelligence in seconds. Explore an array of powerful screening features designed to enrich your ESG risk data: extract only the most relevant information and minimise false positives with AI Risk Profiles, and use AI Summaries to generate concise prose paragraphs for each target in order to make faster, stronger compliance decisions.
In July 2024, Germany’s financial supervisor, Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) updated its Auslegungs und Anwendungshinweise (AuA) which sets out compliance guidance for Germany’s Money Laundering Act, known as Geldwäschegesetz (GwG).
The draft guidance — AuA 2.0 — precedes the incoming EU Anti-Money Laundering Act (AMLA) which will introduce new anti-money-laundering (AML) and counter-financing of terrorism (CFT) rules across all member states, and change regulatory compliance obligations for many businesses. BaFin’s AuA 2.0 focuses on a number of emerging compliance risk factors, such as the rise of cryptocurrency, and includes new adverse media screening requirements.
With AMLA set to come into effect in July 2025, the window for preparation is starting to close and, while Germany’s final AML compliance landscape under the new regime is not fixed, BaFin is seeking to offer clarity to obligated entities.
Let’s take a closer look at the key points from AuA 2.0.
Mandatory Adverse Media Screening in Germany
One of the key points in the updated AuA, is BaFin’s emphasis on the need for adverse media screening. While acknowledging there is no explicit legal obligation, BaFin makes it clear that firms in Germany must include adverse media screening as part of their AML risk assessment process.
AuA 2.0 states that “screening customers using sanctions or high-risk country lists alone” is no longer sufficient, and firms must “use all knowledge available to them… for example from media analyses” in order to establish risk in accordance with international AML standards.
Insurance Holding Companies Under AML Scope
BaFin expects that Germany’s new compliance regime will expand the scope of AML regulations to insurance holding companies. As obligated entities under the GwG, insurance holding companies will have to implement AML reporting and record-keeping, and screening and monitoring obligations.
The expanded scope ensures a tighter focus on firms that are particularly vulnerable to money laundering risk, and will enhance regulatory consistency within Germany.
Outsource Oversight and Business Relationships
Where German firms outsource their AML compliance, BaFin emphasises that these organisations remain directly responsible for the function. This means that firms must ensure that third-party AML providers are capable of achieving a satisfactory level of AML compliance and, if necessary, implement internal safeguards.
BaFin also clarified the term “business relationship”, suggesting that, beyond one-off transactions, it should also apply to irregular and infrequent cases of customer contact. In these contexts, firms are expected to conduct suitable customer due diligence (CDD) in order to identify customers for AML purposes.
Risk Analysis
BaFin offers advice on the assessment process that firms are expected to conduct as part of their risk-based approach to AML compliance. AuA 2.0 sets out an explicit list of sources and guidance that firms should adhere to when conducting risk assessments, these include:
Under AuA 2.0, firms must update their customer due diligence (CDD) checks on customers more frequently, especially in higher risk cases. Under the new regime, the intervals for updating CDD checks are as follows:
Time between updated CDD check
AuA (old version)
AuA 2.0
Low risk customer
No longer than 15 years
“Risk appropriate” updates
Medium risk customer
No longer than 10 years
No longer than 5 years
High risk customer
No longer than 2 years
Annual updates
Crypto Asset AML
AuA 2.0 highlights the new AML risks posed by cryptocurrencies and virtual assets. Accordingly, under the new regime, crypto-asset service providers will fall under the scope of AML regulations. BaFin states that these firms will be expected to use blockchain analysis software in order to monitor customer transactions involving cryptocurrencies and other virtual assets.
Similarly, AuA 2.0 highlights the need for crypto-asset service providers to apply enhanced due diligence (EDD) measures when handling transactions of €1,000. EDD should also be applied when handling transactions that involve “self hosted addresses” in order to account for the elevated AML risk associated with blockchain technology.
Money Laundering Officer
AuA 2.0 clarifies the role of the Money Laundering Officer (MLO) for firms that operate across international borders. In this context, BaFin states that the MLO must carry out their supervisory activities in Germany. A cross-border firm may appoint a foreign proxy to act as MLO, but that person must carry out their MLO activities in Germany.
Further to that clarification, BaFin states that companies with fewer than 15 full time employees should factor in their AML risk exposure when deciding whether to appoint a member of their own management to the MLO role. BaFin also states that the MLO should generally not simultaneously hold the role of outsourcing or data protection officer, or be a member of the internal audit team.
