Advanced Analytics in Sanctions Compliance
By Thomas Dessalet and Edwin Oloo
The big picture: The adoption of advanced analytical tools and emerging technologies such as AI and ML has continued to gain enterprise adoption across compliance solutions within the financial services industry.
Yet sanctions programmes are running behind: While the advantages of these technologies are widely accepted and continue to be leveraged and monetised in the domains of transaction monitoring, customer segmentation and risk rating, their adoption in sanctions programmes lags in relative comparison.
- Regulatory bodies, internal and external auditors, and compliance stakeholders often do not embrace approaches which augment human judgment with emerging technology.
But opportunities are there: These challenges do not disqualify the use of other analytical tools in the pursuit of a leading, efficient and risk-based sanctions programme. There are ample opportunities to leverage an analytics-focused, data-driven approach to enhance sanctions screening compliance programmes.
How to get there: Supporting a robust and risk-based sanctions programme with the use of emerging technology and further leveraging advanced analytics require an ever-evolving effort.
- Analytics and technology must be deployed as proactively as possible to stay on the forefront.
- An institution’s increasingly complex products, services and customer relationships require building out stronger sanctions detection competencies.
The bottom line: Investment in the right tools, personnel and upskilling will help streamline sanctions workflows, optimise sanctions detection systems, augment risk insight generation, and compile the requisite data for end-to-end sanctions compliance. It is incumbent upon compliance stakeholders to seek out these opportunities for technological enhancement, no matter the size, geography/jurisdiction or business of the institution.
Go deeper: Read more of our insights on this topic below.
The adoption of advanced analytical tools and emerging technologies such as artificial intelligence and machine learning (AI/ML) has continued to gain enterprise adoption across compliance solutions within the financial services industry. While the advantages of these techniques are widely accepted and continue to be leveraged and monetised in the domains of transaction monitoring, customer segmentation and risk rating, their adoption in sanctions programmes lags in relative comparison. Despite robust progress in compliance model development, regulatory bodies, internal and external auditors, and compliance stakeholders often do not enthusiastically embrace approaches which augment human judgment with emerging technology. However, that does not disqualify the use of other analytical tools in the pursuit of a leading, efficient and risk-based sanctions programme.
There are ample opportunities to leverage an analytics-focused, data-driven approach to enhance sanctions screening compliance programmes during all phases of the programme workflow. The illustration below depicts this approach and is followed by a discussion on how technology, including AI, and analytics can drive advances in these programmes.
A common gap in screening coverage is not that critical fields are missing from data — it is that the critical fields appear outside the mapped locations the system is programmed to screen.
Data Wrangling: Geolocation Use Cases
1. Vessel tracking
It is not only individuals and institutions that are sanctioned. Institutions offering trade finance services have a vested interest in keeping sanctioned vessels away from their financed or insured fleets. The use of automatic identification systems (AIS) is mandatory for most vessels of cargo-carrying size and the corresponding AIS latitude and longitude pings are available from subscription data sources for analysts interested in monitoring fleet movements. Armed with distinct vessel identifiers governed by the International Maritime Organisation (IMO) and pairwise time-location datapoints, model users can predict future paths and timing of trade finance cargo with regard to risky locales and/or other vessels of interest.
Analysts can establish controls for tracking the location of real-time movements against specific regulatory sanction lists or organisation bad-guy vessel lists to detect (or proactively minimise) proximity to higher-risk encounters at sea. Risk rating of vessels for monitoring purposes may include factors such as:
- Prior suspected ship-to-ship transfers
- Transshipment of goods to mask origination location or obfuscation of cargo details
- Lack of clear identification of vessel ownership
- Geographic/jurisdictional ties based on ship registry
- Prior high-risk vessel activity locations — with significant attention focused on ports in
Tracking models are created to identify proximity of trade financed vessels to sanctioned vessels, measure vessel time in port, or highlight any offshore anchorages (which are susceptible to the illicit ship-to-ship transfer of sanctioned goods). Vessel location data, including latitude, longitude, timestamps and directionality, combined with bill of lading information, support the use of a graphical interface like Tableau, QlikView or PowerBI for visual reporting of potential sanctioned activity in near real-time. Furthermore, use of advanced analytics and ML techniques such as social network analysis (SNA), graph analysis and matrix completion, among others, can be leveraged to detect trafficking, missing or falsified data. Additional benefits to vessel tracking include the ability to predict trade finance-related operational delays in and around ports.
With the omnipresence of peer-to-peer instant payment services and virtual currencies, sanctions risk mitigation is paramount. The ability of institutions to identify the geographic locations of payment counterparties — whether through IP address tracking or geolocation software — is the backbone of such compliance. In late 2022, the Office of Foreign Assets Control (OFAC) issued guidance reinforcing the risk-based need for instant payment providers to utilise adequate technology to remain in control of both domestic instant payments to potentially sanctioned individuals and cross-border instant payments to sanctioned individuals or jurisdictions.
