Know Your Customer is a tremendous challenge to financial institutions amid today’s increasingly sophisticated financial crime and money laundering schemes, and the cost of non-compliance is expensive. In the first six months of 2021, The US issued more than $711 million of fines to financial institutions (FIs) for non-compliance with Anti-Money Laundering (AML), Know Your Customer (KYC), and data privacy regulations.1 At ModusBox, we are committed to helping FIs create efficiencies in their business by removing the complexities of manual processes and risks resulting from human error. To do so, we partnered with one of our credit union customers to build automated OFAC screening into our API-led PortX Integration Platform for community banks and credit unions. In this blog, we share the three challenges FIs experience from manual OFAC screening and how to eliminate those challenges by following the API-led integration approach.
First, what is OFAC screening?
According to the US Department of the Treasury, the Office of Foreign Assets Control (OFAC) is responsible for administering and enforcing economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy, or economy of the United States.2 In other words, OFAC screening is part of the KYC laws that govern the financial industry and require that FIs verify the identity of both their customer and the recipient of money transfers by screening against multiple lists of blacklisted individuals and companies.
Three risks and inefficiencies of manual OFAC screening
Unfortunately, KYC is an increasingly difficult challenge in our post-pandemic economy because consumer financial behavior has shifted from in-person to primarily conducting transactions online or remotely. Additionally, government aid and stimulus payments are popular targets for hackers. According to a recent report from Giact, losses from identity theft increased 42 percent from 2019 ($502.5 billion) to 2020 ($712.4 billion) fueled by unemployment identity theft.3
The OFAC screening process is ripe for human error. When initiating an inquiry, some of the manually entered fields available to the FI are “Type,” “Name,” “ID#,” “Program,” “Address,” and “List.” The options also include a minimum name score – which allows a user to set a threshold (i.e., a fuzziness rating) on a sliding scale for how close the returned match is. However, while this fuzzy logic ensures that partial matches are returned in a query, it may still require manual review from a manager at the FI to complete the approval.
Lastly, if your organization is evaluating an automated solution, there are two options: purchase an existing solution or develop a customized in-house application. Unfortunately, most commercial solutions are inflexible and expensive, resulting in vendor lock-in and reduced capabilities. In-house developed tools take time and effort to build, using valuable technical resources that could be utilized on high-priority projects.
The benefits of automating OFAC screening with the API-led approach
One of our partners, Sound Credit Union, based in the Seattle, WA market, built an open source tool to automate their OFAC screening process. The software utilizes the payment receiver’s information, already entered into the application by either the credit union employee or the member, and automatically runs the query against an updated, cached version of OFAC’s lists stored locally, ensuring accurate and fast results.
Besides being open sourced, what makes this solution exciting is that the credit union easily integrated it with its internal systems via an API. Over the last four years, we have worked alongside Sound CU to digitally transform its core banking integration architecture and continue building the capability of adding new technologies and Fintech partners rapidly.
If you would like to learn more about how Sound CU built this architecture, check out our webinar with David Wexler, ModusBox CEO, and Martin Walker, VP Digital Experience & Innovation of Sound CU.
The API-led approach is a well-recognized industry best practice. However, since Sound CU is a PortX Platform customer, we packaged its open source OFAC screening solution as a microservice built into PortX’s infrastructure, enabling the feature to be turned on or off based on the needs of other PortX customers.
Besides eliminating the complex, manual steps and reducing the risk of human error, PortX tools provide a single pane of glass for the FI to track OFAC screening results, establish customized rules according to the organization’s business logic, and the ability to override positive or partially matched results.
And, since PortX is built following API-led design, other departments can access and use new solutions through microservices connected via reusable APIs. This is an example of the kinds of reusable microservices we are building into PortX to address common requirements in financial systems.
If you would like to learn more about automated OFAC screening or our other PortX solutions for financial institutions, you can read more about Payment Manager and our banking core integration solution. Or start a conversation with a member of our team today.