10 Actions Financial Institutions Should Take to Address the Russian and Belarussian Sanctions
An unprecedented wave of sanctions and export controls against Russia, and to a lesser extent Belarus, requires financial institutions from the West and other allied countries to take immediate steps to understand the impact of the complex requirements and ensure compliance.
As the West and Russia continue to engage in a back-and-forth exchange of sanctions, financial institutions globally are facing unprecedented compliance challenges as they try to grasp their full impact. While the situation is far from settled, there is a number of actions financial institutions subject to Russian and Belarussian sanctions should be taking now:
- Educate all three lines of defense: Keeping up to date with the rapidly evolving compliance environment related to Russia and Belarus will require cooperation and coordination between and among all three lines of defense. Financial institutions should consider real-time information channels, such as a Russia-Belarus Sanctions Q & A site on the company intranet, knowledge sharing sessions and/or an internal hotline.
- Verify that the right sanctions lists are being screened: Validating that the correct sanctions lists are being used should be an ongoing requirement of sanctions program hygiene; however, the current circumstances argue for not waiting until the next planned review of applicable sanctions lists, but rather confirming immediately that all applicable lists are being deployed by the organization’s sanction screening system. Financial institutions should institute an immediate event-driven review of all watchlists being deployed to help ensure global compliance coverage.
- Decide how to manage the differences between and among national/regional sanctions regimes: While the actions of Western and other allies have been closely aligned in principle, specific sanction determinations have not (e.g., as of now, the UK has sanctioned a much larger number of Russian individuals than the U.S. or Canada). Financial institutions need to determine whether they want to treat all the major sanction programs as equal on the theory that over time they will move closer to parity, or whether they want to comply only with the sanctions that legally apply to their operations today.
- Understand the completeness of sanctions lists being used: Some of the sanctions programs recently introduced apply to named individuals and their business interests (in some jurisdictions, this would include all entities owned 50% or more). Some list providers routinely include these sorts of affiliations; others may not. Financial institutions should immediately confirm whether the lists they are using capture all individuals and entities subject to sanctions and, if not, determine what steps they need to take to supplement existing lists.
- Confirm vendor timelines for updating sanctioned parties: Just as financial institutions are being challenged by the speed and complexity of the sanctions being rolled out, so too are some vendors. For global financial institution, new sanctions are being issued not only daily, but also intraday. Financial institutions need to validate that their vendors are adding new sanctioned parties in a timely manner.
- Remember manual monitoring needs: Certain types of transactions – such as letters of credit – have always required some degree of manual monitoring. The intent and complexity of the Russian-Belarussian sanctions will require heightened due diligence to help ensure trade finance and other transaction types with highly manual screening approach do not violate sanctions requirements.
- Avoid a backlog: Financial institutions should quickly determine whether existing sanction alert clearing skillsets and capacity (for both automated and manual monitoring) are sufficient or needs to be supplemented. Larger institutions may want to consider forming a “Russian-Belarussian Sanctions” team comprising individuals who are continually educated on new sanctions and their nuances, as well as ramping up staff to assist with a spike of alerts.
- Be alert to attempts to evade sanctions: Financial institutions should consider the need to modify or add to their transaction monitoring routines to identify possible evasion of existing sanctions. These attempts might involve different methods of transfer (e.g., cryptocurrency, use of uncustomary payment systems), increased activity from or through jurisdictions that have not implemented similar sanctions or from offshore banking centers and increased shell company activity.
- Don’t ignore the unintended consequences: At present, Russia and Belarus are subject to a series of sectoral sanctions, which don’t broadly affect the Russian/Belarussian people and include carve-outs for humanitarian purposes. Institutions that decide to apply sanctions more broadly than required should be mindful of how their actions will affect unsanctioned parties.
- Consider the impact of sanctions and self-sanctioning on client base: Clients that are forced to leave Russia because of the sanctions or that opt to leave for business risk reasons as well as subsidiaries of Russian/Belarussian companies operating in other jurisdictions will be subject to varying financial impacts. Financial institutions should closely monitor the impact of a market withdrawal on their borrowers.
The industry has many questions about the specific application of the various sanction programs, and financial institutions will need to continue to monitor developments closely for additions to the sanction lists and interpretive guidance.
Protiviti’s Financial Crimes practice specializes in helping financial institutions satisfy their regulatory obligations and reduce their financial crime exposure using a combination of AML/CTF and sanctions risk assessment, control enhancements and change capability to deliver effective operational risk and compliance frameworks. Our team of specialists assists organizations with protecting their brand and reputation by proactively advising on their vulnerability to financial crime, fraud and corruption, professional misconduct, and other financial business risk issues.