Buyer’s Guide to Name Screening Software

Name Screening is a critical part of any Anti-Money Laundering and Counter-Financing of Terrorism (AML/CFT) and Targeted Financial Sanctions (TFS) compliance program. It enables regulated entities to screen their customers against sanctions, PEPs, terrorists, negative news, and other watchlists. Name screening software makes this comparison process seamless and accurate.

This buyer’s guide discusses the significance of name screening in the fight against money laundering (ML) and financing of terrorism (FT). It explores the sanction screening regulatory requirements along with highlights on the features such as:

• Technological considerations
• Implementation process
• Process of selection of AML Name Screening software

What Is Name Screening

Name Screening means matching prospective and existing customers’ names with sanctions, PEP, and adverse media lists. These lists can be national, regional, or international watchlists. They pertain to lists of terrorists, sanctioned or banned individuals, Politically Exposed Persons (PEPs), criminals, and other wanted persons. Designated Non-Financial Businesses and Professions (DNFBPs) and Virtual Asset Service Providers (VASPs) can screen their names to rule out the presence of negative news or adverse media, highlighting any criminal conduct of a customer.

Name Screening enables DNFBPs and VASPs to determine whether a customer has any links to financial crimes or illicit transactions.

Importance of Name Screening in AML Compliance

Name screening is a vital element of sanctions screening in AML compliance. DNFBPs and VASPs must conduct name screening of a customer:

• Before establishing a business relationship
• During the course of a business relationship

to ensure compliance with AML/CFT and TFS regulations in UAE.

Regulatory Requirements Around Sanctions Screening

Cabinet Decision No. (74) of 2020 Regarding Terrorism Lists Regulation and Implementation of United Nations Security Council (UNSC) Resolutions on the Suppression and Combating of Terrorism, Terrorist Financing, Countering the Proliferation of Weapons of Mass Destruction and its Financing and Relevant Resolutions governs sanctions screening in UAE.

This law requires Financial Institutions (FIs), DNFBPs, and VASPs to search their clients’ names in sanctions lists. These customers include natural and legal persons. The customers include:

• Existing and potential clients
• Parties to a transaction
• Beneficial owners
• Natural and legal persons with whom the regulated entity has a direct or indirect business relationship

The DNFBPs and VASPs also need to take into consideration:

• The accuracy and currentness of databases (including local, regional, and international databases; in UAE, it includes the Local Terrorist List and the UN Consolidated List).
• The accuracy of information on customers and their transactions collected during the Know Your Customer (KYC) and Customer Due Diligence (CDD) process.

What Is a Name Screening Software

A name screening or sanction screening software is responsible for fulfilling sanctions screening requirements as prescribed by AML regulations.

The name screening software can be used to screen customers’ names. It allows DNFBPs and VASPs to search for their customers’ names in sanctioned individuals’ databases and relevant watchlists.

DNFBPs and VASPs can compare the names obtained from the KYC and CDD processes with the sanctions lists in the databases.

Key Features to Look for in Name Screening Software

A Name Screening software helps ensure accurate screening results that are devoid of human errors to reduce the threats of illegal transactions and customers who could potentially pose ML/FT or Proliferation Financing (PF) threats. However, without the necessary functionalities and capabilities, the name screening or sanctions screening solution is not helpful, and it must possess all the following features as a benchmark requirement:

 

1. Sanctions Database Coverage

A name screening software must cover several national, regional, and international databases. These databases must pertain to sanctions, bans, terrorists, most wanted, and other individuals engaging in illicit transactions like corruption, human trafficking, terrorism, nuclear material supply, and bribery. A sanctions screening software will help DNFBPs and VASPs to detect all the potential ML/FT and PF risks posed by their customers. For example, a customer involved in corruption has a higher risk of conducting money laundering as they would be required to wash away the illegal origin of funds to avoid detection by law enforcement agencies.

2. PEP Database Coverage

A name screening software must include the database of Politically Exposed Persons (PEPs) that is run simultaneously during the screening process. PEPs, whether domestic or international, are people with power and influence. These can be leaders of a country, judicial authorities, military officers, or similar senior officials in international organisations. Since they hold a significant public position, they may exploit the resources for personal gains. Close associates and family members of PEPs may also pose ML/FT and PF risks to the business. Ideally, name screening software is incomplete or inadequate without its ability to screen PEPs; a name screening software that covers PEP screening along with sanctions screening helps businesses save time and resources, avoiding duplication of efforts.