Whistleblower Reporting Office
BaFin states that firms only need to establish a single internal reporting office to meet the GwG’s whistleblower requirements. It points out that the internal reporting office must facilitate confidential and anonymous reporting, to the standards set by Germany’s FIU.
Preparing for Germany’s New AML Regime
Stay ahead of AMLA compliance challenges, and prepare your organisation for Germany’s new AML regime with Ripjar’s Labyrinth Screening platform.
Powered by cutting-edge artificial intelligence, Labyrinth enables global adverse media screening of thousands of data sources, in multiple foreign languages, and delivers actionable compliance intelligence in seconds. Labyrinth’s advanced AI features promise to supercharge the screening process from end to end: identify, extract, and connect the most relevant unstructured data with AI Risk Profiles, and use AI Summaries to support high pressure compliance decision-making by generating clear, concise prose summaries of risk for each customer.
In a financial landscape progressively embracing AI as a productivity tool, generative AI (GenAI) has the potential to be a game-changer for anti-money laundering (AML) compliance. GenAI screening tools are capable of detecting patterns and relationships within data which, in compliance contexts, means identifying and analysing unstructured data and delivering financial intelligence faster than conventional screening – without the same potential for costly false positive alerts.
However, GenAI also has its challenges. Some tools have been known to deliver unreliable results or fabricate results entirely as ‘hallucinations’, while developers are often unwilling to disclose how their platforms work, which is a problem for compliance investigations. Those issues have made many firms understandably reticent about integrating GenAI in compliance, despite its advantages.
With that in mind, the best approach to GenAI integration in compliance is one based on careful consideration of available data. Equipped with the right insight and expertise, firms will not only be able to integrate innovative new tools safely, but optimise them to deliver the best compliance results. If you’re ready to explore GenAI as part of your compliance solution, let’s look at some of the most important practical considerations of that process.
What are the possibilities of GenAI integration in compliance?
Many industry observers frame AI as a game-changer in the fight against financial crime. With the potential to reshape data management and analysis, the technology offers specific anti-money laundering compliance advantages, including:
Automated analysis of structured and unstructured risk data
Automated summaries of large volumes of data as concise prose paragraphs
Identification of trends, patterns and connections within and between data sets
Quality assurance and verification of human AML compliance decisions
The possibilities of GenAI are appealing, but it’s important that compliance teams understand its limitations, not least the potential for hallucinations, and the lack of insight into how it generates outputs. Those factors mean that risk-averse firms should take a slower approach than their peers, waiting for more industry data, and regulator guidance, before deploying new AI tools.
What do regulators think about GenAI compliance integration?
Regulatory perspectives on the use of AI in compliance vary. While some regulators are seeking to impose overarching new rules frameworks to account for the rapid uptake of the technology, others are taking more principles-based approaches. Most regulators, including the Financial Action Task Force (FATF) have acknowledged the potential for AI to make compliance both easier and cheaper, but have also urged caution, pointing specifically to the need for explainability and transparency if the technology is to have a meaningful compliance impact.
While few jurisdictions have made substantive progress towards AI-specific compliance regulation, the EU has stood out by passing the Artificial Intelligence (AI) Act in May 2024. Characterised as a landmark regulation, the AI Act will be industry-agnostic, classify AI systems by the amount of risk they present, and require proportional compliance measures. Aspects of the legislation will be implemented over the course of several years up to 2030.
Practical AI Compliance Tips
As regulators find their feet, it’s important that firms keep a perspective on the GenAI horizon and don’t miss out on opportunities, or fall behind competitors. With that in mind, CFOs and their compliance teams should think ahead about how they will integrate GenAI tools successfully within existing anti-financial crime (AFC) frameworks when the time is right.
Consider the following key practical AI adoption tips:
Think about your compliance needs
GenAI innovations hold undeniable potential, but they are not compliance silver bullets. The impact of GenAI will depend on numerous contextual factors, not least the need for firms to understand the technology’s capabilities and limitations.
GenAI tools are currently best suited to the analysis and summarisation of large amounts of data, such as the results of adverse media searches. On the other hand, the technology is not as effective at running and generating the results of adverse media searches – other AI techniques are better suited to this. That factor should inform decisions about GenAI possibilities within a given business infrastructure, and means that some firms should consider a low effort, high impact integration of GenAI, before iterating to broader applications.
Don’t rebuild from the ground up
It’s important to think about current GenAI technology as a way to enhance existing compliance systems, rather than replace them. In practice, this means that you shouldn’t be rebuilding your entire tech infrastructure from scratch to accommodate GenAI tools.
