In Ripjar’s recent Compliance Masterclass, co-hosted with FINTRAIL – now available to watch on demand – a panel of industry experts from FINTRAIL, Ripjar, Wise and Nomura explored all stages of the sanctions screening process, providing insights, advice and best practice on how to make the most of your screening outcomes.Here’s a round-up of some of the key takeaways from the session.
The importance of accurate screening outputs
In today’s regulatory environment – where data on sanctioned parties, politically exposed persons and entities who may present a higher risk of financial crime is ever-expanding – screening plays a vital role in detecting bad actors.
However, financial institutions face a mounting challenge: how to effectively manage ever-increasing screening alert volumes to identify and act on genuine risks without getting buried in false positives. To create efficient screening outcomes, financial institutions need to rethink the end-to-end process: not only how screening alerts are generated, but how they are investigated and resolved.
Screening alerts alone don’t dictate what action should be taken for a specific customer or transaction. Rather, they serve as the entry point for further investigation. As noted by the Wolfsberg Group, “the generation of an alert is not, by itself, an indication of sanctions risk.”
Accurate and auditable screening outcomes are crucial for two reasons:
They allow you to detect potential financial crime risk and any resultant actions that need to be taken.
The allow you to further tune and calibrate your screening system to generate better and more precise screening alerts in future.
Implementing an end-to-end alert process
Regulators are increasingly scrutinising alert handling processes, demanding not just that alerts are generated, but that they are managed, investigated, and documented with precision and consistency.
The European Banking Authority, for example, recently established standards on how it expects firms to carry out screening alert reviews, and in the UK regulatory standards focus on proper record keeping of resolved alerts.
Regulatory expectations
The EBA’s guidance states that policies and procedures should include:
Steps for starting to investigate all alerts generated.
Rules for the documentation of any decision taken in respect of alerts.
Measures to investigate alerts, such as procedures to assess and deal with indeterminate cases.
Different levels of review to be carried out in line with risk, by implementing at least a review by two people in relation to higher risk situations.
In the UK, JMLSG Part III 4.102 notes how firms should review screening alerts, including:
The process should be documented in writing.
Firms should keep an appropriate audit trail about every likely match.
A record of who made the decision and on what grounds.
A screening alert on its own will not define the screening outcome. Analysis is needed to confirm whether the alert is a match, whether funds need to be frozen, if the customer relationship needs to be terminated, if the customer’s risk rating needs to be increased, or if law enforcement needs to be contacted.
Key to reviewing screening alerts is having consistent disposition and decision-making throughout the firm, no matter how big or small, in order to comply not only with regulatory requirements but also the firm’s risk appetite. This could be achieved through:
Categorising alerts as high, medium or low risk based on the type of alert (sanctions, PEP or adverse media) and the strength of the hit (exact match or a fuzzy match).
Adoption of decision trees to ensure investigators review alerts in the same manner.
Identifying and escalating higher risk alerts – for example a nexus to high risk countries or exposure to certain high-risk industries – for expert review.
The use of the “four eyes” principle to ensure that at least two independent reviewers assess high-risk cases.
Many firms use a tiered approach for alert review and decisioning, whereby an alert will pass through several layers of review. For example, whereas all screening alerts will be reviewed by ‘Level 1’, and may need to be escalated to ‘Level 2’ for additional confirmation, the final determination of whether or not an alert is a true match and presents a risk to the firm may not occur until it is escalated to and reviewed by senior stakeholders at ‘Level 3’.
Documenting each step of the alert review process is crucial, not just for good practice, but for demonstrating robust governance. ‘Level 3’ decision-makers must be able to review the analysis and investigation already conducted, ensuring decisions are well-informed, defensible to regulators, and easily auditable. Clear documentation also streamlines escalations, reduces duplication of effort, and strengthens the overall quality of financial crime risk management. Furthermore, a clear audit trail of resolved alerts may be relevant for regulatory follow up or reporting.
Setting screening systems up for outcome success
Screening outcomes typically fall into four buckets:
True Positive: Correct escalation of a real risk.
False Positive: Incorrectly raised alert, which is later de-escalated.
True Negative: Correct non-match.
False Negative: Missed match and therefore an undetected risk for the firm.
In an ideal world, firms will be able to clearly identify and focus on true positives while ignoring false positives which carry no true risk exposure and lead to extra and unnecessary work. At the same time, firms will want to ensure that true risks do not slip through screening undetected. However, that is not always the case, and financial institutions face a number of AML compliance challenges in this area. As sanctions lists in particular expand, firms face rising false positives while spending less time detecting genuine alerts.
Understanding the root of false positives is not a one-off exercise but an ongoing process. Firms should continuously analyse data from past alerts to identify common triggers, refine matching logic, and adjust their thresholds. Leveraging historical alert data in this way not only reduces noise but also improves the precision of screening systems, enabling investigators to focus on genuine risks. Using past alerts to support ongoing tuning of screening systems can be done in two different ways:
Examining false positives: By analysing which types of alerts consistently lead to false positives, firms can refine their matching algorithms, exclude irrelevant data sets from screening, or apply different rules to specific client segments and thereby develop more precise rules for alert generation.
Examining false negatives: “Below the line” testing – the process of examining unseen alerts below the matching threshold set by the firm – to better understand what systems might be missing and whether the firm missed any false negatives.
Finally, effective screening outcomes are fundamentally dependent on two components: screening the correct watchlist data against high-quality customer data. At a minimum, firms should screen against any watchlists that they are legally required to comply with (for example sanctions lists) and lists relevant to their jurisdiction (for example PEP lists and specific adverse media lists). At the same time, customer data should also be of a good quality and consistency to ensure efficient screening alerts are generated.
Screening outcomes and AI
AI offers powerful possibilities in screening by rapidly analysing screening alerts to detect patterns, identify high risk alerts, and support enhanced decision-making. For example:
Enrichment of alerts: AI can be used to pull out additional data points (such as location data or beneficial ownership data) to provide further context to a screening alert which would otherwise only contain limited information. This can aid investigators in arriving faster, and more efficiently, at screening decisions.
Identifying high risk alerts: AI can be used to score and identify higher risk alerts that should be prioritised for review, due to a combination of the strength of the screening alert, the list it is matching against and the potential regulatory consequences.
Dealing with false positives: In certain situations, AI can even be used to auto-close alerts that are clearly false positives. Firms should note that where AI is used to make decisions, regulators expect firms to be able to demonstrate full governance and oversight over the AI’s decision-making remit.
From alerts to action
As regulatory scrutiny increases on how firms are conducting screening, firms must consider not only how they are generating screening alerts but also how they are reviewing these alerts and arriving at the right screening outcomes.
In summary, here are three things firms should do to ensure their screening process is set up for outcome success:
Undertake ongoing testing and tuning to understand the root of false positives. Analyse data from past alerts to identify types of alerts consistently leading to false positives to refine matching algorithms and rules going forward.
Screen the correct data. Carefully select the watchlists to be screened against, and ensure that the customer data used for screening is of sufficient quality to generate relevant screening alerts.
Create documented procedures for alert review and escalation. Establish clear, written procedures for how alerts are reviewed and escalated (for example, through decision trees and prioritisation of high risk alerts), including who makes decisions and on what grounds.
The European Banking Authority (EBA) released new guidelines on sanctions screening in November 2024. Scheduled to come into effect across the EU on 30 December 2025, the guidelines set out the regulator’s expectations for how financial institutions (FIs) should implement governance, policies, procedures, and controls for their sanctions screening solutions.
With less than 6 months left before the new compliance requirements come into effect, it’s critical that obligated entities prepare, by reviewing and uplifting existing screening measures or developing new measures. In this post, we’ll explore that process in more detail.
What are the EBA guidelines?
The EBA’s November 2024 guidelines actually comprise two sets of guidelines, and apply in the following ways.
1) Guidelines for All Financial Institutions (EBA/GL/2024/14)
The first set of guidelines concern all FIs in the EU; banks, credit institutions, investment firms, and so on. The guidelines specifically focus on governance and risk management systems for sanctions compliance, and require FIs to:
Implement and maintain up-to-date sanctions compliance policies, procedures, and controls.
Establish a clear, well-defined governance structure and allocate responsibility (including to senior management) for sanctions compliance.
Conduct a sanctions risk exposure assessment to inform decisions on the controls and procedures necessary to establish effective sanctions compliance controls. The EBA has stated that this assessment should “be based on a sufficiently diverse range of information sources”.
Implement regular training programmes to ensure compliance teams are able to identify, assess, and manage sanctions compliance risk.
2) Guidelines for PSPs and CASPs (EBA/GL/2024/15)
The second set of guidelines concern payment service providers (PSPs) and crypto-asset service providers (CASPs). They focus on bringing these FIs under the scope of existing sanctions compliance regulations when handling specific types of transactions, including transactions involving crypto-assets. The guidelines require PSPs and CASPs to:
Choose and implement reliable sanctions screening solutions, and test their reliability regularly.
Define the dataset that they will be screening against the EU sanctions list and, where relevant, national restrictive measures.
Ensure that their sanctions screening measures are capable of verifying designated names on sanctions lists, managing the inherent risks involved in the screening process, and addressing the risk that customers engage in sanctions evasion strategies.
Preparing Your Screening Solution for Compliance
With the implementation date now on the horizon, it’s time for FIs to prepare their compliance teams, and adjust their screening solutions.
Here are the key stages in that process.
1. Align policies and procedures
Conduct a gap analysis to determine how your existing sanctions screening framework measures up against the EBA guidelines. Focus on identifying weaknesses in governance, technology, training, and documentation.
2. Update investigative steps
Following any updates to your screening policies and procedures, codify the steps your compliance team will take when investigating sanctions alerts. For example, set thresholds for escalating sanctions name matches, and define responsibilities within the compliance team.
3. Documentation of compliance process
Ensure your compliance process is fully documented, with an option to log the reasons for compliance decisions in a centralised and secure location. Your compliance documentation may be critical to subsequent investigations by law enforcement agencies, and so your decisions, and the information on which they were based, must be explainable and readily available for audit.
4. Invest in technology
For most FIs, manual screening methods will not be capable of meeting the EBA’s screening requirements. In order to achieve compliance, FIs should invest in screening technology capable of searching thousands of global sanctions lists and watchlists, along with other critical risk data sources such as adverse media stories, beneficial ownership lists, and politically exposed persons (PEP) lists.
Given the scope of the new screening obligations, many firms will find value in AI-powered screening tools capable of advanced analysis of huge volumes of unstructured data, and of making connections between risk data points that human compliance teams and manual tools might miss.
