Legal Update: Strengthening AML/CFT Name Screening Practices

Quick links

Search our News by

16 Jul 2022

In this legal update, we examine the information paper issued by the Monetary Authority of Singapore (“MAS”) on 28 April 2022 regarding the strengthening of Anti-Money Launder/Combating the Financing of Terrorism (“AML/CFT”) Name Screening Practices for Financial Institutions (“FIs”).

What is Name Screening?

Name screening is a fundamental control in the AML/CFT frameworks of financial institutions. FIs screen the names of potential and existing customers, and their relevant parties1, to identify associations with sanctions, politically exposed persons (“PEP”), and other adverse news. This identification enables FIs to assess potential money laundering, terrorism financing and proliferation financing (“ML/TF/PF”) risks posed by these parties, and take steps to manage and mitigate these risks.

FIs typically perform name screening during customer onboarding, periodic Know-Your-Customer (KYC) reviews, ongoing batch screening2, and transactions processing.

MAS Overall Observations

In the information paper, MAS sets out the observations and good practices, as well as its supervisory expectations. FIs should benchmark themselves against the practices and supervisory expectations set out in the paper in a risk based and proportionate manner.

MAS observed that FIs generally had adequate management oversight and formalised policies and procedures (“P&P”) on the use of systems and resolution of alerts, to facilitate consistent implementation. However, the robustness of name screening practices was uneven across FIs.

Senior management of some FIs did not exercise adequate oversight, leading to deficiencies in P&P and poor checks and balances over alert resolution. These resulted in lapses in the execution of name screening controls and, in some cases, potential regulatory breaches.

MAS also observed that several FIs placed undue reliance on system vendors to set the parameters in their name screening systems, without adequately understanding how the settings impact the accuracy and effectiveness of the screening results.

Notwithstanding the outsourcing of services to the service providers, it is pertinent to note that the board and senior management are still ultimately responsible for maintaining effective oversight and governance of outsourcing arrangements, managing outsourcing risks and implementing an adequate outsourcing risk management framework.

In summary:

there is a risk that the FIs’ screening systems may not have been appropriately calibrated to cater to the risk profile of their business activities;
FIs should adequately assess and test that the screening parameters are effective for generating name matches; and
FIs should draw their system vendors’ attention to this paper, for them to gain a better understanding of MAS’ expectations of FIs, and work with FIs to achieve them.

MAS’s Expectations of FIs

MAS looks to an FI’s Board and Senior Management (“BSM”) to exercise oversight of the governance and implementation of effective name screening processes, as part of the FI’s overall AML/CFT frameworks and controls. BSM should set an appropriate tone-from-the-top on the importance of these controls, and ensure that:

adequate frameworks and P&P on name screening controls are established.
relevant staff have a good understanding of the strengths and limitations of the FI’s name screening systems (and their corresponding parameters) and have processes to assess if the systems are performing as intended.
effective checks and balances, such as maker-checker controls and quality assurance (“QA”) processes, are implemented for alert resolution.

We set out below some of the key expectations MAS has for the FIs.

Senior Management Oversight

Senior management are to exercise active oversight of FIs’ name screening frameworks, policies, processes and compliance;
Senior management or management committees responsible for overseeing ML/TF/PF risks are to have access to relevant information to monitor and deliberate follow-up actions;
FIs to put in place established processes to track the ageing of unresolved name screening alerts, including details such as days outstanding, functions responsible and weekly trends;

Frameworks, Policies and Procedures

FIs to establish adequate frameworks, P&P on name screening for customer onboarding, periodic KYC reviews, ongoing batch screening and transaction processing;
There should be wider scope of identified parties for screening beyond baseline regulatory requirements;
FIs should conduct regular batch screening of customers and relevant parties to identify new ML/TF/PF information in a timely manner;
FIs should implement structured processes to track parties for screening to prevent/detect omissions and delays;

Screening parameters and databases

FIs in implementing name screening systems should adequately assess and test that the screening parameters applied are effective for generating name matches;
FIs should perform regular reviews of their screening parameters to assess whether they are effective in highlighting ML/TF/PF risks;
FIs should establish controls to regularly review the completeness of their screening databases;
FIs should incorporate fuzzy logic matching capabilities to perform more effective name screening;