In fact, most GenAI solutions are conducive to a staged and layered approach to integration which enables firms to maintain existing AFC controls as they get used to the new technology, and before committing to new compliance strategies. This option is particularly useful for transaction monitoring processes, since firms often use both traditional, rules-based systems alongside AI overlays, running outputs through the AI tool to refine results and create better screening outcomes.
Focus on data
The principle ‘good data in, good data out’ is typically reliable in screening contexts. The higher the quality of adverse media inputs, for example, the more accurate the risk profiles that firms can create for their customers. This principle applies just as much to GenAI screening tools, meaning that firms should seek to train them on robust data sets with sufficient depth and quality.
However, it’s important to remember that screening data quality will never be ‘perfect’ and firms shouldn’t wait for it to reach that hypothetical standard before deciding to integrate GenAI innovations. Consider potential use cases for GenAI integrations and prioritise data sets that will enhance the impact of your GenAI tools. If your adverse media data quality is high, for example, focus on GenAI integrations within your adverse media screening solution, and work to optimise these.
Consider the cost of expertise
GenAI adoption represents a new cost metric which must be considered alongside the context of the wider compliance budget. While larger businesses may have the in-house resources to research and deploy GenAI tools, other firms may need to consider whether to recruit new expertise or find a partner who can help them handle the process.
The projected cost of GenAI adoption should account for the speed with which the technology is developing. Firms should think about whether in-house GenAI integration is something that can be sustained over time – an effort that will require ongoing software updates, expertise and governance refreshes, and technology upgrades.
Select an effective partner
Firms that choose a third party to help manage their GenAI adoption and integration must be confident that their partner understands their compliance needs and vision, and can grow with their business.
Given the complexity of the GenAI landscape, and its pace of change, it’s important that the partnership allows for collaboration and open dialogue. You should understand how your partner will approach the design and deployment of your GenAI tools, what training will be provided, how the technology will be managed day-to-day, and what kind of post-integration support will be available.
Validate and test
The relative unfamiliarity of GenAI as part of compliance solutions means that firms must factor the validation and testing of system outputs into the adoption and integration process. The timescale for validation and testing will vary for each individual firm but should serve to ensure that the results the new tools generate align with the needs of the business. Validation and testing will also strengthen employee skills with the new technology, build confidence, and importantly, identify problems and risks.
The validation and testing process should not be limited to the pre-adoption phase. Firms should implement an ongoing testing schedule to identify emerging problems.
Empower employees
While GenAI represents a step forward in compliance automation, human compliance employees will remain critical. Human expertise will be needed to not only validate the outputs of GenAI screening, for example, but to intervene to address problems and to explain results to third parties as part of law enforcement investigations.
With that in mind, GenAI adoption should include a focus on the training and skills of users. Effective training will not only optimise the impact of new GenAI tools but ensure that the compliance team can adapt to changes, including emergent risks and innovation opportunities.
Embrace GenAI Screening Power
It’s time for CFOs to start thinking about the possibilities of GenAI, and what integration might look like in their organisations – not just in terms of advancing compliance, but staying ahead of customer expectations. Adoption and integration of GenAI promises both opportunities and challenges but the right partner can ensure firms identify and address pain points quickly, and move forward with confidence.
Built with cutting-edge AI and machine learning technology, Ripjar’s Labyrinth Screening system has proven compliance impact, enabling firms to conduct real-time global name searches across thousands of data sources, in multiple foreign languages, and deliver financial intelligence in seconds. Enhanced with GenAI innovation, and designed with decades of industry expertise, Labyrinth extracts the most relevant information from vast unstructured data sets, and uses that information to generate deep, detailed customer risk profiles with concise prose summaries, so your team can make stronger, faster compliance decisions.
Transportation factors into an array of serious criminal activities, including money laundering schemes. Where some criminals attempt to launder illegal money through the purchase of high value cars, others may use transportation networks or a vehicle itself to facilitate illegal activities including insurance fraud, county lines operations, drug dealing and people trafficking.
As transportation-linked criminality evolves, it falls to businesses, such as automobile dealers, rental companies, and logistics companies, along with their compliance teams to mount an effective response – an effort that includes implementing screening solutions to identify risks. In most cases, screening can make a huge difference to stopping transportation-linked crime, not least by surfacing adverse media that exposes the threat certain customers pose.
In the face of legislation such as the UK’s imminent Economic Crime and Corporate Transparency Act, which brings with it the new “failure to prevent fraud” offence, it’s important for automobile and transport businesses to put clear processes in place now.
Let’s take a look at some key examples of transportation-linked criminality, and explore the most effective screening strategies to help firms stay ahead of risk.