5. Train people and test processes
Your screening technology is only as good as the human compliance experts managing it. Develop a training schedule to familiarise compliance team members with new screening policies and procedures, and new screening technology integrations. Similarly, perform regular testing to identify weak spots in the new compliance process.
6. Risk-based review
Implement different levels of review for higher-risk sanctions alerts, such as those involving high-risk jurisdictions. While a sanctions list check may be sufficient for routine transactions, higher risk alerts may warrant enhanced due diligence, including supply chain risk screening and global adverse media searches.
Stay Ahead of Sanctions Risk with Ripjar One
With the EBA’s new sanctions screening guidelines imminent, it’s up to you to make sure your team is ready, by putting the right people, the right policies, and the right tools in place.
Powered by next-generation AI, Ripjar One is designed to help FIs manage that challenge, and take on an increasingly complex sanctions landscape.
Consolidating static and dynamic risk data seamlessly, including sanctions lists, adverse media, beneficial ownership registers, and transaction alerts, Ripjar One is a comprehensive screening solution that empowers compliance teams to make faster, stronger compliance decisions, identify risks more effectively, and optimise compliance outcomes for both their businesses and their customers.
In a volatile global political climate, effective sanctions screening isn’t optional – spotting potential supply chain sanctions evasion is critical for global organisations.
The United States, for example, added over 3,000 names to its Specially Designated Nationals (SDN) list in 2024, compared to 2,500 in 2023. Similarly, in May 2025, the European Union imposed its 17th package of Ukraine sanctions, expanding restrictions against Russia and Vladimir Putin’s regime.
Long story short, the complexity of the global sanctions landscape, the severity of penalties for violations, and impact of ensuing reputational consequences, have increased the compliance burden significantly.
For global firms with a network of cross-border business relationships, that means it’s no longer sufficient to screen only customers and clients for sanctions risk. Instead, the scope of their screening solutions must expand to cover their wider third-party networks and supply chains, taking in suppliers, partners, distributors, contractors, and so on.
Meeting that expanded screening obligation requires firms to not only adjust their compliance tech stacks, but understand their third-party risk exposure. However, the sanctions risk posed by a supply chain or a third-party relationship is not always obvious or intuitive, and may even be hidden from basic sanctions screening processes.
With that in mind, we’ve put together a guide to some of the key red-flag indicators of supply chain sanctions risk. If you’re looking to strengthen your screening process, it’s worth becoming familiar with these red flags so that you can optimise your compliance performance from the ground up, and avoid unnecessary regulatory friction.
Why Are Supply Chains Vulnerable to Sanctions Evasion?
While most organisations are familiar with the immediate risks posed by their customers and clients, the need to factor in supply chains and third-party risk management makes things more complicated.
That’s because, in a global professional landscape, most firms operate amidst sprawling physical and digital networks, which span borders, industries, and regulatory environments. As part of that connected world, firms necessarily face a higher volume of sanctions compliance threats, and consequently, a greater exposure to risk.
Unfortunately, in this context, compliance isn’t quite as easy as checking a customer’s name against the relevant sanctions list (or lists). Third parties pose significant hidden sanctions risks because they may operate to different regulatory standards, may be concealing their liability, or, in worst case scenarios, attempting to evade sanctions and thwart scrutiny.
The only way to effectively manage that expanded risk is to implement a robust screening solution, capable of managing vast amounts of third-party data and of adapting to the fluctuations of the sanctions landscape.
Now that we know why it’s important to strengthen supply chain sanctions screening, let’s move on to the things you need to look for.
Common Red Flags for Sanctions Evasion
Proximity to sanctioned jurisdictions
Counterparties that are based in, or that route goods through, a country bordering a sanctioned jurisdiction may be masking the ultimate destination of those goods. Not all countries maintain solid borders, and certain trading entities may attempt to exploit that by covertly moving goods into an adjacent sanctioned jurisdiction.
Changes in trading behaviour
When a counterparty makes abrupt changes to its trading behaviour, the goods and services it offers, or its ownership structure, this may be indicative that it’s engaging in sanctions evasion. For example, a shift away from the trade of electronic goods, which are typically designated on sanctions lists, in favour of trade in textiles, which are not frequently targeted, could be an indicator of risk.
Shell companies
Persons engaging in sanctions evasion may attempt to avoid screening measures by concealing their identities (and, by extension, the true risk they pose) behind shell companies, or behind overly complex corporate infrastructure. Examples of this kind of red flag include companies that have suspiciously little or no online presence, minimal staff, or no physical premises.
Document discrepancies
Discrepancies in documentation, such as mismatches between shipping records and invoices, may indicate sanctions evasion activity – specifically, attempts to conceal the trade of sanctioned goods. Be alert for vague or inconsistent descriptions of shipped goods, or miscalculated quantities of cargo.
Financial holdings in third countries
Be vigilant for companies that hold settlement accounts in third countries with deficient anti-money laundering (AML) and counter-financing of terrorism (CFT) regulations. Lax enforcement in these jurisdictions may create opportunities for sanctions evasion.
High risk and dual-use goods
Certain goods are highly regulated because of their potential for criminal misuse, while others have both civilian and military applications, and so are classified as “dual-use”. Companies that trade in these types of goods pose a higher sanctions risk and should be scrutinised closely during screening.
Unusual intermediaries
Companies that engage multiple intermediaries or third-party consignees to facilitate trade, without explanation, may be attempting to distance themselves from buyers and end-users in an attempt to avoid sanctions. A sudden engagement of a new intermediary may be similarly indicative of risk.
Lack of end-use documentation
End-use of goods is a critical sanctions consideration. Legitimate trading partners should be able to provide documentation to support the end-use of the goods they are importing or exporting. Therefore, failure to provide end-use documentation may indicate an attempt to evade sanctions restrictions.
In isolation, each of the listed red-flag indicators doesn’t necessarily confirm that an organisation or individual is engaging in sanctions evasion. Collectively, however, or in combination they may inform a compliance response, and represent the difference between a decision to initiate enhanced screening, to freezing a transaction and alerting the relevant authorities.
Firms should perform risk assessments on third parties in their supply chain. That process will necessarily involve data collection and analysis, and a need to obtain a range of identifying information from third parties, including names, addresses, company incorporation documents, financial records, and so on. Where that information points to a higher level of risk, firms may seek to perform enhanced due diligence.
Continuous monitoring
The shifting geopolitical landscape means that third-party risk exposure can change quickly. To account for this change, firms must conduct ongoing sanctions screening of third parties (rather than just at onboarding, periodically or the start of a business relationship), in order to ensure the accuracy of established risk profiles.
Harness external data
To perform risk assessments on targets up and down the supply chain, firms need to be able to collect and manage vast amounts of external data. That data should be of a sufficient quality, and broad enough scope, to support effective compliance decision-making. In practice, this means screening not only official sanctions lists and watchlists, but a range of credible global adverse media sources, including screen and print media, and social media.
Leverage technology
Screening solutions are key to the sanctions data management challenge. Firms should aim to automate as much of the process as possible in order to manage the thousands of data sources necessary to build accurate risk profiles. Artificial intelligence (AI) systems offer a significant advantage in supply chain screening: not only do they provide speed and accuracy, but can spot hidden patterns and connections in risk data to help build a comprehensive overview of a firm’s risk exposure.
Build a culture of compliance
Screening technology is only as effective as the human experts using it. To ensure optimal third-party risk management, firms should support their employees’ roles in the compliance effort by offering regular training and skill development. That process will ultimately contribute to a company-wide culture of compliance that can only enhance the contribution of compliance teams as they adapt to new regulations and new sanctions evasion strategies.
Spot More Red Flags With Ripjar 3P60
Ripjar’s AI-powered screening platform Ripjar 3P60 is designed to help firms meet their third-party and supply chain compliance challenges in jurisdictions around the world. A comprehensive third-party risk management solution, Ripjar 3P60 builds flexibility and resilience into your screening process from the ground up, and leverages advanced AI analytics to help you deal with risks whenever and wherever they emerge.
Sanctions risk is a fact of life for every global business but in the last few years, that risk has grown significantly. Geopolitical crises, such as Russia’s invasion of Ukraine, have prompted governments to add hundreds of new designations to sanctions lists, and renew or expand existing measures. The US, for example, added over 3,100 names to its Specially Designated Nationals (SDN) and Blocked Persons List in 2024 – a 25% increase on 2023.
In this climate, sanctions obligations don’t end with a round of basic checks of global watchlists. Compliance solutions need to be capable of dealing with the direct sanctions risk exposure posed to firms by their customers and clients, but also with the third party risk posed by their supply chains.
An organisation’s suppliers, partners and vendors may represent third party networks that span multiple jurisdictions, geographies, goods, intermediaries, and ownership structures. Add to that, the potential for bad actors attempting to evade sanctions, or conceal their actions with shell companies, and the supply chain risk factor quickly becomes considerable.
Given the complexity of this environment, and the potential regulatory penalties, it’s imperative that sanctions risk is treated as a core compliance priority as firms build their supply chain.
And the best way to approach that challenge is to build robust sanctions compliance into the supply chain from the outset, with a solution that can adapt to an evolving regulatory landscape and emerging geopolitical risks.
In this post, we’re going to discuss the key steps involved in doing just that.
Effective screening remains the best way for firms to learn about their clients and establish the sanctions risks that they pose. Accordingly, acquiring suitable screening technology should be your first priority when building a sanctions-ready supply chain.
However, while most approaches to sanctions compliance entail a screening process for clients, involving a search for names designated on the relevant sanctions lists (such as the SDN list), supply chain risk requires a much broader screening scope.
That means that you must implement screening technology capable of covering all relevant counterparties that form part of the third party network – vendors, suppliers, partners, and so on – in those list searches. This comprehensive approach to sanctions risk shouldn’t stop at list searches, either, but should serve to acquire as much data as possible on search targets including:
Adverse media stories: Sanctions risk is often revealed in adverse media stories long before persons are officially designated on sanctions lists. Investigative journalists may break stories that impose sanctions evasion activities and indicate that you should change your compliance response.
Politically exposed persons (PEPs): Elected officials and government employees pose a greater sanctions risk because of their proximity to political and bureaucratic financial resources.
Following Financial Action Task Force (FATF) recommendations, sanctions screening solutions should be risk-based. This means that you must deploy compliance measures in proportion to the risk that your organisation faces: lower risks demand a less intensive compliance response, higher risks, a more intensive response.
However, the effectiveness of a risk-based screening solution relies on you being able to accurately assess your supply chain to determine the risk that it poses. The sanctions risk assessment serves to help establish your risk appetite, define thresholds for compliance decision-making, and then dedicate resources to achieving those compliance objectives.