Compliance stakeholders should consult with their respective IT resources to identify the capabilities already leveraged in other departments — for example, IP address identification leveraged for cybersecurity in online banking — to mitigate sanctions risk. In addition to identifying the location of IP addresses, other geolocation techniques include but are not limited to GPS, Wi-Fi positioning, cell tower triangulation, radio frequency identification (RFID), Bluetooth beacon technology and mobile network data.
3. Combating evasion
In order to capture and stem sanctions exposure, the identification and accuracy of geographic location data is of utmost importance. Sanctions evasion takes many forms and can be seen as either intentional from the users or negligent on the institution’s behalf. Neither is acceptable. The challenges to corral, clean and utilise geolocation data for combating the evasion of sanctioned activity involve both the products and methods of transactions.
The exchange of virtual currencies poses heightened sanctions risk due to the degree of anonymity of the counterparties, coupled with the ease of disguising the end users’ locations. For other payments, the use of virtual private networks (VPN), proxy servers and other location-spoofing techniques are hurdles which must be cleared with advanced location identification techniques. Due to this widespread prevalence, OFAC advocated for the use of advanced geolocation technology against VPNs and proxy servers in official guidance directed at identifying the ultimate IP address/location of persons in comprehensively sanctioned jurisdictions.
Sourced solutions exist that can alleviate the burdens of location detection and may leverage the following:
- Wi-Fi positioning: Leverages the location information from nearby connected devices,
routers, mobile hotspots, etc.
- Mobile GPS: Location pings can geolocate users performing transaction activities from
mobile devices not connected via Wi-Fi.
- Cell tower triangulation: The use of multiple telecommunications towers can pinpoint the
location of a pinged mobile device based on signal strength and response time.
Proprietary solutions exist for geolocation using some mix of one or more of the above (though data availability and acquisition remain the most significant challenges for identification of referential geolocation data). The savings from the costs of geolocation tools can be recouped in the form of tangible benefits such as reduced penalties for lack of compliance, as well as additional intangible enterprise benefits such as mitigating negative reputational/headline risks. As with most compliance costs, the downside risk in the form of reduced penalties from sanctioned activity greatly outweighs the technological and operational expenditure. The ability to streamline operations in a quick and lean manner using instantaneous geolocation also reduces the costs, both time and monetary, of manual identification of payer location within permissible areas.
In order to capture and stem sanctions exposure, the identification and accuracy of geographic location data is of utmost importance.
Analytics and technology must be deployed as proactively as possible in order to stay on the forefront.
Edwin Oloo is an associate director in Protiviti’s Risk and Compliance practice, specialising in regulatory compliance and advanced data analytics. He has over 10 years of experience building multivariable statistical and machine learning models in the areas of financial crime compliance, anti-money laundering, counter-terrorist financing, eDiscovery, customer risk-rating analysis, risk assessment, fraud, alert risk-scoring, forensics investigations and process automation. He is adept with data privacy laws and building machine learning applications adhering to GDPR requirements. Oloo delivers consulting and advisory services through a quantitative perspective, implementing project management best practices and advanced technical insights while identifying opportunities to integrate data-science solutions.
Thomas Dessalet is a senior manager in Protiviti’s Risk and Compliance practice focused on providing advanced data science and modeling solutions. Based in Philadelphia, he has more than 10 years of experience with model development, risk management and data analytics covering anti-money laundering, financial crimes compliance, sanctions detection, risk rating, credit and AI/ML models. Prior to re-joining Protiviti, he served as the head of compliance model development at Oppenheimer & Co., responsible for end-to-end oversight of transaction monitoring, KYC customer risk rating and sanctions screening models. Dessalet is a contributor to and recurring panelist in Protiviti’s Financial Crimes Compliance Roundtable series, specialising in technology and industry trends.
Protiviti’s Financial Crime practice specialises in helping financial institutions satisfy their regulatory obligations and reduce their financial crime exposure using a combination of anti-money laundering/combating the financing of terrorism and sanctions risk assessment, control enhancements, and change capability to deliver effective operational risk and compliance frameworks. Our team of specialists assists organisations with protecting their brand and reputation by proactively advising on their vulnerability to financial crime, fraud and corruption, professional misconduct, and other financial business risk issues.
 Vessel Ownership, Trade Finance and Regulatory Compliance, S&P Global Market Intelligence, April 2023: www.tradefinanceglobal.com/wp-content/uploads/2023/04/Vessel-OwnershipTrade-Finance-and-Regulatory-Compliance.pdf
 “Sanctions Compliance Guidance for Instant Payment Systems,” September 2022: ofac.treasury.gov/media/928316/download?inline
 Sanctions Compliance Guidance for the Virtual Currency Industry, Office of Foreign Assets Control, October 2021: ofac.treasury.gov/media/913571/download?inline