Alert resolution

FIs should perform robust and timely assessment of name screening alerts, and maintain adequate documentation of the assessment;
FIs should establish clear P&P for the resolution of alerts, and include detailed guidance and examples on criteria to assess, types of identifiers to consider and documentation requirements, such as justification for dismissing screening alerts;
FIs should not exclude (i) adverse news from regional and local news sources, or (ii) past adverse news; and
FIs should not dismiss (i) group of alerts on consolidated basis without addressing the specific unique information in each individual alert, or (ii) alerts with generic explanations that were inadequate to justify the conclusions.

We further set out below some negative observations made by MAS, which FIs should not practise, and our recommendations on how to prevent such problems from arising.

Negative Observations	How to prevent?
Not paying adequate attention to name screening matters, resulting in deficiencies such as inadequate name screening P&P, inadequate checks and balances over the alert resolution process and no records of substantive discussions on AML/CFT matters during management meetings;	Board should appoint a senior management personnel or the compliance officer to be overall in charge of the implementation of AML/CFT frameworks and controls. Regular meetings should also be held to evaluate the effectiveness of the name screening process.
Using manual batch screening which is prone to human error, and failure to perform batch screening on a timely basis	Subscribe to batch screening services provided by third party vendors and ensure that the selected screening parameters are sufficient.
Failure to include the names of all relevant parties of customers (e.g. connected parties3) for name screening.	A group chart should be prepared for every customer to show all shareholders (including ultimate beneficial owners) and directors.
Failure to check the adequacy of the vendor’s screening database	Enquiries should be made about the vendor’s sources used for name screenings, and determine if these sources are sufficient or should be supplemented with the FI’s internal screening lists.

Conclusion

FIs should take MAS’s expectations into account and take name screening in AML/CFT seriously. Adequate name screening processes will be required to ensure compliance with the requirements under the relevant notices and guidelines. MAS would not hesitate to take enforcement actions against FIs who have failed to comply with their AML/CFT requirements, as they had done in previous cases.

Please feel free to contact us if you would like to know more about how your organisation and you can manage your ML/TF/PF risks and comply with your AML/CFT obligations.

Please click on the attachment for more details.

For further information contact:

Claudia Teo
Partner & Head, Corporate and Financial Services
ClaudiaTeo@harryelias.com
+65 6361 9845

Derick Ting
Partner
DerickTing@harryelias.com
+65 6361 9363

Tan Tien Wei
Of Counsel
TienweiTan@harryelias.com
+65 6361 9863

Timothy Lim
Associate
TimothyLim@harryelias.com
+65 6361 9367

Contact:

Claudia Teo

Read more about Claudia Teo

Partner

Head, Corporate and Financial Services

+65 6361 9392

+65 6438 1788

ClaudiaTeo@harryelias.com

Related Expertise:

Corporate

In this legal update, we examine the information paper issued by the Monetary Authority of Singapore (“MAS”) on 28 April 2022 regarding the strengthening of Anti-Money Launder/Combating the Financing of Terrorism (“AML/CFT”) Name Screening Practices for Financial Institutions (“FIs”).


	What is Name Screening?


	Name screening is a fundamental control in the AML/CFT frameworks of financial institutions. FIs screen the names of potential and existing customers, and their relevant parties1, to identify associations with sanctions, politically exposed persons (“PEP”), and other adverse news. This identification enables FIs to assess potential money laundering, terrorism financing and proliferation financing (“ML/TF/PF”) risks posed by these parties, and take steps to manage and mitigate these risks. 


	FIs typically perform name screening during customer onboarding, periodic Know-Your-Customer (KYC) reviews, ongoing batch screening2, and transactions processing.


	MAS Overall Observations


	In the information paper, MAS sets out the observations and good practices, as well as its supervisory expectations. FIs should benchmark themselves against the practices and supervisory expectations set out in the paper in a risk based and proportionate manner.