To conduct an effective risk assessment, you need to map your supply chain and capture any relevant risk factors. These may include:
Sanctions lists: It’s important to identify the relevant sanctions lists that pose a compliance risk to your organisation. For example, firms in the EU must screen against the EU consolidated list, and so on.
Industry: Different industries pose different levels of sanctions risk. Persons involved in, or connected to the shipping industry, for example, or those that trade in dual-use items, often carry a high sanctions risk.
Location: Supply chains that contact certain geographic locations, such as Russia, China, and the Middle East, may carry an elevated risk.
Corruption: Supply chains that involve jurisdictions with comparatively weaker regulatory infrastructure may be more vulnerable to corruption and associated sanctions evasion activities.
Step 3: Leverage Technology and Data
The success of the steps outlined above is dependent on you being able to implement a technology solution capable of managing the vast amounts of data involved in the supply chain risk assessment process. The solution must also output high quality intelligence that facilitates effective compliance decision-making in a constantly evolving sanctions risk landscape.
Given the expanded data demands of supply chain compliance, you’ll need to move your solution beyond manual processes and focus on automating as much of the process as possible, enabling your compliance team to focus their time on the activities where their skills are best used. With that in mind, you need your sanctions screening technology tools to deliver the following capabilities:
Real-time monitoring to help identify suspicious activity, including red flag indicators of sanctions evasion.
Data integration from a wide range of sources, including sanctions, watchlists, PEP data, adverse media, plus your own internal data in both structured and unstructured formats.
Entity resolution and advanced analytics capable of revealing hidden links to sanctions risk, and connecting supply chains to persons designated on sanctions lists.
Global adverse media screening capabilities covering screen and print media, digital media, and social media content.
Multi-language tools capable of screening natively against foreign language sources, and accounting for regional spelling and naming variations.
Automation to streamline responses to sanctions risk, including triaging alerts, assessing evidence, and automatically reviewing and closing false positive alerts.
Step 4. Train and Raise Awareness Across Your Organisation
A sanctions screening solution is only as good as the human employees that run it. To that end, you’ll need to ensure your compliance team members understand the organisation’s risk appetite, and have the necessary expertise to deal appropriately with the outputs and alerts that your solution generates.
So, to keep compliance teams up to speed with the capabilities of your screening technology, and the latest regulatory developments, you’ll need to implement a schedule of regular training and skill development. Your goal should not only be to impart regulatory and technical understanding, but to create a culture of compliance in which emergent challenges don’t disrupt services, and teams can adapt quickly to new risks.
You’ll need to extend this culture of sanctions compliance across your wider business, especially if your firm is part of a larger group of companies where some may be operating in different regulatory environments. This could mean establishing your sanctions obligations at group level, identifying further obligations for different locations, developing additional training materials, and implementing a mechanism to verify that overseas branches, subsidiaries, and local partners have understood, and are compliant with, the relevant standards.
To facilitate this kind of organisation-wide transformation, think about:
Policies: Consider centralising your compliance policies while localising specific controls.
Overseas training: Focus on training overseas offices on key sanctions obligations and red flag indicators of sanctions evasion activity specific to their locations.
Tools and frameworks: Provide access to shared screening tools and decision-making frameworks to ensure a consistent approach.
5. Maintain Robust Third Party Due Diligence Processes
Your supply chain sanctions compliance work is never done – it’s an ongoing process that evolves and grows with the business relationships that you maintain, and the sanctions risks that you face.
It’s therefore important to think about the following third party due diligence processes:
Continuous monitoring: Don’t simply conduct a risk assessment at the beginning of a business relationship as a one-off. You’ll need to monitor third parties in your supply chain constantly to ensure their risk profiles remain accurate. Leverage technology to automate rounds of screening and integrate real-time adverse media monitoring tools to be notified of changes in risk as soon as possible.
Geopolitical risk: Stay informed of emerging areas of geopolitical risk as a way of anticipating sanctions risk. The greater your awareness of potential new risks, the better able you’ll be to adjust your sanctions solution.
Evasion strategies: Be aware of the latest sanctions evasion tactics. Monitor for updates and guidance from relevant national and international regulators, such as the FATF, to ensure you receive the correct information and advice when the global risk landscape changes.
Reassess regularly: Conduct periodic risk assessments to test the efficacy of your supply chain risk solutions. Reevaluate your risk appetite after regulatory updates and geopolitical events.
Master Supply Chain Screening with Ripjar
In a period of unprecedented geopolitical uncertainty, it’s more important than ever to protect your organisation, and your reputation, from risk. You can do that by extending your sanctions compliance priorities to your supply chain, and leveraging technology to shoulder the increased data burden.
Ripjar’s AI-powered screening platform Ripjar 3P60 is designed to help firms meet that goal. A scalable, comprehensive approach to third party risk management, Ripjar 3P60 builds automated efficiency, flexibility, and resilience into your third party screening process, leveraging advanced machine learning to help you spot supply chain risks, and deal with them before they can harm your business.
The proliferation of weapons of mass destruction (WMDs) is one of the critical security issues of the 21st century. With geopolitical tensions rising, the business community must play its part in preventing terrorist and criminal organisations not only acquiring these types of weapons, but facilitating their movement around the world.
In this climate, spotting potential proliferation financing activity is a compliance priority. This means that firms must understand the relevant regulations, and adjust their screening solutions to account for risk exposure.
What is Proliferation Financing?
Proliferation financing (PF) is the act of providing funds that support the movement of WMDs, including nuclear, chemical, and biological weapons, around the world.
Given the elevated global risk of terrorist attacks, and the challenges involved in detecting financial crimes, governments have placed regulatory obligations on businesses, and particularly on financial services firms, to help combat PF and target its sources.
PF shares characteristics with other financial crimes, specifically money laundering and the financing of terrorism, and so may be detectable via existing screening measures. Persons involved are often designated on sanctions lists, for example, or may attempt to conceal their transactions via shell companies and corporate infrastructure.
In other contexts, however, it is harder to detect PF because related transactions and activities do not necessarily share the same red flag indicators of criminality. For example, criminals may seek to bypass regulations and screening measures by transporting only legal component parts of WMDs, or by transporting “dual use” materials that may be repurposed for the construction of WMDs by end users.
The risk of PF goes beyond persons directly paying for the transport of WMDs, and extends to persons that may be providing services unknowingly. On the other hand, persons that are knowingly involved in PF often employ sophisticated evasion tactics to evade screening measures. In some cases, heavily sanctioned governments may engage in PF activity, and use state apparatus to do so.
High Risk Countries
Certain countries represent a higher PF risk than others, these include:
North Korea: The government of North Korea is actively pursuing a nuclear weapons programme and has demonstrated a willingness to attempt to evade sanctions.
Russia: Heavily sanctioned by multiple countries since the invasion of Ukraine in 2022, Russia is attempting to evade restrictions by importing dual use materials for use in military weapons technology.
Iran: The government of Iran has demonstrated an ongoing desire to develop a nuclear weapons programme.
China: China has demonstrated a desire to expand its own nuclear arsenal, and has facilitated other countries’ evasion of sanctions, including North Korea and Russia.
Syria: Under its previous government, Syria was known to have deployed chemical weapons, and financed its acquisition of WMDs via the sale of oil and petrochemicals.
Global Regulatory Response
Governments around the world are increasingly framing PF as a serious criminal risk, however, other than designation in sanctions programmes, dedicated PF regulations lag behind those applicable to similar financial crimes, such as money laundering and terrorist financing.
In light of the FATF’s strengthened focus on PF, the United Kingdom has led the international community in taking regulatory action. In 2021, for example, the UK government conducted its first National Risk Assessment of Proliferation Financing (NRAPF). Given the UK’s status as an international financial hub, the NRAPF suggested that the UK government put regulatory measures in place to address PF risk.
Accordingly, in 2022, the UK government amended the Money Laundering and Terrorist Financing Act to introduce new PF identification and risk screen requirements. The UK has also applied strict liability to sanctions breaches, meaning that penalties may be applied regardless of knowledge or intent behind the violation.
Firms that break PF rules and regulations face serious financial and even criminal consequences.
In the UK, for example, under the Money Laundering Act, the Office of Financial Sanctions Implementation (OFSI) has the authority to impose unlimited fines, and prison sentences of up to 7 years for PF rules breaches. Those penalties may be imposed in addition to existing sanctions rules, under which OFSI can fine companies up to £1 million, or 50% of the value of the offending transaction (whichever is greater), and name and shame companies publicly.
Regulatory Risk to Financial Institutions
Banks and financial services organisations are on the front line in the fight against PF, and may be exposed to compliance risk in numerous ways. Key examples of PF risk include:
Layered transactions: Persons designated on sanctions lists may route transactions through multiple accounts in order to obscure their origin and evade screening measures.
Dual use materials: Companies trading in dual use materials, particularly technology such as aerospace components or microelectronics, pose an elevated PF risk.
Shell companies: Criminals may attempt to use shell companies or complex corporate infrastructure to obscure the origin and destination of PF-related transactions.
Missing or incorrect transaction details: Criminals may intentionally withhold or misspell PF-related transaction details in order to evade AML/CFT scrutiny.
High risk countries: Transactions that involve parties in high risk AML/CFT territories (such as those listed above) carry an elevated PF risk.
Cryptocurrency: The anonymity of cryptocurrency transactions puts them at a higher risk of involvement in PF activity.
Third Party Risk
PF activity typically involves firms’ relationships with third party organisations, such as shipping and transportation companies. With that in mind, PF compliance screening should go beyond a singular focus on companies in the financial sector, and include relationships up and down the supply chain.
That means screening measures should account for the complexity of supply chains, and the potential for regulatory disparity across international borders. Key third party and supply chain risk factors include:
Persons designated on global sanctions lists.
Companies trading in dual use materials.
Suppliers operating in high risk industries, such as shipping.
Suppliers operating in high risk jurisdictions.
Persons designated on politically exposed persons (PEP) lists.
While third party risk factors may not necessarily result in direct regulatory violations, firms that are revealed to have relationships with third parties that are exposed as being involved in PF often incur reputational damage.
Implementing a Proliferation Financing Risk Management Strategy
The scale and complexity of PF risk means that firms should carefully consider their compliance posture, and, ideally, integrate an AML/CFT screening solution to help them manage their threat environment.