The Automobile Industry
The automobile industry generates a significant amount of revenue which makes it an attractive medium through which to disguise and transform dirty money. Beyond that potential to launder money, the car itself may also become an instrument for criminality and be used in thefts and robberies or even violent crimes.
Money Laundering in the Automobile Industry
Although the details of automobile money laundering schemes vary, certain strategies are common. Criminals purchase and then sell cars as a way to transform dirty money quickly, sometimes even inflating or deflating the transaction price to meet a required amount. These transactions often take place across different jurisdictions, with criminals buying a car in one country and selling in another as a way to exploit disparities in AML controls. In some cases, both the criminals and auto dealers may be involved in the laundering scheme, and a vehicle may not even change hands following the transaction.
Luxury cars and brands carry particularly high AML risk since they typically command extremely high prices, often far in excess of jurisdictional reporting thresholds (usually around £10,000). Once purchased, luxury vehicles can then be moved between locations, hidden, or sold on. The automobile industry is not the only target for this type of money laundering – many criminals purchase yachts as part of the same strategy, and move them between ports for resale.
Car Rental Crime Risks
Car rental companies, in particular, need to be aware of the risk of their vehicles being used in crimes, and put appropriate measures in place to stop that happening. Rental companies should be particularly aware of the risk of:
Organised crime: Many organised criminal gangs target car rental companies in order to obtain cars which can subsequently be used in crimes, including violent crimes, trafficking, and robberies. A gang will typically rent the car under a false name and credentials, commit a crime with the car, and sometimes may then even ship the car off overseas to make it much harder to trace.
Terrorism: Similarly, cars may be used in violent crimes. Terrorists may, for example, rent a car or vehicle to carry out an attack, rather than purchasing it outright, making it harder for them to be traced.
Stolen Cars and Spare Parts
Criminal activity in the automobile industry can also include the theft and sale of stolen vehicles and the trade of illicit spare parts, which may be stolen or fake. The trade of stolen cars and parts often has strong links to organised crime, and provides gangs with a lucrative source of income which must subsequently be laundered. The second half of 2023 saw a dramatic 39.5% jump in car thefts in the UK, compared to the same period in 2022. Car thefts are often predicate crimes, facilitating smuggling operations, trafficking of drugs and humans, and even violent attacks.
The internet has increased the trade of stolen cars and car parts, offering criminals possibilities to conceal their identities and complete the transfer of funds quickly. The sharp increase in online trade of stolen cars and parts has, in turn, increased scrutiny from regulators and law enforcement agencies.
Automobile Industry Red Flags
Common red flags of automobile industry criminality include:
Inconsistent, damaged, or altered customer identity information
Unwillingness or refusal to produce identifying information prior to a purchase or rental
Buyers that are particularly eager to complete transactions regardless of price
Buyers making multiple vehicle purchases or rentals in a short space of time
Discrepancies between a buyer’s income and the price of the car purchased
Purchases or rentals made on behalf of third parties, such as family members or shell companies
Adverse Media Screening Advantages
Adverse media screening can give automobile firms a significant advantage in the fight against crimes that involve their cars, products and services. In particular, searches can surface stories that link customers to organised crime, and to terrorist activities around the world. Global adverse media screening capabilities are critical in this context given the potential for criminal schemes to involve multiple countries.
Transportation-Linked Crimes
Transport linked criminality extends beyond the automobile industry, and involves a broad variety of methodologies.
County Lines Operations
County lines operations refer to a type of drug trafficking in which criminals exploit vulnerable people to transport their illegal drugs and money between locations. Transport is an integral part of this type of criminal activity since purchased drugs must be physically conveyed to buyers, often over long distances, using vehicles or public transport such as trains. With that in mind, cars are typically chosen for county-lines trafficking because they can be bought or hired relatively cheaply, often using the proceeds of crime.
A 2018 report by the National Crime Agency identified that over 60% of county lines operations use road networks to distribute drugs. Of that number, over 50% of operations involve cars or buses, with 25% of those operations using private cars, and 16% using rental cars. And it is further understood that there has been a increase in rental car involvement since Covid-19, due to changes in tactics which evolved in response to the pandemic.
County lines-related automobile purchases and rentals may differ from other criminal methodologies because criminals may not target particularly high value or high status cars as a means to transport drugs.
County lines operations may also be closely linked to human trafficking. Criminal gangs may recruit vulnerable people from outside a local area, or from a foreign country, to transport drugs on their behalf.
