A lot of this seems daunting, doesn’t it? So many possible lists, system settings to consider… and so much work to process Day 1. Seems a little nuts to me…

Well, even if you’re facing down the loaded end of a C&D (cease and desist), one doesn’t have to implement a whole raft of changes in the blink of an eye. You can phase in your changes.

What auditors and regulators want to see is, of course, an acceptable program – eventually. What matters more is the plan to get there. These folks aren’t ogres (at least, not the ones I’ve met).

Imagine the following paths to “full” compliance:

1. In January, you screen all accounts with an average daily balance of $1MM US against your PEP list. In March, you lower that threshold to $750,000. In May, you lower the threshold to $500,000. In August, it goes down to $250,000 and finally, in January of the next year, you drop it to $100,000…
2. In the beginning of January, you start screening your accounts against sanctions lists using exact matching. In mid-January, you start using fuzzy screening at 93%. In mid-February, the fuzzy threshold drops to 91% – in mid-March, to 90%, in mid-April, to 88%, in mid-May, to 87%…
3. In January, you begin screening against OFAC, the HMT (Her Majesty’s Treasury) list, the UN list and the EU list, because they’re your highest-volume currencies. In February, you add the second tier – the Canadian lists (OSFI, plus the DFAIT economic sanctions countries and cities, which include some city names that are very common in the US), the Japanese Ministry of Finance, the Monetary Authority of Singapore list and the Hong Kong Monetary Authority list. In March…
4. In January, you start screening account information against national and international-level foreign PEPs that are still in office. In February, you include officials who have left office within the last 3 years. In March, you include national and international-level domestic PEPs who are still in office. In April, you include domestic officials who have left office within the last 3 years. In April, you include provincial/state-level domestic PEPs. In May, you include local-level domestic PEPs.
5. In January, you start out with what you consider the bare minimum list of sanctions lists, including OFAC. Over the next few months, you add transaction-specific lists, such as BIS (Bureau of Industry and Security), BISN (Bureau of International Security and Nonproliferation), DTC (Directorate of Defense Trade Controls) and the World Bank Debarred List. In the second half of the year, you add a screen to your client onboarding process against law enforcement lists, including US Marshal Service, FBI, and Interpol.

Making some of these changes may increase the overall number of matches over time (e.g. changing the fuzzy logic level), while others may just increase the number of matching entity listings (which increases the time to clear each item).

Why phase in changes, instead of a “big bang” that gets your program up to snuff immediately? First, there’s the cost – a large increase in matches will either mean overtime, a large increase in staff or temporary help and/or less time devoted to making a decision on each match. Second, there’s the likelihood that a massive set of changes will overwhelm your staff, making them less, rather than more, productive (which adds to costs and errors). Third, making significant changes requires that compliance processes still keep their focus on the proper set of priorities – like, economic sanctions items are most important, followed by PEP screening, followed by other due diligence efforts (that’s an example – your priorities might be different). Priorities can easily get lost amidst the rush to get the decks cleared on a daily basis.

So, plan getting from here (where you are today) to there (where you want to end up) in an orderly fashion, like they tell you to do in movie theaters for if there’s an emergency, like a fire – instead of in the mad rush that usually happens. There will be fewer bruises all around if you do.