An effective PF risk management strategy should involve the following measures and controls:
Screening during onboarding
Firms should establish new clients’ PF risk levels as quickly and as accurately as possible. This means conducting robust customer due diligence (CDD), and applying suitable screening measures during onboarding, with a focus on sanctions designation, and designation on PEP lists. The screening process should be global in scope, which means searches should be conducted in multiple languages, and include scrutiny of other critical risk indicators, such as adverse media stories.
Beneficial ownership
As part of the due diligence process, firms should aim to establish the beneficial ownership of client companies in order to account for the possible misuse of shell companies or complex corporate structures as a means to disguise PF activity.
Continuous monitoring
Following onboarding, firms should continuously monitor their clients for PF risk in order to account for changes to risk profiles over time. This means maintaining a regular screening schedule with a focus on updates to sanctions lists, suspicious transaction patterns, changes in company ownership, and emerging adverse media stories.
Risk scoring and segmentation
PF screening should be risk-based. With that in mind, firms should seek to establish a risk scoring system to enhance their risk assessment process, with higher scores applied to higher risk jurisdictions, industries, and transactions, or to persons designated as PEPs. Similarly, audience segmentation – the process of grouping audiences by risk characteristics – can help compliance teams conduct risk assessments more efficiently.
Sanctions and watchlists
Effective sanctions and watchlist screening is a critical component of PF compliance. Firms must implement sanctions solutions that capture domestic and international sanctions designations, and listings on the relevant watchlists.
Adverse media
Changes to a client’s risk profile may be revealed by the media before they are confirmed officially. With that in mind, PF screening should include automated adverse media searches, in multiple languages, and with sufficient scope to capture third party risk.
Going Beyond the List
Given the global scale of PF, it’s critical that compliance solutions “go beyond the list”, which means going further than simple sanctions and watchlist name searches, and instead building out the most complete risk profile possible for each client.
That means leaving manual screening processes behind and, instead, implementing automated AML/CFT screening tools with powerful name search and identity matching capabilities. The tools that you choose should be able to screen against thousands of data sources, in multiple languages, while accounting for sanctions evasion tactics, disparities in spelling and naming, and the possibility of PF risk emerging from third party relationships and PF-adjacent activities. With those factors in mind, and the need to manage vast amounts of customer screening data, it’s worth leaning into the efficiency benefits of AI-enhanced search technology, which can not only boost the accuracy of PF screening results, and reduce false positives, but support stronger compliance decision-making.
The UK’s sanctions landscape has evolved dramatically since 2022, primarily in response to Russia’s invasion of Ukraine. During that time, the Office of Financial Sanctions Implementation (OFSI) has worked to ensure the UK government’s sanctions against Russia are enforced effectively, and that entities within the UK understand their compliance responsibilities.
With the UK’s Russia sanctions programme ongoing, in February 2025, OFSI released its Financial Services Threat Assessment. The report is intended to help UK firms deal with the changing global sanctions landscape, and, in particular, with the complexity of the restrictions against Vladmir Putin’s regime. To that end, the Threat Assessment focuses on the risks associated with Russia sanctions violations, including the need to accurately identify designated persons (DPs), the enablers of sanctions violations, the use of alternative payment methods to avoid restrictions, and failures in internal compliance solutions.
The report serves as an essential resource for all UK-based financial services firms, which should now review their compliance solutions in order to ensure alignment.
To help you navigate your UK sanctions obligations, we’ve put together a list of key takeaways from the report.
Key OFSI Takeaways for Financial Services
Failure to self-disclose
OFSI monitors suspected breaches of UK sanctions rules on a sectoral basis, and suggests that, while most reports are self-disclosed by financial institutions in a timely manner, the standard varies across different sectors and across the UK’s various sanctions regimes.
The report reveals that OFSI observed breaches that did not lead to self-disclosure by “some” UK financial services firms and non-bank payment service providers (NBPSPs). OFSI’s assessment implies a regulatory risk for firms that are not being fully transparent or rigorous in executing their sanctions compliance obligations.
Enablement activity
OFSI suggests that it is “almost certain” Russian designated persons (DPs) are using both professional and non-professional enablers to help them breach UK sanctions, and that activity has “significantly increased” since 2023.
OFSI defines non-professional enablers as individuals or entities that act on behalf of DPs to breach sanctions. These enablers have “close personal ties” to DPs and may include family members, spouses and ex spouses, and professional associates.
The report classifies three types of enabler activity:
Making payments to maintain the lifestyle or assets of DPs.
Fronting on behalf of a DP to claim ownership of frozen assets.
Money laundering to provide DPs with liquidity.
The Threat Assessment adds that Russian DPs are using “increasingly sophisticated methods” to breach sanctions, and that banks and financial institutions are in particularly advantageous positions to spot this kind of activity and report it to the authorities.
Compliance teams can address enabler activity by monitoring any new movement of assets and applying enhanced due diligence to the persons involved.
Fronting risks
The report suggests that it is “likely” that “a small number of enablers” have engaged in fronting activities on behalf of Russian DPs.
Fronting is defined as the act of professional enablers coming forward to claim ownership of assets that have been frozen under UK sanctions rules. The enablers typically target frozen assets that have unclear ownership – such as those associated with insolvency and complex corporate structures (shell companies), or situations in which significant liquidity is involved.
Enablers engaged in fronting present themselves as legitimate business persons, and often have links to DPs which they seek to conceal. These links are not necessarily obvious and may involve previous employment with a DP, or past membership of a shared community.
OFSI sets out a number of red flag indicators of fronting activity, which include:
Individuals with limited public profiles and little relevant experience to the professional roles they hold.
Inconsistent spellings of names – particularly those derived from Cyrillic.
Recent changes of name.
Recently-acquired non-Russian citizenships.
Maintenance payments
The Threat Assessment suggests that it is “highly likely” that enablers have used NBPSPs to help Russian DPs maintain their lifestyle and assets in the UK – in violation of sanctions restrictions. Maintenance activity involves payments that relate, for example, to DPs’ superyachts, personal security services, school fees, concierge services, and high value goods.
Enablers involved in maintenance payments “are typically small companies” engaged in services for “ultra-high-net-worth lifestyles”, and have relationships with the DPs which predate their designation on the UK sanctions list. Maintenance payments may also be made by DPs’ family members and close associates.
The report points out that financial services firms are, again, well placed to spot maintenance payment activity, which often leverages multiple payment methods, including cash and cryptocurrencies. OFSI has set out a number of red flags for maintenance activities, including:
Regular payments previously made by a DP now made by a new individual.
Family members and close associates of DPs receiving significant funds without adequate explanation.
Frequent payments between entities controlled by a DP.
Individuals attempting to deposit large sums of cash without adequate explanation.
Family members and close associates of DPs engaging in cryptocurrency transactions.
Next Steps: Strengthening Russia Sanctions Compliance
In the wake of OFSI’s Threat Assessment report, compliance teams should take the following steps:
Strengthen due diligence: Financial institutions should ensure they establish and verify the identities of their customers by performing adequate customer due diligence. In addition to collecting identity documents, firms should seek to scrutinize assets ownership and beneficial ownership, complex corporate structures, and cashflow sources.
Improve screening and monitoring: Financial institutions should review their sanctions screening solutions to ensure they are capable of capturing Russia sanctions risk effectively. In practice, this means integrating an automated screening solution, with global scope, and multi-language name search capabilities.
Proactive self-reporting: Given OFSI’s focus on failure to self-disclose, financial institutions must review their sanctions breach reporting process.
Russia Sanctions Screening Advantages
Russia sanctions are only a component of an evolving global landscape, which hosts thousands of potential threat vectors. In this environment, UK banks and financial institutions must remain agile and adaptable, without compromising the rigorousness of their sanctions screening capabilities.
With that in mind, automated screening technology should be a critical part of any sanctions compliance solution. Automated screening tools not only add speed and accuracy to sanctions list name searches, but reduce the potential for costly human error, and enable organisations to scale their response to their unique needs.
Screening tools enable organisations to search thousands of global sanctions lists and watchlists in seconds, along with other indicators of risk such as adverse media stories that can reveal changes in customer risk profiles long before official designation. Screening technology may also leverage artificial intelligence tools, to help compliance teams work with vast amounts of data, eliminate false positive alerts, generate meaningful intelligence, and ultimately, make stronger, faster decisions.
This is what every compliance officer says when talking about screening today. Little to nothing has changed on the technology and data front, despite ever increasing demands placed on compliance professionals.
This once simple compliance process is now anything but. Sanctions screening has grown beyond simple Latin alphabet name matching to include multi-alphabet and street address matching, not to mention the newer regulatory requirement to identify related and “network” members. Politically exposed person (PEP) identification has moved well beyond matching against established third party lists, to include potential unrelated and non-network “close associates”. Adverse media screening, once destined for the privileged few, is increasingly being demanded across all client segments.
Despite this changing landscape, regtech providers haven’t budged. “Static” data providers continue to generate lists based on their own assessments of who is important, and who isn’t, regardless of your risk tolerance. Or, worse, they provide media feeds of literally billions of articles, asking you to filter relevance. Screening tech firms are even worse, employing “fuzzy logic” (lots of fuzz, little logic) ostensibly to show their solutions’ ability to reduce false positives, even though regulators, from the beginning, primarily emphasise avoiding false negatives.
But from a risk perspective, the situation is even worse.Screening occurs on many levels – clients, payments and counterparties. The risk demands are similar across all levels, however the regtech solutions produce at times materially different outcomes. Screening at each level differs, as name matching and risk scoring typologies differ markedly. Similar risks are treated differently, causing frustration for any risk manager.
All this changes today.
It’s time to move to a 21st century solution and embrace the latest in technology from advanced data science, probabilistic programming and AI, all brought together in Ripjar’s powerful tech. Combine all your static data, including third party lists from sanctions, PEP and adverse media providers, as well as your own lists such as Do Not Do Business (DNDB), Approved Counterparties, and “Reported”. Then integrate this with your dynamic information, such as payment and account transaction data, to create a single “risk brain” – a holistic assessment process that produces the far too elusive “one pane of glass” for all clients, counterparties, originators, beneficiaries and, even, vendors.
Ripjar One
Unlimited data integrations
Enhanced with UBO data and transaction monitoring
Continuous live risk scoring with Dynamic Risk Profiles
Networking and advanced workflow capabilities
Backed by Ripjar’s powerful Digital Assistant
Welcome to the Ripjar One family of products
Ripjar One’s product family uses dynamic risk profiling to give compliance officers the power to achieve in today’s environment. Rather than relying on static risk profiles judgmentally created by third parties, dynamic risk profiling creates your own unique profile for each of your clients, counterparties, and even payment originators and beneficiaries. Powered by the latest AI technology, each profile is live, constantly checked in accordance with your rules, scored against your risk appetite, and continuously updated for new developments from both the outside world (such as sanctions or adverse media) and the inside (such as a new transaction monitoring alert or DNDB designation).
