In recent years we've been hearing the term "compliance" more and more often, but what does it actually mean? "Compliance" can probably best be translated as "adherence to rules" or "conformity with rules." In business, this means that the company complies with all applicable laws and regulations, often including voluntary commitments that are not legally binding.
Building blocks for compliance
For a company to reliably comply with all applicable laws and regulations, it needs several building blocks:
- The company's Board of Directors is responsible for developing the structures as well as the awareness within the company that everyone must abide by the rules.
- Lawyers must know the relevant laws and deduce from them what the company is allowed and not allowed to do. They should advise the Board on what structures are needed to ensure and monitor compliance with the regulations.
- Experts are assigned these oversight responsibilities for the specific areas in which they specialize. For example, a data protection officer ensures that the processing of personal data within a company only occurs in accordance with the German Federal Data Protection Act (BDSG) and the European General Data Protection Regulation (GDPR).
- A money laundering officer (MLO) does not launder illegal money, but is responsible for ensuring that the company does not engage in corruption and money laundering and that the company complies with the obligations arising from the "Act on the Tracing of Profits from Serious Crimes" (Money Laundering Act, MLA).
- Technical systems can help experts perform their tasks by, for example, identifying personal data records to be blocked or deleted, or by matching the names of contractors with those on sanctions lists.
More attention being paid to sanctions lists
Since the Russian invasion of Ukraine in February 2022, the issue of sanctions lists has come under greater scrutiny, as these lists have been expanded in several waves to include Russian nationals with whom it was previously easy to do business within the EU. This meant that money laundering officers now had to consider new lists in quick succession and examine the existing set of contractors to see if they now appeared on one of these lists. If they did, the officers would then have to draw appropriate conclusions.
The Flag as Suspicious Satellite
In this task, money laundering officers can be supported by the "Flag as Suspicious Satellite," an add-on module for in|sure Partner. The Flag as Suspicious Satellite (FSS) is an additional application that is installed along with in|sure partner. In|sure Partner then informs the FSS each time that a new partner is created or changed so that the FSS can check whether the partner's name is on a list. If one or more of these hits are found, the corresponding records from the list are stored in the FSS as "flagged as suspicious" for the partner concerned. Users who have carried out the processing in in|sure Partner receive a corresponding notice that at least one record has been flagged as suspicious and should await further examination by the MLO. Therefore, if the company intends to enter into a contract with this partner, further processing of the contract should be paused until a final review by the MLO has occurred.
Flagged as Suspicious
The MLO, on the other hand, is also informed when a partner is flagged as suspicious. Usually this is done by email, but of course, integration into workflow systems is also possible. The MLO can now look at the data for this partner in what has been flagged as suspicious and evaluate whether the partner is actually the person named in the lists or whether there is just a coincidental name match in this case. If the MLO concludes that the partner is not the person named on the list, then they reject the flag. If the suspicion proves to be true, then the flag will be confirmed. In case of rejection, the above process can be continued for the purpose of concluding a contract with this partner. When a flag is confirmed, the continuation of the process also depends on the list on which the person was found. FFS currently processes EU and US sanctions lists as well as a list of "politically exposed persons" (PEP). Politically exposed persons are essentially high-ranking state and government employees and their family members. An exact definition can be found in Sec. 1 Par. 12 of the MLA. While no business relationship may be entered into with persons on the sanctions lists, this is perfectly permissible for PEPs. However, a special risk assessment must be carried out.
If a new version of one of the mentioned lists is now published, this list must be imported into the FSS and activated. Then the FSS can compare the entire previous partner inventory against the newly imported list. The MLO is then informed only of those cases for which new records have been flagged as suspicious that were not previously known and now require evaluation by the MLO.
Support, not paternalism
In this way, in|sure Partner's Flag as Suspicious Satellite supports money laundering officers in their task of ensuring compliance with the Money Laundering Act, thus contributing to the company's compliance. The software therefore simplifies the process of matching the names of customers with those named on the published lists; the final decision as to whether a person is actually listed is still made by the human being.
Want to learn more about in|sure Partner? Then feel free to contact our expert Carsten Voigtländer, head of business development at adesso insurance solutions.
Do you have any questions or comments? Then please leave us a comment.