The Implications of ISO 20022 on Sanctions Screening

The Bank of England’s consultation paper identifies inefficiencies within the current UK payments infrastructure, which consists of variable messaging standards to process transaction information globally. In 2018, global agreement was reached to migrate from the SWIFT Message Type (MT) standard to ISO 20022 (ISO) in the MX message format. ISO seeks to address these inefficiencies by creating a globally common messaging standard and model for payments data. The adoption of ISO will commence in November 2022 and co-exist with MT through 2025.

The current MT message type formats are restricted to character limits, which places a constraint on the amount of transaction information that can be included. Lack of full data impedes compliance functions such as Sanctions Screening, making it more difficult to validate Sanctions alerts and matches. Furthermore, there is increased exposure to Sanctions Risk, as only the limited transaction information sent or received will not be screened and therefore the institution could miss a Sanctioned element.

ISO allows banks and other financial institutions to include significantly more detailed payment information such as counterparty and remittance information. The enriched data increases payment transparency and provides the full background of the transaction history, which supports compliance departments during investigations. Furthermore, ISO will likely enable financial institutions to share a higher standard of information with law enforcement and other payment providers, consequently strengthening their ability to combat and prevent financial crime. Subsequently, this change leads to a requirement to inspect the full transaction information and determine if the additional data is in scope for screening.

What Does This Mean for Financial Institutions?

Financial institutions should be certain that the tags and fields in the ISO format are understood by their screening systems. In cases where the filter needs to be instructed on each of the fields to screen, financial institutions should update the system configuration to include all the fields. Whereas for a filter that screens everything sent, a financial institution should consider whether they can design rules to exclude out-of-scope information to prevent a large number of false positives. It is therefore essential that compliance teams make informed decisions on what data fields require screening based on the data they receive and the requirements of their Sanctions Policy.

Because of the three-year migration period, financial institutions will have to process both transaction formats, and should review existing Sanctions system rules and enhance them where necessary to include the equivalent ISO tags. Financial institutions must also decide whether they screen in the ISO format or initially translate ISO to MT. Operational teams will need to be trained on the new format to effectively perform their duties in mitigating Sanctions-related financial crime.

Financial institutions should ensure that they are prepared for the adoption of ISO, which will impact technology, processes, governance, and employees. ISO will include new defined data fields and the need for financial institutions to recalibrate sanctions systems and validate continued integration with payments systems. Financial institutions should check that any changes are reflected within their policies, procedures, formatting, budgets, and systems changes and updates.

How Can Guidehouse Help?

Guidehouse can rapidly review changes to the UK Sanctions regime and assess your financial crime framework to determine whether it is operationally effective and meets the new regulatory expectations. Guidehouse’s experienced Sanctions system specialists will be able to guide financial institutions during the transfer of historic Sanctions system rules and support data mapping from payment application to the screening filter. Guidehouse can identify enhancements through system tuning in preparation for migration and advise on optimal solutions to improve efficiency.

Our team has in-depth knowledge of the regulatory environment in the UK, Europe and globally, and best practices operated by financial institutions. Our relevant expertise includes: 

• An assessment of the new MX message format to determine whether individual tags require screening. This assessment will be conducted through a review of the bank’s data, Sanctions policy, and regulators’ expectations
• Data assessments
• Data mapping
• Filter testing
• Hit-rate reduction through rules calibration
• System configuration
• Model Validation

Guidehouse’s financial crime consultants work with financial institutions of all sizes to build effective and efficient risk management and compliance frameworks to help clients protect against legal, fiduciary, shareholder, and reputational risk. Guidehouse experts include distinguished former prosecutors, regulators, compliance officers, and consultants, who leverage their combined experience to help clients conquer their compliance challenges.

Special thanks to Sajeev Kanagarajah for contributing to this article.