How dynamic risk profiling works
Centralise: Combine all your client name screening activities into one engine, regardless of whether the data is structured (by a third-party or your firm) or unstructured. This is then all searched as one, powered by the latest probabilistic-based name matching capability, and expandable to incorporate the results of your transaction screening and transaction monitoring systems’ outputs.
Unify: Subject all your processes to a single risk scoring methodology, completely configurable to meet your needs. All your screening risks will be treated not just in a similar, but the same manner.
Clarify: Build your own profile for every client and counterparty. Relevant output from your third party and internal sources is blended into your very own curated, dynamic risk profile. The profile is AI-generated, summarising the critical data points, and even highlighting links with other related and unrelated parties. The profile has a unique ID so it can be easily retrieved in milliseconds. The profile is the alert, sent to your team for review. And your Digital Assistant double checks your team’s work, notifying you of potential discrepancies.
Monitor and update: Your Digital Assistant works in the background constantly to update profiles when material changes occur and alerting you when necessary. These changes are highlighted to expedite review.
The benefits are numerous
One risk profile from all systems transforms static data into a dynamic answer, constantly updated, giving you the most complete risk picture.
One system eliminates redundant work arising from running multiple systems and processes, substantially increasing productivity.
False negative risk is substantially reduced through consolidating different characterisations from different lists into a uniform whole and having your Digital Assistant work as a “sixth pair of eyes” to double check your screening team’s work.
False positives are nearly eliminated from the use of a mathematically-driven probability matching schema and AI assessed alerting which prioritises alerts for review according to your rules, providing exponential ROI.
Identify hidden relationships and networksto significantly improve your compliance efforts.
Most successful banks and financial institutions understand that anti-money laundering (AML) compliance cannot be an afterthought. In 2025, regulators demand a proactive response to money laundering risk, which typically requires firms to go beyond templated screening and monitoring tools, and instead develop unique solutions that fit their operating environment.
That’s easier said than done. The risk-based AML regulatory landscape evolves constantly to account for new legislation and new criminal threats. This means that financial institutions have to reassess their compliance posture on an ongoing basis, and deal with emerging challenges and pain points as their solutions evolve.
Don’t let AML compliance challenges weigh your solution down. In this post we’re going to explore some of the key AML pain points that financial institutions face in 2025 – and provide some critical tips and insight into how to manage them.
Ongoing monitoring
A constantly changing AML risk landscape demands constant vigilance from the people responsible for spotting criminal activity. In practice, this means that financial institutions must find a way to facilitate ongoing monitoring of a range of money laundering risks, by screening customers effectively.
Two key examples of those ongoing monitoring challenges are:
Sanctions
In a turbulent geopolitical climate, governments issue new sanctions designations regularly, adding volume and complexity to the screening challenge. Russia’s 2022 invasion of Ukraine, for example, has seen Western governments issue an unprecedented amount of sanctions against Vladimir Putin’s regime – with strict liability penalties for firms that violate the rules.
The sanctions challenge is complicated by its global scope. Not only do compliance teams need to monitor sanctions lists, but peripheral data that also reveals customer risk. This means screening thousands of media sources, in foreign languages, and being sensitive to potential variations in spelling or naming convention which might confuse searches.
Politically exposed persons
It can be extremely difficult to establish whether a customer is a politically exposed person (PEP), and therefore poses a higher AML risk. PEPs are not just elected politicians, but can also include government employees, military officials, or holders of any prominent public position. Financial institutions may also seek to apply PEP risk to the family members and close associates of PEPs.
The PEP challenge doesn’t just involve detecting new PEPs following elections and other appointments, but deciding whether to declassify existing PEPs after they have left their position. Recent high profile cases have seen financial institutions face criticism for allegedly de-banking customers based on their PEP classification, or the classification of their relatives.
False positive alerts
The ongoing monitoring challenges listed above – sanctions and PEP screening – necessarily require financial institutions to collect and analyse vast amounts of customer data from internal lists, official lists, and media sources including news reports and even social media posts. In order to capture all potential threats and satisfy regulatory expectations, compliance solutions inevitably end up making incorrect risk assessments and generating false positive alerts, which need to be remediated.
Dealing with false positives is costly and time-consuming, especially if team members have to work through the alerts manually in order to establish true risk and remove incorrectly-applied alerts. It’s worth remembering that small adjustments to screening parameters can increase false positive rates significantly, slowing down the delivery of products and services, damaging customer experiences, and further draining employee attention and resources.
False negative alerts
While an over-sensitive screening solution generates higher volumes of false positive alerts, a solution that does not capture risk accurately risks generating false negatives – in which a high risk customer or transaction is incorrectly dismissed as presenting no risk. False negatives are arguably a more serious compliance consideration than false positives: solutions that generate too many false negatives expose financial institutions to unacceptable regulatory risk which can lead to legal consequences, including criminal penalties.
The difficulty in spotting false negative results is that, by definition, they aren’t flagged in any way by screening solutions. False negatives typically occur because compliance teams lack sufficient data to establish customer risk accurately, and fail to connect customer names to the data points that would help them make stronger decisions.
To manage, and prevent, false negatives, firms must first understand their common causes, which include:
Screening parameters set too narrowly or set incorrectly
A lack of high quality customer data
Compliance analyst skill deficiencies
A lack of multilingual search capabilities
Poor name matching capabilities
The de-duplication of news stories which leads to risk data being deprioritised or lost
Reliance on manual name searches, such as Google searches
Compliance teams can address the false negative challenge by testing their screening solutions regularly, and running true positive customer data through a search process as a way of validating its accuracy. It may also be useful to scrutinise historical screening alert rates: if a system experiences a sudden drop-off in AML alerts, it’s likely that an adjustment to the search process, or an algorithmic issue has affected the accuracy of the solution.
Get ahead, and stay ahead, of AML compliance challenges
It’s not enough to understand where pain points might affect your AML compliance solution. Regulators expect financial institutions to be proactive in taking the necessary steps to overcome challenges and shore up vulnerabilities.
In a complex, constantly evolving regulatory landscape, that isn’t easy. Compliance teams must capture and analyse vast amounts of risk data in order to meet their responsibilities and establish true risk – while ensuring that data doesn’t generate an overwhelming amount of false positives or, worse, false negatives.
Manual screening processes typically struggle to manage these pain points efficiently, creating delays in the delivery of products and services, piling pressure on compliance analysts, and increasing the likelihood of human error. Financial institutions must find ways to help their compliance teams manage that burden, not least by integrating technology to automate as much of the screening process as possible.
While automation isn’t a magic bullet for AML compliance friction, it can accomplish in seconds tasks that would have taken human analysts hours to complete – and so enhance the speed and accuracy of the results, and any subsequent decision-making. Even better, automated screening solutions can be tailored to specific risk appetites and risk environments, meaning compliance teams can adapt quickly to both regulatory change and emerging criminal methodologies.
Sanctions requirements are growing both in their scale and complexity. Since 2022, not only have thousands of new names have been added to UK, US, and EU sanctions lists, but many new activity-based restrictions, such as the need to block comprehensively sanctioned territories in occupied Ukraine or the prohibition of services to Russia, have been introduced. Coupled with ever-more sophisticated sanctions evasion techniques, and a regulatory expectation that financial institutions should detect sanctioned activity, financial institutions need to think more creatively about their screening controls.
Sanctions screening is no longer just screening against a list of names, but also capturing additional data and applying a more proactive and intelligence-led approach. Artificial intelligence (AI) may play a significant role in this transformation. Ripjar’s recent Sanctions Masterclass, co-hosted with FINTRAIL, explored some key questions for firms building and scaling their sanctions framework.
1. How can firms detect sanctions activity using a risk-based approach?
Many regulators allow (and even expect) financial institutions to apply a risk-based approach to screening. As one of their key practical considerations for sanctions screening, financial institutions should understand how their customers, products and payment channels contribute to sanctions risk, and concentrate their resources on the areas of the business presenting the most risk.
A risk-based approach is not about having or not having a particular control, but rather dialling up or down the intensity of certain controls in line with risk. For example, some firms may concentrate payment screening efforts on cross-border transactions instead of domestic payments where the sanctions risk is lower. Every sanctions system programme needs to be unique to your inherent and residual risks.
To understand what regulators expect from firms, it is a good idea to read enforcement notices and conduct a gap analysis against your own programme, to highlight weaknesses and proactively address any gaps. For example, if a firm is fined for not screening certain payment fields, consider if you should be doing the same. It also can serve as a validation exercise to demonstrate that your systems and controls are effective and commensurate to your sanctions risk.
2. What data should firms collect for sanctions screening?
The quality of sanctions screening depends not only on the lists you screen against but also the customer and payment data you use. Firms should consider what data points they hold on customers that might indicate sanctioned activity, and incorporate these into screening. Mechanisms to measure data completeness and data lineage are an important part of your sanctions programme for ensuring you supply quality data into your tool to minimise false positives and increase efficiency.
Crucially, it is important to recognise what regulators are expecting firms to identify. Many sanctions lists will contain additional data on sanctioned persons and entities, such as email addresses and websites, which can be integrated into screening. At the same time, a customer’s IP address location may be used to block access from sanctioned jurisdictions.
Practical questions for firms building their sanctions framework
1. What data is being screened?
Do you have a clear picture of what is coming into the screening system and is it complete and validated?
2. What are you screening against?
Do you have a clear view of list management and what is provided by external parties?
3. When are you screening?
How does this tie into the risks presented by your customer profile and flow of funds?
4. Why are you screening?
Do you have a clear view of your regulatory obligations and your own internal risk appetite on which to build your framework?
Once these questions have been answered, you can then consider:
5. How are you screening?
Can you define your suppression logic, the use of machine learning and AI, and the levels of fuzzy matching?
6. How do you operationalise your screening?
How do your settings and processes inform case management, information requests, and capacity planning?
3. How can financial institutions adopt a proactive approach to screening?
Governments publish guidance to industry on the latest sanctions evasion tactics adopted by sanctioned parties. For example, as recently as September 2024, the G7 published joint industry guidance on red flag indicators of potential sanctions evasion and best practices for firms to conduct enhanced due diligence. Staying on top of evolving sanctions and regulatory guidance is one of the biggest screening challenges organisations face, and firms are expected to read such guidance and adjust their controls accordingly.