County Lines Red Flags
Common red flag indicators of county lines activity include:
Inconsistent, damaged, or altered identifying information during car purchases or rentals
Unwillingness or refusal to produce identifying information prior to car purchase or hire
Disparities between a buyer’s income and the car purchase they are making
Customers making multiple car purchases or hires over a short period of time
Foreign buyers or buyers with no apparent links to the location in which they are purchasing a car
Customers that are unfamiliar with the area in which they are purchasing a car
Customers that are reported missing persons or that have reappeared after a long absence without an adequate explanation
Logistics Companies
Certain criminal schemes, including money laundering, involve the targetting or exploitation of logistics and delivery companies. Cargo crime, or freight crime, refers to the theft of cargo from a logistics company, with criminals typically breaking into the delivery vehicle as it is parked, and taking the goods that it is transporting. Alternatively, criminals may steal fuel from the parked delivery vehicle for the purposes of illicit resale.
Criminals may also use logistics and delivery companies to launder money by sending high value items (such as cars and jewellery) across borders, often to jurisdictions with much lower AML requirements. In this context, criminals will typically disguise the truth about the cargo being sent in order to mislead or evade the scrutiny of authorities.
Logistics companies are also often exploited in sanctions evasion strategies, with criminals using them to evade trade restrictions and deliver prohibited items. Electronics components, for example, present a particularly high sanctions risk because of their potential for military end-use. Criminals can disguise these items as different types of cargo, and send them, via shipping companies, to sanctioned targets in other countries, including extremely high risk locations such as Russia, North Korea, and China.
With that in mind, without adequate checks on both ends of a transaction – i.e on both sender and recipient – a logistics company may inadvertently facilitate sanctions evasion, transport of prohibited goods to a sanctioned individual, or may become involved with a third-party company that violates sanctions compliance.
Logistics Red Flags
Red flag indicators of money laundering in the logistics industry include:
Manipulation of ship identification data, such as the deactivation of an Automatic Identification System (AIS)
Use of abnormal or non-optimal transport routes
Frequent registration changes, especially re-registration of ships
Irregularities in cargo or vessel identification documents
Complex ownership or management of third-party shipping companies
Irregular maritime shipping practices, such as ship-to-ship transfers
Benefits of Adverse Media Screening
Like the automobile industry, transportation-linked criminality is global in scope – a factor that increases the need for, and importance of, effective adverse media screening. Since changes in sanctions risk are typically revealed in news stories prior to official confirmation, it makes sense for screening solutions to emphasise stories about international criminal risk, such as human rights crimes.
Adverse media screening has the potential to surface a wide variety of risk data: in county lines operations, for example, compliance teams may be able to establish that they are dealing with a missing person by capturing social media data or other stories about the disappearance.
In some cases, law enforcement authorities and regulators release customer black lists to logistics firms and other transportation businesses, in order to support screening compliance. The EU, for example, publishes its list of high risk third countries that indicates jurisdictions with unsatisfactory AML controls.
Addressing Transportation Risk with Effective Customer Screening
Automobile dealers, rental companies, and other transportation-linked businesses should understand their status as potential targets for criminal schemes, and be capable of meeting regulators’ expectations. As part of this responsibility, firms must be able to capture risk accurately, at scale, and on an ongoing basis, by deploying appropriate Know Your Customer (KYC) measures, such as enhanced due diligence (EDD), transaction monitoring and, most importantly, customer screening.
Given the global scope of transportation-linked criminality, robust customer screening solutions should be a compliance priority for automobile and transport industry firms, and include tools capable of searching and analysing adverse media stories from around the world. Adverse media screening is critical to the early detection of transportation-linked criminality, not least because of the frequency with which criminals exploit disparities in international compliance rules, and involve multiple foreign persons.
The challenge for adverse media screening in the automobile industry (and beyond) is the need to capture all that risk without generating an overwhelming amount of false positive alerts that ultimately overwhelm compliance teams.
Next Generation Adverse Media Screening Solutions
Ripjar’s Labyrinth Screening platform is designed to meet the challenge of handling vast amounts of risk data, streamlining the customer name screening process, without compromising accuracy, in order to support strong compliance decision-making.
Labyrinth Screening enables searches of thousands of global media sources, including news stories, websites, and sanctions lists, in multiple languages, and delivers actionable financial intelligence in seconds. The platform is built to help firms adapt to a shifting risk landscape, and features an array of cutting-edge AI tools: AI Risk Profiles, for example, automatically build out rich, detailed customer profiles from only the most relevant data, while AI Summaries generate a concise prose summary of each profile in order to clearly highlight potential threats.