	MAS observed that FIs generally had adequate management oversight and formalised policies and procedures (“P&P”) on the use of systems and resolution of alerts, to facilitate consistent implementation. However, the robustness of name screening practices was uneven across FIs.


	Senior management of some FIs did not exercise adequate oversight, leading to deficiencies in P&P and poor checks and balances over alert resolution. These resulted in lapses in the execution of name screening controls and, in some cases, potential regulatory breaches.


	MAS also observed that several FIs placed undue reliance on system vendors to set the parameters in their name screening systems, without adequately understanding how the settings impact the accuracy and effectiveness of the screening results.


	Notwithstanding the outsourcing of services to the service providers, it is pertinent to note that the board and senior management are still ultimately responsible for maintaining effective oversight and governance of outsourcing arrangements, managing outsourcing risks and implementing an adequate outsourcing risk management framework.


	In summary:

<ol style="list-style-type:lower-roman">
	<li>
		there is a risk that the FIs’ screening systems may not have been appropriately calibrated to cater to the risk profile of their business activities;
	</li>
	<li>
		FIs should adequately assess and test that the screening parameters are effective for generating name matches; and
	</li>
	<li>
		FIs should draw their system vendors’ attention to this paper, for them to gain a better understanding of MAS’ expectations of FIs, and work with FIs to achieve them.
	</li>
</ol>

	MAS’s Expectations of FIs


	MAS looks to an FI’s Board and Senior Management (“BSM”) to exercise oversight of the governance and implementation of effective name screening processes, as part of the FI’s overall AML/CFT frameworks and controls. BSM should set an appropriate tone-from-the-top on the importance of these controls, and ensure that:

<ol style="list-style-type:lower-roman">
	<li>
		adequate frameworks and P&P on name screening controls are established.
	</li>
	<li>
		relevant staff have a good understanding of the strengths and limitations of the FI’s name screening systems (and their corresponding parameters) and have processes to assess if the systems are performing as intended.
	</li>
	<li>
		effective checks and balances, such as maker-checker controls and quality assurance (“QA”) processes, are implemented for alert resolution.
	</li>
</ol>

	We set out below some of the key expectations MAS has for the FIs.


	Senior Management Oversight

<ul>
	<li>
		Senior management are to exercise active oversight of FIs’ name screening frameworks, policies, processes and compliance;
	</li>
	<li>
		Senior management or management committees responsible for overseeing ML/TF/PF risks are to have access to relevant information to monitor and deliberate follow-up actions;
	</li>
	<li>
		FIs to put in place established processes to track the ageing of unresolved name screening alerts, including details such as days outstanding, functions responsible and weekly trends;
	</li>
</ul>

	Frameworks, Policies and Procedures

<ul>
	<li>
		FIs to establish adequate frameworks, P&P on name screening for customer onboarding, periodic KYC reviews, ongoing batch screening and transaction processing;
	</li>
	<li>
		There should be wider scope of identified parties for screening beyond baseline regulatory requirements;
	</li>
	<li>
		FIs should conduct regular batch screening of customers and relevant parties to identify new ML/TF/PF information in a timely manner;
	</li>
	<li>
		FIs should implement structured processes to track parties for screening to prevent/detect omissions and delays;
	</li>
</ul>

	Screening parameters and databases

<ul>
	<li>
		FIs in implementing name screening systems should adequately assess and test that the screening parameters applied are effective for generating name matches;
	</li>
	<li>
		FIs should perform regular reviews of their screening parameters to assess whether they are effective in highlighting ML/TF/PF risks;
	</li>
	<li>
		FIs should establish controls to regularly review the completeness of their screening databases;
	</li>
	<li>
		FIs should incorporate fuzzy logic matching capabilities to perform more effective name screening;
	</li>
</ul>

	Alert resolution

<ul>
	<li>
		FIs should perform robust and timely assessment of name screening alerts, and maintain adequate documentation of the assessment;
	</li>
	<li>
		FIs should establish clear P&P for the resolution of alerts, and include detailed guidance and examples on criteria to assess, types of identifiers to consider and documentation requirements, such as justification for dismissing screening alerts;
	</li>
	<li>
		FIs should not exclude (i) adverse news from regional and local news sources, or (ii) past adverse news; and
	</li>
	<li>
		FIs should not dismiss (i) group of alerts on consolidated basis without addressing the specific unique information in each individual alert, or (ii) alerts with generic explanations that were inadequate to justify the conclusions.
	</li>
</ul>

	We further set out below some negative observations made by MAS, which FIs should not practise, and our recommendations on how to prevent such problems from arising.