Many firms are also looking to adopt a more proactive approach in response to such guidance. While sanctions evasion typologies are unstructured data, screening software works with structured data, and the challenge for firms is to build rules to detect the behaviour called out in typologies. This requires resources and technical expertise.
4. What role can technology and AI play in keeping up with the pace of change?
Advanced screening solutions leverage technology to help firms move beyond simple name screening, and allow them to adopt a more proactive approach to screening. Technology can help link multiple data sets and digest unstructured information at scale – such as adverse media and corporate relationships – to flag potential sanctions risk.
Many firms also see a role for AI in screening, ranging from assisting with operational tasks (such as automating requests for information, and obtaining further information that a human investigator needs to resolve an alert) through to potential use cases where AI can make true match or false positive determinations.
A key challenge here is that, since breaching sanctions is a criminal offense in many jurisdictions, firms must be able to place trust in the AI and – crucially – be able to maintain oversight over the system and explain it to the regulator.
Sanctions is not a one-size-fits-all approach
In summary, the key challenge for firms is to ensure that their screening systems and approaches are aligned to their sanctions risk. Firms need to understand how their business model influences their inherent and residual sanctions risks and how this interacts with the increasingly complex sanctions landscape. Firms should use all of the data available to them – both structured and unstructured data, whether in sanctions lists or in typology reports – to inform their sanctions typologies and build out their sanctions controls. In order to do so, firms must explore how technology – such as automation, machine learning, and advanced forms of AI – can help reduce the operational burden while optimising the possibilities of detecting sanctioned activity.
Sanctions pressure is increasing in jurisdictions all around the world, with financial institutions struggling to adapt to an increased volume of regulations, and more intensive approaches to enforcement. To meet that rising sanctions challenge, financial institutions must rely on employee skills and technical resources, integrated as part of a risk-based screening solution.
In November 2024, Ripjar and FINTRAIL jointly hosted a Sanctions Masterclass on exactly that issue, with industry experts discussing some of the most significant concerns of a changing compliance landscape – and regulator expectations for managing them.
As political tensions have grown dramatically all over the world, sanctions restrictions have become a lot more complex. Financial institutions need to stay ahead with screening solutions that look to advanced technology or intelligence-led solutions.
Ciara Aitchison, FINTRAIL Director
Industry Opinion: Top Screening Challenges for 2025
During the Sanctions Masterclass, audience members were asked to share what they felt were the top sanctions screening challenges for their organisations (with the option to select up to 3). The results reflect how complicated the sanctions screening question has become for many compliance teams and highlight the need for new ways to manage risk data.
Evolving Sanctions
The Masterclass poll highlights a number of specific sanctions compliance pain points, not least the ongoing issue of evasion. But it also reflects a collective concern with the pace at which the sanctions landscape is changing.
Leading the discussion, FINTRAIL Senior Consultant & Sanctions Lead Emil Dall pointed to this change as the root of the screening burden that many firms are experiencing, identifying Russia’s invasion of Ukraine as a key driver.
“We’ve had a huge increase in the number of designations since 2022,” said Emil. “In the United Kingdom alone we’ve seen £22.7 billion worth of assets frozen because of Russia sanctions, and recorded 473 suspected breaches – up significantly from 147 at the beginning of Russia’s invasion.”
It’s not just the increasing volume of sanctions that is making life difficult for compliance teams but the type of restrictions that are being imposed. Western governments have introduced new types of sanctions restrictions, including those involving cryptocurrency wallets and crypto services, the ban on Russian banks using the SWIFT banking system, and sanctions that involve specific territories within occupied Ukraine.
“All these different types of sanctions increase the levels of controls that financial institutions require,” said Emil. “Name screening won’t necessarily help you implement these restrictions, so we need to think creatively about how we can go further.”
In this case, “thinking creatively” may require capturing a greater depth of information about a given customer, including their passport number, email address, and so on, or a deeper-dive into potential evasion strategies which have emerged as a result of the changing nature of the sanctions regulations themselves. Illustrating that point, Emil brought up the example of the designated company Aeroscan. The UK listing includes the company’s website and email domain “scan.aero”, which some screening providers may not pick up through fuzzy matching, or which may not be picked up if not screening client websites or email domain names.
Regulatory Expectations
In the face of an increasing number of regulations, and new evasion strategies, businesses rely on regulatory guidance, insight and advice as a means to support compliance efforts.
Emil noted that there has been an uptick in regulator guidance to match that need, and specifically guidance that highlights financial institutions’ primary concern: detecting sanctions evasion. In September 2024, for example, the G7 released joint guidance, for the first time ever, on preventing Russia sanctions evasion. The guidance includes a list of red flag evasion characteristics, screening best practices, and top customer due diligence (CDD) controls. The UK has also issued red alert notices more frequently since the invasion, including one targeting sanctions evasion techniques used by Russian oligarchs.
The focus on sanctions evasion techniques reflects another prominent sanctions challenge: the need to understand company ownership structures and the risk of sanctioned parties using third countries to evade restrictions. For example, news media reported on a surge in car exports to Azerbaijan, coinciding with a drop in exports to Russia as the export of luxury vehicles to Russia became prohibited.
“It begs the question of what our financial institutions are being asked to detect,” said Emil. Referring to OFAC’s Framework for Sanctions Compliance Programs, he continued, “If you ask OFAC, it goes beyond name screening and focuses on firms having policies, procedures, and controls in place to detect prohibited activity – not just preventing certain people from accessing financial services.”
That point reflects another important consideration in a changing sanctions landscape. While the volume of regulator guidance has kept pace with new rules, it is also clear that regulators “increasingly expect” financial institutions to successfully spot sanctions evasion.
“There is a growing realisation that financial institutions have a lot more data at hand which can allow them to detect sanctions activity,” said Emil, “beyond just detecting whether someone’s name is on a list.”
There is a growing realisation that financial institutions have a lot more data at hand which can allow them to detect sanctions activity, beyond just detecting whether someone’s name is on a list.
Emil Dall, Senior Consultant & Sanctions Lead, FINTRAIL
Real-world enforcement actions seem to reflect that trend:
In 2021, financial services firm Payoneer was fined over $1.4 million for multiple failures in its fuzzy matching screening controls.
In 2022, crypto service provider Kraken was fined over $300,000 for failing to screen customer IP addresses correctly during onboarding.
In 2023, Swedbank was fined over $3.4 million for not acting on location data that suggested transactions were connected to sanctions-listed Crimea.
The examples demonstrate the growing need for financial institutions to consider the risk data that they hold on their customers, and integrate that into the screening process – rather than just verifying against a list of sanctioned names.
Risk-Based Compliance
Sanctions compliance is risk-based, which means financial institutions must deploy a proportional response to the risk that their clients present. This makes the accurate assessment and understanding of risk critical on an individual-organisation basis, and means there are a number of practical sanctions screening considerations organisations must make.
In this climate, out-of-the-box screening solutions do not offer an adequate level of compliance protection, since those systems are not calibrated or tested to the specific risks of a given firm’s operational environment. Risk assessment is all the more important in an evolving sanctions landscape, where new sanctions are issued regularly, along with the emergence of new evasion techniques.
Effective risk-based compliance requires firms to look inwards, as much as to the introduction of new regulations. Emil set out questions that firms should ask themselves to strengthen their approach to risk assessment:
How can we innovate? How can we tune? How can we test and make our systems better at addressing the risk we’re facing? As sanctions risks increase globally, our screening systems must also follow suit.
Emil Dall, Senior Consultant & Sanctions Lead, FINTRAIL
With that in mind, effective risk-based compliance should also be thought of as a series of dials that apply different levels of screening intensity to different points in an organisation’s infrastructure.
In the context of customer screening, for example, that could include a dial for selecting the right lists to screen, a dial for screening adverse media, a dial for screening cadence, ongoing testing and so on. Meanwhile, in the context of fuzzy matching, there may be a dial for adjusting alert triggers in line with risk, based on client profiles, payment types, products being used, and so on.
Key Takeaway: The Value of Data
The pace of change in the modern financial landscape requires every firm to prioritise the development of a unique screening process that takes sanctions screening beyond name matching. This process must not only meet regulatory expectations, but also internal assessments of risk. Building that solution should involve careful tuning and calibration on an ongoing basis, informed by every available data point, both in official sanctions lists and published guidance, and on the customer side in records and internal documents.
That data challenge is significant, but financial institutions can make their job easier by leaning-in to the speed and efficiency possibilities of automation, and integrating cutting-edge screening technology such as Ripjar’s sanctions screening solution.
Capable of capturing thousands of data points, including sanctions lists, watchlists, and adverse media sources for further screening enhancement, Ripjar screening can be tailored to a firm’s risk appetite and environment. In a changing and challenging regulatory landscape, Ripjar gives compliance teams the power to adapt, incorporating powerful AI-supported screening features that add depth to customer name searches, enrich the quality of search data, and ultimately enhance compliance decision-making.
It’s no longer enough to simply search for a customer’s name on a sanctions list in order to meet regulatory compliance obligations.
Risk-based sanctions compliance rules – imposed in jurisdictions across the globe – ask more of compliance teams, and typically require analysts to go beyond government-issued lists, and consider a much wider range of data when making decisions. Complying with these rules also brings a number of practical considerations for organisations.
In November 2024, Ripjar and FINTRAIL hosted the Sanctions Masterclass webinar “Going Beyond the List”, assembling a panel of experts to discuss the ways that firms can harness technology to add depth to their sanctions screening processes. In that discussion, Ripjar Operational Data Science Lead Abhijith Rajan drilled down into strategies that enhance customer name searches, and how artificial intelligence (AI) tools are helping compliance teams take their screening processes beyond the limitations of traditional name matching.
Organisations tend to be conservative in the way they do sanctions screening, but there are ways that technology can help us understand things about a name.”
Abhijith Rajan, Operational Data Science Lead, Ripjar
Industry Opinions: Screening Technology Impact
The Sanctions Masterclass captured the opinions of an industry audience in a poll that focused on the specific impacts that compliance teams would like technology to have on the screening process.
The poll suggests that firms value screening efficiency and accuracy, with results weighted towards the remediation of false positives, and managing an increasingly complex and crowded regulatory environment. Scrutinising that data, Abhijith suggested that the efficiency and accuracy challenge might actually start from an over-reliance on names in the first place:
“Sometimes even names can be problematic,” said Abhijith. “You might not be allowed to screen in the script that the name is originally available in. And going from a script you might be unfamiliar with to a script you are familiar with is usually a poor process. It leads to false positives, and might end up meaning you have to build in a set of rules to assess the data.”
That challenge suggests that a new approach to screening is needed.
