Category Archives: Law Enforcement Lists

02.17.15
by

January 29, 2015: New FBI Most Wanted Terrorist

  • Liban Haji Mohamed, a naturalized U.S. citizen born in Somalia, has been named to the FBI’s list of Most Wanted Terrorists, and a reward of up to $50,000 is being offered for information leading to his arrest and conviction. Mohamed is charged with providing material support and resources to al Qaeda and al Shabaab, a Somali-based terrorist organization.

The story is also available on the FBI This Week podcast and, for good measure, a detailed profile of Liban. The profile highlights, among other things, why the FBI wants him so badly:

“It is important for us to locate Mohamed because he has knowledge of the Washington, D.C. area’s infrastructure such as shopping areas, Metro, airports, and government buildings,” Ghattas explained. “This makes him an asset to his terrorist associates who might plot attacks on U.S. soil.”

Link:

FBI Notice

FBI This Week Audio Story

FBI Profile of Liban Haji Mohamed

 

01.16.13
by

Time is of the essence

An essential question of any watchlist screening program is “when”, which actually comes in two flavors:

  • When does the company’s data need to be screened?
  • When do watchlists need to be updated?

I could weasel out of both of these by saying “in a timely manner”, of course – and I’d be right. However, let’s try to be more precise.

It is true that the frequency of data updates and screening processes is a risk-based decision. However, there are some limitations. For example, business transactions – things that transfer assets or create obligations to transfer those assets – generally have to be screened against sanctions lists “real-time”, which is to say, before the item goes out the door and/or gets finalized on the books (and gives the client access to those assets). Why “generally”, you might ask? While the most prominent sanctions regulations are designed to prevent sanctioned entities from having access to assets, some (South Africa being the one Mr. Watchlist is most familiar with) only require the reporting of suspicious transactions after the fact. If the assets are no longer in the firm’s control when the government moves to seize them, oh, well… (no, I’m not kidding – at least as of a few years ago).

I should note that transactions are less frequently screened against non-sanctions lists – especially the PEP list. A match to an off-the-books party doesn’t mean much if you can’t monitor their ongoing activity in the aggregate – with the potential exception of law enforcement lists. And you know Mr. Watchlist is not a fan of law enforcement lists because the generic nature of the names on the lists and the limited information about them – perhaps that’s why all the online most wanted lists are primarily photo indices.

Screening static data is a whole ‘nother kettle of fish. If assets are not entering or leaving one’s account, the impetus for timeliness is much less urgent. So, a weekly or monthly (or quarterly) screening against other list is not unheard-of – if you’re also screening the transactions.

There is one good argument for screening static data more frequently, though – and it’s all about staff allocation and productivity. If you screen more frequently, you will, in general, spread the manual review work out more evenly. In addition, when there are changes to lists that cause a real increase in matches, screening more frequently might allow a firm to make a rules-based false positive reduction (FPR) change that will pay more benefits sooner, reducing or eliminating the increase on the subsequent screenings.

Now, to the second question: how often do you have to update your watchlists? Economic sanctions lists should be updated as available from your data provider and as practical for your business. Translation, please?

First, there will be a lag between the time a list update is made by the regulator and the time it is made available by the data vendor. The data needs to be reformatted in your software’s format, and often will need to be enhanced to include things like matching phrases.

Second, with some applications, ongoing processing may halt or be slowed by processing a list update. Therefore, waiting until a slack period in the day (e.g. lunch time), or after hours is prudent and not unreasonable.

Let’s look to the OFAC Enforcement Guidelines again. OFAC considers how recently the listing which caused the violation was added to the SDN list as a mitigating or aggravating factor when assessing a violation. Miss an item issued two hours ago? You’re not going to get fined for that – that’s as close to a guarantee Mr. Watchlist will ever give. On the other hand, if you haven’t updated the SDN list in a month… that’s not a pretty picture to paint for the regulator or auditor.

Beyond sanctions lists, the question of how frequently to update your lists is largely up to you. For example, one PEP and adverse media provider updates its database daily, while another data provider provides weekly updates. Obviously, the sooner you can identify a potential problem, the sooner you can decide what to do about it. On the other hand, unless you’re planning on terminating a relationship that matches one of these lists, an extra day, week or even month is unlikely to make a real difference to your risk in the overwhelming majority of cases.

So, like Mr. Watchlist said, with the exception of screening business transactions, you have to handle these things “in a timely manner”. And you get to define “timely”… it’s a wonderful thing.

01.15.13
by

Law enforcement updates

I’ve added links to the Drug Enforcement Agency’s Most Wanted list, and to the Canada Border Security Agency’s list to the Watchlists page. Also, some of the law enforcement agencies provide email updates (which is how Mr. Watchlist finds out about sanctions lists updates, too), so you’ll eventually see blog posts about changes to some of the agencies’ most wanted lists.