This article will reveal why non-regulated companies are turning to sanctions screening (also called sanctions checking). And the best way to get started is to create a tangible example of a typical company under elevated risk for failing to follow basic AML processes.
How This Unregulated Company Is Under Elevated Risk
Company A is an SME operating in the software space, specializing in marketing automation technology. It has a workforce of around 50 employees in the UK (where its HQ is) but also in the US and some other jurisdictions.
Their customers, as do their business partners, such as suppliers and vendors, come from around the world.
Company A has yet to grow enough to employ a dedicated compliance manager. And who has compliance duties still written in their job description? You guessed it: the CEO with a million other things on her plate. However, she also has help from the company's IT operations manager.
But something has slipped through the cracks: The company's Know-Your-Customer (KYC) processes are woefully basic and have yet to develop in line with the increasing money laundering and sanctions violation risk profile.
Company A is collecting the following information from its customers:
- Full Legal Name
- Date of Birth
- Residential Address:
- Contact Information
- Business Information
- Payment Details
But there is a glaring problem.
Unlike regulated industries such as banks, fintechs, and payment processors, Company A has yet to start screening its customers and business partners. Crucial AML processes, such as sanctions screening, are missing, and they don't know if their customers appear on sanctions lists.
And the problem is about to get worse. Why? Because word is spreading on the dark web.
Money launderers within criminal networks, many of which appear on the major global sanctions lists or are from jurisdictions on those lists, have identified Company A as an easy money laundering target.
In the next section, we'll look at what could happen.
A Closer Look At The Risks and Future Problems 'Company A' Faces
We just revealed that money launderers have identified Company A's inadequate KYC processes. And although this is just an example, let's assume nefarious actors got to work using Company A as a cog in its illegal, dirty money-cleaning machine. Here are some of the tremendous risks the company now faces:
Money Laundering Risks
Financial criminals such as money launderers often target companies with insufficient KYC processes, such as those that don't perform sanctions checks on their customers. And what likely scenario is about to hit Company A as hard as a runaway mine train?
A money launderer targets Company A's software product and intentionally overstates its usage. They exaggerate the number of users, transactions, or resources required for the software.
The following crucial event now occurs: They pay upfront for the exaggerated usage levels using illegal funds.
After some time, the money launderer seeks a partial refund for their overestimated services (but they are not canceling). Company A, wanting to retain a customer bringing in monthly revenue, agrees to the partial refund.
And voilà, criminals just got legitimate money sent to them and a genuine receipt of where it came from. This request for a refund is, of course, part of their strategy to legitimize their illicitly obtained funds in the layering stage of money laundering.
Company A is now exposed to severe legal consequences. The bottom line is this: Even a basic sanctions screening process, acting as an extra layer of defense, could have helped identify money launderers before they even had a chance to apply their financial trickery.
This section will focus on how non-regulated businesses can easily trip up and break sanctions laws. In this sanctions.io article, you can learn more about why sanctions compliance matters to all companies - not only regulated ones.
In the Company A example, given how sanctions screening is absent in the KYC process (for new and current customers), it's as clear as night and day how sanctions violations could occur, especially with its global customer base.
And let's assume they did occur.
Should they be worried? In one word: Yes. You see, there is a common misconception that only large companies are punished for sanctions violations, for example, Microsoft's $3.3 Million fine for sanctions breaches in 2023.
But the reality is that sanctioning regimes also target smaller companies that commit violations.
Following the rapid increase in global sanctions due to the 2022 Russian invasion of Ukraine, there is increasing scrutiny on how companies follow sanctions laws. For example, in the US, in early 2023, the Department of Justice (DOJ) announced that it plans to hire over 25 new prosecutors to punish companies that breach sanctions laws.
However, what does all this mean for our example, Company A?
As previously mentioned, this software SME is based in the UK but holds legal registration in the US, too. Therefore, Company A must comply with sanctions laws from the US and the UK, including:
And let's assume a sanctions breach has occurred at Company A. It's now at high risk of the following devastating scenarios:
- Damaging legal quagmires
- Hefty financial penalties
- Tremendous reputational damage
In this article, we cannot examine all the harmful ramifications of committing sanctions violations. But to provide an example, in 2023, the UK's Office of Financial Sanctions Implementation (OFSI) announced it had used its new power for the first time - publicly naming (inflicting reputational damage) a company that committed a less severe sanctions breach.
How To Begin Screening for Sanctions
It's now clear why many non-regulated companies increasingly need to screen their customers against sanctions lists. But what's the best way to get started?
First, completing an AML risk assessment is a smart move - you can learn more about them in this sanctions.io guide. But here's some advice: For non-regulated companies especially, it's essential to keep it simple (follow the KISS principle) and not overcomplicate the process.
Here's how to significantly mitigate your company's money laundering and sanctions violation risk exposure right now: Use a sanctions screening service such as sanctions.io.
It can be as easy as manually uploading a template-based .csv file with your data - and within seconds, you will know if any of your clients appear on global sanctions lists. For companies wishing to integrate a sanctions screening solution within their current systems - that's easy, too, with sanctions.io's ultra-fast API.
And the key takeaway is this: Companies - especially smaller businesses in non-regulated industries - can implement sanctions screening processes for as little as around 1 dollar a day with sanctions.io.
This relatively small investment is a no-brainer considering all the damaging legal, financial, and reputational risks associated with sanctions violations and money laundering offenses.
What To Do Next
If your company is concerned about money laundering and sanctions violation risk, sanctions.io's simple, reliable, and cost-effective solutions are already helping companies like yours worldwide with their screening needs.
To learn more about how our sanctions, PEP, and criminal watchlist screening service can support your organization's compliance program:
We also offer a free 7-day trial (no credit card is required) and will be delighted to walk you through our service. sanctions.io is a highly reliable and cost-effective solution for sanction checking. AI-powered and with an enterprise-grade API with 99.99% uptime are reasons why customers globally trust us with their sanctions screening needs.