Traditional vs Identity-Based Sanctions Screening
Traditional screening processes, in which financial institutions attempt to match names to designations on the relevant sanctions lists, are limited for a number of reasons, including:
Having a sole focus on the names designated on sanctions lists.
High rates of false positives.
The increased likelihood of missing hidden or indirect connections to sanctioned entities, especially if screening for a common name with no additional information.
Given the expanding sanctions compliance burden, the limited scope of traditional screening can expose organisations to significant regulatory risk. Abhijith raised the prospect of a better way to screen – essentially “going from names, to identities”.
In this identity-based approach, instead of focusing on names alone, compliance teams search for customer identities, capturing the vast amount of additional risk data behind every individual.
An identity-based approach to screening:
Incorporates all available risk data.
Reduces false positives and false negatives by capturing nuance and detail.
Future-proofs compliance solutions by adapting to increasingly complex regulatory demands.
Incorporating Linked Data
We need to make sure that we’re challenging ourselves to be screening with more information.
Abhijith Rajan, Operational Data Science Lead, Ripjar
Identity-based screening requires compliance teams to enhance their search processes, typically by integrating technology tools. In this context, Abhijith suggested that the name can serve as a foundation for the effective application of screening technology:
“You can immediately look at a name and have a sense of what kind of rules should be applied to screening,” said Abhijith. “Then you can start to do intelligent things around screening. It gives you ways of building in technology and applying different rules for different customers.”
With that in mind, when screening for identities, financial institutions should move beyond only using traditional fuzzy matching, and seek to implement software that links names to other types of data. This might include considering name origins, or partial-name matches, but should extend across all available data types, including email addresses, customer behaviour, bank codes, and, importantly, adverse media.
Taken in isolation, each of these data points might offer little compliance value. Linked together, on the other hand, they help financial institutions build customer identities into ‘risk profiles’, which add critical contextual intelligence, and enhance the proactive identification of sanctions risk.
Screening software that facilitates the use of linked data helps compliance teams assemble all relevant sanctions information in one place, which not only adds efficiency to risk analysis but speeds up decision-making.
Enhancing With Adverse Media
Adverse media is particularly useful in identity-based screening, not least because sanctions evasion risk may be reported by news organisations long before governments make designations on official sanctions lists.
However, effective adverse media screening is challenging for a number of reasons, not least because of the vast amount of complex data that financial institutions must search through to find relevant risk information, and the noise that data generates – all of which can lead to an overwhelming amount of false positive alerts.
With the Sanctions Masterclass poll suggesting that false positives are a top priority for financial institutions, Abhijith again pointed to the value of technology in enhancing the sanctions screening process with adverse media, including reducing noise, refining results, and reducing false positives.
Specific adverse media applications include:
Creating and leveraging curated adverse media feeds that focus on relevant risk categories.
Screening customer profiles for matches, rather than screening articles.
Applying filters for jurisdictions, entity types, or level of activity.
Tailoring alerts for specific industries and regions.
Incorporating Relationships
Identity screening also helps firms uncover the compliance risk presented by relationships, including not only family members of sanctioned persons, but their friends and close associates.
Abhijith emphasised the importance of using risk profiles to uncover relationship connections – an approach that leans in to the capabilities of search technology to capture data, including adverse media.
“People get married, they get divorced. You want to be able to see this information updated on a regular basis,” said Abhijith. “At Ripjar, we’re comfortable extracting information around things like close familial relationships, corporate relationships, and employee relationships from media.”
Using Ripjar’s screening platform as an example, Abhijith noted that relationships can be tracked visually in graphs or networks, or simply laid out textually as part of a customer’s profile. Even better, screening software can allow compliance teams to make connections with other sanctioned entities automatically, helping financial institutions uncover potential hidden links and networks.
Understanding AI Advantages
The need to incorporate linked data, from an expansive global landscape, represents a significant administrative burden for compliance teams, not least thanks to the increased volume of false positive alerts.
Acknowledging that challenge, Abhijith pointed to the potential of AI tools to not only broaden search reach and reduce manual effort, but to enhance detection and reduce false positive rates. Some of the the key potential benefits of AI screening include:
Natural language processing (NLP) tools for the analysis of adverse media and other forms of unstructured data.
Machine learning algorithms for the detection of behaviour patterns that indicate sanctions evasion.
The incorporation of unstructured contextual data in the compliance decision-making process.
The automation of decision-making for low-risk false positive alerts.
The benefits of AI were acknowledged in the Sanctions Masterclass audience poll, that found the vast majority of attendees see a role for AI in sanctions screening.
Managing AI Challenges
“AI is complicated. It’s not a transparent process, and very often you’ll find that even people who built the software will struggle to explain why a match has happened.”
Abhijith Rajan, Operational Data Science Lead, Ripjar
While AI holds promise for sanctions screening, it’s critical that firms also remember its limitations, including – in many instances – its lack of transparency. The transparency issue is a significant consideration in the integration of AI tools, and particularly generative AI (GenAI), in screening processes, since financial institutions must be able to explain a set of results to regulators during an investigation.
“Explainability in AI has become better, and it keeps getting better over time,” said Abhijith. “We need better transparency. The audit trails need to be very clear. Regular validation and fine-tuning of AI models is critical.”
The need for explainability was a recurring theme in the Sanctions Masterclass, with other panel members expressing a desire to see GenAI develop as a component of the sanctions screening process:
“It’s explainability and reliance,” said Parminder Turna, Wise Director of Product Compliance for Sanctions & Screening. “Explainability in AI has the same risk as placing reliance on a black box vendor. I would want to be able to sit in front of a regulator and explain how I’ve implemented GenAI. I think that’s the next hurdle.”
The limitations of AI don’t mean that financial institutions should shy away from using it in compliance contexts, but instead consider how they will implement it in a way that doesn’t compromise the integrity of their search results. To that end, Abhijith suggested that AI tools should be used with “guardrails” that ensure their validation and repeatability. These might include their integration with human oversight to balance efficiency and accountability, and ensuring that compliance teams receive comprehensive training in their use.
“Copilots are very common,” said Abijinth, referencing the way that Ripjar incorporates GenAI into its search solution. “The idea is that you have a GenAI support system that’s sitting next to you and allowing you to speed up your work. You allow AI to act as your first line analyst and give recommendations that can be adopted or rejected.”
Go Beyond the List with Ripjar
Going beyond the sanctions list means embracing the opportunities and challenges of a vast and evolving data landscape, and ensuring that your compliance team has the resources, skills, and tools they need to deliver results.
Financial institutions can make that process easier by exploring the capabilities of AI-powered screening platforms – such as Ripjar’s sanctions screening solution.
Supported by cutting-edge GenAI, Ripjar’s tool is capable of screening thousands of sources in seconds, including sanctions lists, watchlists, and adverse media. Customisable to the unique needs of an organisation, it captures and connects data from evolving risk environments, incorporating powerful screening features that add depth to customer name searches, and enrich the quality of search results, in order to facilitate stronger compliance decision-making.
In 2024, geopolitical turbulence, including Russia’s ongoing invasion of Ukraine, has made the global sanctions landscape more unpredictable than ever. Meanwhile, governments are knuckling down on regulatory compliance with significant, strict liability penalties for sanctions violations.
Despite that climate, many financial institutions are struggling to match the pace and complexity of sanctions programmes. Data from a recent poll, conducted as part of Ripjar and FINTRAIL’s Sanctions Masterclass in November 2024 suggests that fewer than 30% of firms are conducting proactive, intelligence-led sanctions investigations, while over 20% are only screening customers against basic, primary data fields such as name and date of birth.
Speaking at the Masterclass event, Director of Sanctions and Screening at Wise, Parminder Turna, emphasised the need for compliance teams to go beyond basic name searches, and develop more nuanced screening strategies that capture the real risks that they face. “Every system control configuration calibration is firm-specific,” Parminder said. “While you can have rules and bounce ideas off your peers, you have to have confidence and really understand your programme.”
With that need in mind, we’ve drilled down into the detail of the Sanctions Masterclass discussion in order to draw out some of Parminder and the panel’s practical insights and advice for optimising your approach to sanctions screening.
1. Focus on the what, when, and why of screening
The complexity of the global sanctions landscape makes compliance daunting, especially for firms with broad international footprints. However, sanctions compliance gets smoother and easier when every member of the compliance team has sight of, and understands, the following compliance fundamentals: what are you screening, when are you screening, and why are you screening?
What: Your sanctions compliance team should be clear about what they’re screening customers against. That means understanding the “list landscape” and how your solution uses both internal company lists, and external lists such as politically exposed person (PEP) lists to generate alerts. Your team should also be clear about how identity and location data factors into compliance decision-making: for example, is third-party-provided location data based on your company’s risk profile?
When: In a risk-based compliance environment, teams should understand when, or in which circumstances, the sanctions screening process should be initiated. Screening triggers may involve, for example, the movement of a certain amount of money, transactions which involve certain high risk locations, or customer profiles that involve certain risk characteristics.
Why: Rather than going through the motion of browsing list entries, your compliance team should understand why the screening process is taking place. In other words, team members should understand both the regulations they’re working with (the relevant sanctions programme), and how they relate to the firm’s risk appetite. The calibration of the compliance programme can change what constitutes a ‘sanctioned jurisdiction’, and everyone needs to be clear about how that changes their screening approach.
Parminder doubled-down on the importance of screening basics during the Masterclass:
You want to go above and beyond, but sometimes it’s about the fundamentals. This is about understanding your business, your programme, and your own inherent sanctions risk. Sometimes we can lose sight of that.
Parminder Turna, Wise
2. Pay attention to detail
Since the Russian invasion of Ukraine in 2022, the volume of sanctions imposed by the West against Vladimir Putin’s regime has been unprecedented, with new restrictions imposed regularly. That pace of change, and the layers of compliance complexity it brings, means that financial institutions must stay up to date on the introduction of new measures – but also go beyond the official lists, by exploring the detail and nuance of every new regulation.
In practice, that should involve a closer examination of the regulatory texts themselves, with the goal of understanding what a regulator is looking for from obligated institutions. Firms should pull data from official sources – including press releases – map that insight to existing internal information, and use it to leverage as much information as possible from customers. You could, for example, conduct a gap analysis on every new sanction in order to keep your compliance solution as tight as possible and then, with that baseline established, uplift your screening process further through internal policies.
3. Prioritise quality and completeness
During the Masterclass, Turna referenced “garbage in, garbage out”, a phrase used regularly by data analysts to emphasise the low value of insight derived from the analysis of poor quality screening data.
In other words, compliance teams should prioritise the quality of data they’re collecting on screening targets before worrying about how they use it for decision-making.