3. Adverse Media Coverage

Adverse Media Screening is a process where any negative news in the digital media about the prospective and existing customer is screened out. Unfortunately, adverse media screening isn’t popularised as much as name screening or sanctions screening, but it is equally important as it serves as a final combing tool to find out if establishing a business relationship with a customer would be risky from an AML compliance point of view. The adverse news relates to customer involvement or allegations of participation in bribery, corruption, fraud, human or drug trafficking, and other predicate crimes. Any mention of customers’ names in such negative news must alert DNFBPs and VASPs to conduct further investigations and deploy adequate ML/FT and PF risk mitigation measures by assigning appropriate customer risk ratings.

4. Matching Algorithms and Accuracy

A name screening software must have pre-defined algorithms for customer matching. It must also have the ability to create advanced search algorithms to improve the accuracy of search results. DNFBPs and VASPs must ensure that the search results for sanctions screening software are accurate. To achieve search result accuracy, the name screening software must have the ability to utilise “fuzzy matching”, where the extent of name spelling closeness, phonetic considerations, and variation in script names are taken into consideration prior to generating results. These algorithms guarantee the accuracy of such sanction screening software.

5. Scalability

DNFBPs and VASPs that are growing are bound to add updated databases from authorities for sanctions screening as and when their businesses expand to newer territories, having sanctions requirements of their own. DNFBPs and VASPS must select client screening software that is flexible and competent enough to suit their growing needs. It must be able to maintain its performance despite workload increases. The scalability needs arise due to a rise in the number of customers, demand for more storage capacity, and simultaneous access to the software.

6. Performance

Performance is the first feature DNFBPs and VASPs must look for in name screening software. Performance includes reliability, usability, responsiveness, and speed. A name screening software must have all these capabilities:

• Completes the tasks faster
• Generates expected results at a higher probability
• Responds well to the instructions and data input
• Doesn’t affect the operations of other integrated software and systems performance
• Easy to re-align and correct the errors
• No downtime of the software

All these points ensure that the name screening software performs exceedingly well.

7. Integration Capabilities

Businesses may have separate AML software from name screening software for other AML compliance procedures. These might relate to KYC, transaction monitoring, or other AML compliance processes. Also, the DNFBPs or VASPs might rely on CRM software for customer relationship management or employee database and payroll management. The integration of name screening software with other software used by DNFBPs or VASPs must be possible to sync data in a seamless manner. Such integration capabilities improve the functionality of software and enhance results. This feature is most useful when business needs evolve.

8. Ease of Use

Name screening software should be easy to operate; the ease of use must reflect in its daily use, and carrying out routine tasks using the software must be easy and practical. For example, data input, result reviews, downloading reports, and all such routine tasks pertaining to the use of software must be easy to carry out. DNFBPs and VASPs intending to purchase name screening software must be mindful that they buy software that is easy to use while considering the skill set of the personnel who will be operating the software; this would help in deriving the best results by using the software.

9. Customisation

Anyone would love to have a software solution personalised to their needs. Name screening software must also have this feature. When selecting name screening software, DNFBPs and VASPs should look for the customisation feature. They must ask their vendors if they can tailor the sanction screening software to suit their screening requirements. Any screening software, when it comes to implementation, needs customisation due to different industries, jurisdictions of customers, and potential ML/FT and PF risks.

10. Reporting

Reporting suspicious activity reports and suspicious transaction reports (SARs and STRs) to relevant regulatory authorities through applicable portals, such as the goAML portal in UAE, is a crucial AML compliance requirement. Name screening software must ideally enable businesses to create reports on the findings and results of name screening.

11. Audit Trail

An AML software aids businesses in creating audit trails through the reports generated by such software. All the data generated while name screening helps create an audit trail, which helps DNFBPs and VASPs keep records of the measures they take with regard to Sanctions Compliance and AML Compliance. With a strong audit trail, businesses can ensure data tracking, security, and compliance.

