On September 30, 2022, the US Department of the Treasury's Office of Foreign Assets Control (OFAC) published "Sanctions Compliance Guidance for Instant Payment Systems". The guidance highlights that organizations should adopt a risk-based approach to manage sanctions risks and use innovative enforcement compliance technologies for identified risks.
In recent years, instant payment systems that enable the transmission of payment and the ability to provide funds to creditors have increased and developed. As a result of the high speed of instant payment and the high values of these payments, questions about the best way to implement compliance measures in the financial sector have been raised.
Compliance with a Risk-Based Approach
Each instant payment system has unique payment systems, and studies are carried out to increase the efficiency of these systems. At this point, OFAC encourages financial institutions to adopt a risk-based approach to ensure that sanctions compliance controls and technology solutions remain commensurate with the enforcement risks that come with them.
The risk-based approach it rommends includes five key components of compliance:
- Management commitment
- Risk assessment
- Internal controls
- Testing and auditing
- Training
Under OFAC 's recommendation, developers of instant payment systems should include sanction compliance considerations in their design and development processes. They should also have compliance features and tools that enable participants and users to maintain an effective sanctions compliance program. Features and tools may include:
- A messaging system between participating financial institutions to successfully communucate about concerns on sanctions.
- An exception to automated processing to allow investigations of possible enforcement concerns.
- Minimum sanction compliance expectations among members of instant payment systems in order to reduce the overall risk of sanctions.
OFAC develops and routinely updates its sanctions compliance program in line with the FATF 's recommendations. That not all financial products or instant payment systems carry the same sanctions risks, OFAC underlines that there is no "one-size-fits-all approach" to managing sanctions risks by noting.
OFAC states that the nature of payment may be related to assessing the relevant sanction risks by emphasizing the importance of complying with the Customer Due Diligence (CDD) rule.
Check Out our website to discover more insights
Customer Due Diligence | What is CDD?
Customer due diligence (CDD), one of the basic requirements of the risk-based AML approach, provides the detection of potential customer risks .
The objectives of the guide are:
- Reaffirm that financial institutions should take a risk-based approach to manage sanctions risks.
- Highlight key factors that may be relevant in determining that risk-based approach.
- Encourage the development and deployment of innovative sanctions compliance approaches and technologies to address identified risks.
- Encourage developers of instant payment systems to incorporate sanctions compliance considerations as they develop new payment Technologies.
Risk Factors in Instant Payment Systems
Domestic and Cross-Border Payment Systems
Local systems that contain only accounts held in US banks have a lower risk of being subject to sanctions than instant payment systems, which allow cross-border transactions because transactions are limited to accounts in US banks. For local banks to US regulatory requirements and audit reviews, OFAC expects to exercise due diligence to conduct risk-based due diligence at regular intervals during and after hiring its clients, including screening their clients to identify a possible sanctions link. Banks outside the US may carry a higher risk of sanctions because they may not be subject to similar regulatory requirements and scrutiny.
Nature and Value of Payment
The nature and value of payments may be related to assessing the risk of sanctions for non-payments made through instant payment systems. Payments that are consistent with previously reviewed for potential enforcement effects generally have a lower risk than payments that appear inconsistent with previous customer behavior. It can be argued that higher-value payments or payments made to foreigners for the first time may pose more risks.
Emerging Sanctions Compliance Technologies and Solutions
There are new and emerging sanctions compliance technologies and solutions that are becoming more accessible that can help to reduce a financial institution's sanctions risks. Accordingly, OFAC encourages using. AI tools and other innovative solutions strengthen information sharing among financial institutions, improve sanctions screening processes, and reduce false positives.
Integrating Compliance Features into Instant Payment Systems
For members looking to comply with enforcement regulations and prevent violations, the expectation of real-time funding to the creditor in instant payment systems can result in challenges. Therefore, to facilitate compliance, OFAC encourages the inclusion of it in the design and development process so that system developers consider compliance controls when developing new payment technologies. Such developers are also encouraged to include sanctions compliance features, tools, and contractual clauses that allow system participants to maintain a sanctions compliance program commensurate with the risks presented by the particular instant payment system.
It is expected them to use sanction tools to provide a constant program for compliance against the risks resulting from instant payment systems.
Instant payment systems can enable communication between participating financial institutions involved in processing payments to facilitate compliance with sanctions. This type of communication is often necessary to gather information about possible enforcement alerts. Without such a communication system, financial institutions may not be able to adjudicate warnings of potential enforcement concerns effectively. This can cause to process of payments without sufficient information or block or reject large volumes of transactions that do not involve an enforcement link. Instant payment systems, which allow a transaction to be removed from the automated process to provide sufficient time for the financial institution to investigate possible sanctions concerns, also help its participants mitigate their enforcement risks. In addition, determining minimum sanction compliance expectations for members in instant payment systems can also help reduce sanction risks.