This means validating the data that your team collects, and focusing on completeness. It’s worth remembering that the volume of sanctions data that firms must deal with in 2024 has increased by an order of magnitude – a shift that makes data completeness a challenging proposition. Not only do teams need to capture the relevant information from a global landscape of millions of data points, but analyse it effectively – and do so without overwhelming their compliance solution with false positives.
The challenges of quality and completeness demand an automated solution: firms must implement screening software that can address the challenges of their risk environment by incorporating, for example, searches of global news sources and watchlists, multi-lingual name matching, and even AI-enabled analytic tools.
The topic of enhancing screening data and taking sanctions screening beyond name matching was explored further in the Sanctions Masterclass by Ripjar’s Operational Data Science Lead, Abhijith Rajan, who outlined the benefits of moving to identity-based sanctions screening and incorporating linked data.
4. Understand how to operationalise alerts
We’ve talked about the fundamentals of sanctions screening – the what, when, and why – but what about the ‘how’ of screening? Here, ‘how’ refers to what your compliance team does when a customer name search delivers an alert. If, for example, a name search generates a hit on a sanctioned person from Iran, your team must be able to determine as quickly as possible whether that individual is a sanctions concern, or not.
If the alert is remediated as a false positive, then the transaction or business relationship may proceed. In the case of a true positive, the compliance team will need to take certain regulatory steps, not least recording and reporting details of the transaction to the authorities, and freezing the assets involved.
The precise method for dealing with a sanctions alert will vary by jurisdiction, but compliance teams must be confident that they understand their obligations wherever they operate.
5. Learn how to capture unstructured data
As part of a commitment to pursuing data completeness, compliance teams must learn to deal with unstructured data effectively. Whereas structured data, like the names designated on sanctions lists, is formatted, easily-readable, and predictable, unstructured data includes written prose in news articles, for example, social media posts, press releases, and so on.
Unstructured data is typically harder to identify and analyse than structured data but is often much more valuable, especially in a risk-based compliance environment where sanctions risk may, for example, be revealed in news media long before it is confirmed by official sources. In this context, having an adverse media search capability is a huge advantage for compliance teams seeking to be proactive about changes in risk.
Capturing unstructured data effectively, as part of a sanctions screening solution, adds to the need for firms to integrate automated search tools. That technology should have a global scope since it will need to capture millions of unstructured data points, across different sanctions lists, watchlists and media, in multiple foreign languages.
Discussing this point, Parminder raised the prospect of using AI innovations, and specifically natural language processing to this end: “I think there’s a really big opportunity to use LLMs to work on these unstructured data sets,” he said, “maybe as a detective, rather than preventive, control.”
6. Automate with understanding
On the subject of AI, it’s critical that compliance teams integrate new technology with a strong understanding not only of what it can do for the accuracy of their screening results, but how it generates those outputs. The value of AI tools (and indeed any reg-tech innovation) is predicated on their explainability to regulators since those details will be critical to the outcome of subsequent investigations.
FINTRAIL Senior Sanctions Lead Emil Dall emphasised this point during the Masterclass:
I think it’s important to keep in mind that any screening decision you make, you have to be able to explain to the regulator. So if you are using AI, you have to make sure that the governance around it is strong. Don’t pick an out-of-the-box tool and just run with it.
Emil Dall, FINTRAIL
That’s not to say that AI shouldn’t be integrated as part of the sanctions compliance process, just that financial institutions must be confident about how they use it. For some institutions, it may, for example, be more impactful to integrate AI tools for procedural tasks that would otherwise have been completed manually, such as name searches of unstructured data – rather than functions in which the tech is used in the detection or prediction of sanctions risk.
7. Evolve with your risk landscape
All measures that optimise your sanctions screening solution should be taken with the understanding that they will eventually become outdated and need to be replaced. That’s not a pessimistic take, but rather an acknowledgement of the inherent fluidity of the sanctions landscape and that no single solution can ever be ‘one and done’.
In practice, this means being ready to adapt your screening solution to your risk environment, performing gap analysis regularly to find emerging vulnerabilities, and staying up to date on industry innovations and opportunities to strengthen. In this environment, flexibility and accuracy should be priorities, and financial institutions should seek to build a screening tech stack which reflects that need.
Even with the benefit of technology, however, the sheer complexity and pace of the evolving sanctions challenge may seem overwhelming to some firms, and leave them racing to shore up gaps in their screening solutions. Parminder noted that the challenge involves managing “the operational volume of BAU alerts” generated by screening activities – which can make firms feel they don’t have the capacity “to start looking at different networks of sanctions and evasion typologies”.
However, Parminder also pointed to the huge amount of resources available to help compliance teams steer their organisations through sanctions uncertainty. He listed numerous examples during the Masterclass, including official government publications, best practice guidance, think tank articles, and alerts such as those issued by the Office of Foreign Assets Control (OFAC).
“There are so many different data sources out there in structured or unstructured formats,” said Parminder. “You can incorporate that data into a typical sanctions screening programme. Every time there’s a new designation, how many people will actually go and read the press release? There’s some really interesting information in there.”
Integrate Automated Sanctions Power
Don’t wait for practical sanctions challenges to start testing your screening solution. With regulators bringing harsh non-compliance penalties down on firms that breach restrictions, it’s more important than ever to be confident about your ability to detect and deal with risk.
Ripjar’s sanctions screening solution is designed to help financial institutions address those challenges, optimise their sanctions compliance performance, and harness global risk data to empower decision-making.
Powered by cutting-edge AI, it enables real-time name searches of global sanctions lists and thousands of media and data sources from around the world. The platform includes powerful search support features, including AI Risk Profiles which extract the most relevant information about customers, and AI Summaries, a generative AI (GenAI) feature that adds concise prose descriptions of a target customer’s AML risk to their risk profile.
Since 2022, Western economic sanctions have limited the ongoing war in Ukraine by stifling the Russian economy and preventing the Russian government from acquiring goods and services for military end-use. Under that pressure, Russian president Vladmir Putin has increasingly relied on illicit means of importing military and other critical resources, including a so-called ‘dark fleet’ of ships willing to evade international trade restrictions at the risk of severe legal penalties.
With international shipping at the heart of its sanctions evasion strategy, the number of transportation and logistics companies actively engaged in Russia sanctions violations has increased dramatically. This has not only led to sanctions against these entities but sanctions against ships and vessels engaged in evasion strategies. Given the shift in the threat landscape, international businesses must be aware of the compliance risk they face when dealing with certain vessels and aircraft, and be able to spot sanctioned operators.
Why are Sanctions on Vessels and Aircraft Necessary?
Shipping entities pose a particularly high compliance risk because of their potential to operate in contravention of international sanctions rules. Many of those illegal activities involve the practical operation of vessels and aircraft themselves, in tandem with the manipulation of shipping practices and regulations. Putin’s shadow fleet has grown dramatically since 2022, with some estimates now putting it at over 1,000 tankers (and other vessels) owned and operated by persons willing to violate international law, and supply resources directly to Russia’s military.
These shadow vessels do not just pose regulatory risks but create legal and diplomatic issues, and even pose a threat of physical harm against other vessels and their crews. Their illegitimate operational status means they often have not acquired appropriate indemnity insurance and are typically older, poorly-maintained vessels that pose a significant health and safety risk to their crews and the crews of other vessels.
Key strategies that shadow vessels use to evade sanctions include:
Disabling automatic identification systems (AIS) to prevent tracking attempts.
Use of abnormal and potentially hazardous transportation routes.
Fraudulent or manipulated registration documentation.
‘Flag hopping’ or misrepresenting the flag under which the vessel operates.
Physically altering a vessel’s markings to thwart identification by authorities.
Ship-to-ship transfers, mid-route, in order to avoid customs controls.
Complex corporate ownership structures designed to hide the identity of the individuals behind the sanctions evasion crime.
In addition to financial penalties, when shadow vessels and aircraft are detected by authorities or customs officials, subsequent enforcement actions may result in significant jeopardy for crew members, who may not even be aware of the legal status of the goods they are transporting. Similarly, the consequences of any action by authorities may create or escalate diplomatic tensions, resulting in further financial costs and legal consequences.
Maritime Sanctions Impact
Western governments are addressing the sanctions threat posed by vessels and aircraft by implementing dedicated sanctions measures, such as the UK’s maritime shipping sanctions regulations, or the US Office of Foreign Asset Control’s (OFAC) blacklisting of specific shipowners, vessels, and aircraft that facilitate the transport of goods to sanctioned countries.
Maritime (and other) shipping sanctions vary by regime but typically restrict firms from engaging in business with specific vessels and aircraft. Measures and controls may include:
Designation of the vessel or aircraft registration on a sanctions list.
Seizure of the vessel or aircraft by authorities.
Seizure or freezing of assets of the vessel or aircraft’s controlling company.
Airspace restrictions and denial of access to ports and airports.
Vessel and Aircraft Sanctions: Recent Updates
In June 2024, the UK along with its G7 partners introduced a new round of Russia sanctions which included several targets within, or connected to, the Russian shadow fleet. The designations were made because the owners of the targeted vessels were found to be using shell companies as a means of concealing their involvement in the sanctions violations. The targets included:
Four vessels in the fleet itself:
Ocean AMZ (IMO 9394935)
Canis Power (IMO 9289520)
Robon (IMO 9144782)
NS Laguna (IMO 9339325)
Two vessels involved in the transportation of weapons to Russia:
Lady R (IMO 9161003)
Angara (IMO 9179842)
A ship manager:
One Moon Marine Services LLC
Combat Sanctions Risk with Effective Screening
The complexity of the sanctions risk landscape, and the impact of new sanctions against specific vessels and aircraft, represent a significant compliance challenge. With governments cracking down on sanctions evasion in jurisdictions around the world, firms must tighten their screening and monitoring solutions to ensure they keep pace with new risks.
In practice, this means that screening solutions must be able to detect ships and vessels currently designated under sanctions regimes with a high degree of accuracy, and react quickly when sanction lists are updated. That evolving data burden requires firms to implement powerful, continuous automated name screening, with global scope, in order to meaningfully contribute to the fight against sanctions evasion and, critically, avoid penalties.
Ripjar’s Labyrinth Screening platform is designed to deliver that kind of screening power, facilitating name searches of thousands of global sanctions lists and watchlists, in real time, and delivering actionable intelligence in seconds. Powered by next-generation AI technology, Labyrinth’s sanctions compliance support not only adds automated speed and accuracy to the screening process, but can add additional insight from adverse media to help compliance teams make better, faster decisions about potential sanctions risks in every corner of the world.