The audit trail generated by screening software must track the following:

• User logins
• User activity
• IP addresses
• Timestamp
• Permissions and approvals

All these records help in creating evidence of ML/FT and PF risk mitigation measures taken by the DNFBPs and VASPs, recording events, logins, operations, unauthorised access, and material errors. All these records and details are necessary at the time of AML audits or investigations.

12. Vendor Support

While selecting any software, be it for any purpose, it is essential that creators/vendors of that software offer support in the following aspects:

• Training for using the software
• Fixing bugs and inefficiencies
• Real-time answers to queries and doubts
• Implementation and integration assistance

DNFBPs and VASPs must be mindful of the support services the name screening software vendors are providing. They must ask if these support services are available throughout the contract or for a specific duration. DNFBPs and VASPs must also inquire about the medium of support – phone, email, or a visit by an executive. Vendor support for name screening software is essential to ensure the solution performs as expected.

Name Screening Software Technological Considerations

 

Besides the operational and functional features, the name screening software must also have technological capabilities.

On-premise vs Cloud-based AML Software

The foremost factor is selecting between an on-premise and a cloud-based AML software. Both have pros and cons, but DNFBPs and VASPs must decide which one to choose depending on their needs. DNFBPs and VASPs must consider the following factors:

• In the case of an on-premise solution, the customer data stays on DNFBPs and VASPs’ physical infrastructure, ensuring confidentiality and security.
• On-premise AML software allows more customisation and integration with existing applications, leading to daily operations running smoothly without disturbance.
• Cloud-based AML software can adapt quickly to changing workloads due to higher scalability. Even if data volumes increase or business grows, DNFBPs and VASPs can scale their software.
• Cloud-based AML software does not include upfront infrastructure and hardware fees. Maintenance costs are also low, making it cost-efficient with super capabilities.
• Cloud-based AML software makes collaboration and coordination easier across geographies.

Comparing the various pros and cons of on-premise and cloud-based sanction screening software helps DNFBPs and VASPs reach a more informed conclusion.

Compatibility with Existing IT Infrastructure

When DNFBPs and VASPs introduce name screening software, it must be compatible with the existing IT ecosystem. If not, it will disrupt the performance of the existing IT infrastructure. So, you must check for compatibility features in the new software.

If it is compatible, it increases the ease of using it. More compatibility ensures no disruptions or downtime, leading to increased efficiencies. Compatibility between the IT elements also improves the user experience. DNFBPs and VASPs must check the compatibility feature of the name screening software.

Data Security

Data security is a crucial concern when using any technological solution. Since the software has loads of customer data, its safety is at risk. Technology hacking and its accessibility to multiple users increase the data’s exposure to illegal use.

DNFBPs and VASPs must enquire with the vendor about the following:

• Secure data centers
• Built-in disaster recovery feature
• Data backup facilities
• Real-time database replication

DNFBPs and VASPs must be mindful of the data encryption, redaction, and storage facilities.

Reliability and Disaster Recovery

While considering name screening software from potential vendors, DNFBPs and VASPs must look for disaster recovery and business continuity features. This means that if the software stops working, what is the plan to recover the lost data and continue operations? This can be called the software’s risk management plan.

This is where the solution’s reliability comes into the picture. Technology must be mature enough to handle disasters. The vendor must plan for relevant upgrades, updates, and changes. Moreover, the vendor must have support plans in times of severe technological disruptions. The sanctions screening process must continue without any hiccups.

Name Screening Software Implementation Process

DNFBPs and VASPs must have the operational and technical criteria to look for in the name screening software. They must check the presence of all those features and, if possible, test each. Once they finalise the name screening software, the implementation process is also crucial. DNFBPs and VASPs must follow the below steps for a successful software implementation:

 

Setup and Configuration

The first step is an analysis of the entity’s existing IT infrastructure. They have to assess the existing hardware, software, and network in place prior to setting up name screening software in this environment. Doing so will give an idea of the compatibility issues DNFBPs and VASPs might face. Further, the software needs to be configured with the risk-based approach adopted by the entity, and the mandatory sanctions lists must be taken into consideration. DNFBPs and VASPs must set the workflows, define user roles, and allocate permissions.