<table border="0" cellpadding="0" cellspacing="0">
	<tbody>
		<tr>
			<td style="width:301px; height:29px">
				
					Negative Observations
				
			</td>
			<td style="width:301px; height:29px">
				
					How to prevent?
				
			</td>
		</tr>
		<tr>
			<td style="width:301px; height:117px">
				<ul>
					<li>
						Not paying adequate attention to name screening matters, resulting in deficiencies such as inadequate name screening P&P, inadequate checks and balances over the alert resolution process and no records of substantive discussions on AML/CFT matters during management meetings;
					</li>
				</ul>
			</td>
			<td style="width:301px; height:117px">
				<ul>
					<li>
						Board should appoint a senior management personnel or the compliance officer to be overall in charge of the implementation of AML/CFT frameworks and controls.
					</li>
					<li>
						Regular meetings should also be held to evaluate the effectiveness of the name screening process.
					</li>
				</ul>
			</td>
		</tr>
		<tr>
			<td style="width:301px; height:73px">
				<ul>
					<li>
						Using manual batch screening which is prone to human error, and failure to perform batch screening on a timely basis
					</li>
				</ul>
			</td>
			<td style="width:301px; height:73px">
				<ul>
					<li>
						Subscribe to batch screening services provided by third party vendors and ensure that the selected screening parameters are sufficient.
					</li>
				</ul>
			</td>
		</tr>
		<tr>
			<td style="width:301px; height:73px">
				<ul>
					<li>
						Failure to include the names of all relevant parties of customers (e.g. connected parties3) for name screening.
					</li>
				</ul>
			</td>
			<td style="width:301px; height:73px">
				<ul>
					<li>
						A group chart should be prepared for every customer to show all shareholders (including ultimate beneficial owners) and directors.
					</li>
				</ul>
			</td>
		</tr>
		<tr>
			<td style="width:301px; height:87px">
				<ul>
					<li>
						Failure to  check the adequacy of the vendor’s screening database
					</li>
				</ul>
			</td>
			<td style="width:301px; height:87px">
				<ul>
					<li>
						Enquiries should be made about the vendor’s sources used for name screenings, and determine if these sources are sufficient or should be supplemented with the FI’s internal screening lists.
					</li>
				</ul>
			</td>
		</tr>
	</tbody>
</table>

	 


	Conclusion


	FIs should take MAS’s expectations into account and take name screening in AML/CFT seriously. Adequate name screening processes will be required to ensure compliance with the requirements under the relevant notices and guidelines. MAS would not hesitate to take enforcement actions against FIs who have failed to comply with their AML/CFT requirements, as they had done in previous cases.


	Please feel free to contact us if you would like to know more about how your organisation and you can manage your ML/TF/PF risks and comply with your AML/CFT obligations.


	Please click on <a href="/sites/default/files/u4/20220715_ebulletin_info_paper_on_stregthening_aml_cft_name_screening_practices.pdf" style="background-color:rgb(230, 231, 232)">the attachment</a> for more details.


	For further information contact:


	Claudia Teo  
	Partner & Head, Corporate and Financial Services  
	<a href="mailto:ClaudiaTeo@harryelias.com">ClaudiaTeo@harryelias.com</a>  
	+65 6361 9845


	Derick Ting  
	Partner  
	<a href="mailto:DerickTing@harryelias.com">DerickTing@harryelias.com</a>  
	+65 6361 9363


	Tan Tien Wei  
	Of Counsel  
	<a href="mailto:TienweiTan@harryelias.com">TienweiTan@harryelias.com</a>  
	+65 6361 9863


	Timothy Lim  
	Associate  
	<a href="mailto:TimothyLim@harryelias.com">TimothyLim@harryelias.com</a> 
	+65 6361 9367