Data Migration

In the next step, data migration occurs from the existing system to the new one or is manually entered into the new name screening software. Before migrating data, handle the following:

• Evaluate the existing data structure
• Map the data fields and relationships
• Identify the changes businesses need to make to feed the data into the new system
• Extract data from the old system and make relevant formatting changes
• Data cleansing and verification are essential to avoid wastage of time and effort

When DNFBPs and VASPs ensure all of the above, they can migrate the data.

Integration

Now, the screening software must integrate with the existing point of sale, CRM, and ERP systems. Such integration will ensure perfect compatibility between the existing IT infrastructure and the new software. It means a seamless flow of data between them. Integration includes necessary adjustments, the need for new tools, defining the data flow process, and other aspects. Based on these requirements, DNFBPs and VASPs must identify the APIs necessary to make integration possible.

Testing

Testing the name screening software is essential before its actual use. The testing relates to the following:

• Functionality testing
• Usability testing
• System integration testing
• Data migration testing
• Data security testing

All these tests help DNFBPs and VASPs identify bugs, flaws, difficulties, inefficiencies, and aspects of the sanctions screening software that require fine-tuning. With the help of the vendor, DNFBPs and VASPs can improve them on time before going live with the name screening software.

Training

User training is a crucial element of the software implementation process. DNFBPs and VASPs must ensure that the vendor provides training to actual users. This helps harness the full benefits of the new screening software.

Training helps equip employees to use new software. The actual team using the software must have adequate training in all aspects of the software. This team must know all the features and functionalities of the software. They must know how to contact the customer support team, provide feedback, and resolve queries. DNFBPs and VASPs must also conduct training at the time of the addition of new features or integration of new tools for extended use.

Ongoing Support

The last step of the software implementation process is ongoing support. DNFBPs and VASPs must ask for ongoing support from the vendor. As and when there is an issue or confusion, employees can ask questions to the support team. Ensuring ongoing support is necessary for the efficient use of the software.

How to Choose a Name Screening Software

Businesses must follow the step-by-step procedure to avoid making a wrong selection that can lead to problems later. Follow the below steps while choosing the name screening software:

 

1. Document Business Requirements

The first step is knowing the AML compliance and sanctions compliance needs.

DNFBPs and VASPs must know:

• The purpose and extent of the name screening solution
• Mandatory sanctions, PEP, and adverse media lists the name screening software must support
• Customisation requirements, if any
• Integration requirement, if any
• Objectives the business aims to achieve with it
• Approximate budget for the name screening software

DNFBPs and VASPs need to ensure all personnel and the AML compliance officer involved in name screening contribute to the enumeration process of these business requirements.

2. Research Potential Vendors and Their Name Screening Software

The next step entails researching vendors. Businesses can construct a list with all the vendors’ names, solutions, and features. Compare these vendors based on the presence of essential characteristics, extra benefits/capabilities, and price.

Compare the following aspects of sanctions screening software:

• Price
• Functional capabilities
• Technical capabilities
• Data security
• Ease of integration with existing software or third-party tools

Some nice-to-have parameters can also be considered during comparison:

• User experience
• User interface
• Operability on mobile platforms
• Implementation support and other support services

Based on all these factors, DNFBPs and VASPs can compare vendors and their software products.

3. Vendor Demonstration

DNFBPs and VASPs must ensure that vendors showcase all the technical, operational, and functional features of the sanction screening software. These parameters must address each of their business requirements. They must also check if the software aligns with their compliance requirements and business objectives.

4. Check Customer References

DNFBPs and VASPs must also check the customer references of shortlisted vendors. This is an important parameter for reaching a final conclusion. DNFBPs and VASPs might also get great insights from such reviews.

5. Negotiate and Finalize

DNFBPs and VASPs must meet these vendors and discuss financial and other necessary aspects. During negotiations, DNFBPs and VASPs must discuss the following:

• Customer support services
• Implementation assistance
• Training programs

These discussions will lead to the finalisation of the vendor and the name screening software.

Conclusion

The DNFBPs and VASPs must document their requirements and regulatory framework regarding Targeted Financial Sanctions and other compliance requirements. This will help them choose and implement the best sanctions screening software.