What is corporate screening in AML?

Corporate screening is an essential process for ensuring the safe provision of financial services to other businesses. Choosing the right corporate screening solution requires a comprehensive understanding of the process’ objectives and inherent challenges.

This article will cover:

• How corporate screening works and why it matters.
• The challenges with deploying corporate screening practices at scale.
• Best practices worth adopting and how technology can help.

What is AML corporate screening?

Corporate screening involves verifying, assessing, and assigning a risk score to companies with which businesses transact. This process encompasses any individual or entity that might represent the company, including employees, partners, and ultimate beneficial owners (UBOs).

Typically, these processes are part of the know your business (KYB) and anti-money laundering (AML) practices all financial institutions (FIs) are obligated to adhere to. However, they also protect businesses from various forms of economic and corporate fraud and the risk of reputational damage accompanying such threats.

Crucially, when executed rigorously and effectively, corporate screening processes prevent criminals and terrorists from using fake corporations to launder money, defraud legitimate businesses, and finance terrorist activities.

AML regulations and requirements for company screening

Regulations governing the need for corporate screening are implemented globally. This section outlines the key regulations in different regions.

Corporate screening regulations in the United States

In the US, KYB requirements were first specified by the Banking Secrecy Act (BSA) of 1970. This act aimed to prevent money laundering by drug traffickers and cartels, requiring organizations to investigate the beneficiaries of the businesses they dealt with.

The Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (PATRIOT Act) of 2001 expanded these requirements, ensuring firms collect and validate the identities of the individuals they do business with.

In 2016, the Financial Crimes Enforcement Network (FinCEN) published further regulations stating that businesses also need to authenticate the status and identities of ultimate beneficial owners (UBO) as part of customer due diligence (CDD).

Additionally, businesses must scan the Office of Foreign Assets Control’s (OFAC) sanctions list to ensure they are not working with companies or individuals mentioned in it.

Corporate screening regulations in the United Kingdom

In the UK, businesses face comprehensive requirements for corporate screening under multiple regulations. These regulations mandate businesses to implement robust risk-based approaches to AML and counter-terrorist financing (CTF), including CDD, ongoing monitoring, and enhanced due diligence (EDD) for higher-risk clients. Key regulations include:

• Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017: Requires businesses to conduct corporate screening by verifying the identity of corporate clients, understanding the nature of their business, and identifying UBOs. It mandates ongoing monitoring of business relationships and transactions to detect and report suspicious activities and EDD for higher-risk clients, including more frequent reviews and deeper investigations.
• Proceeds of Crime Act 2002: Necessitates corporate screening to ensure businesses do not engage in activities connected to the proceeds of crime. It provides a framework for the confiscation of criminal assets and mandates the reporting of any suspicious activities that may be connected to criminal proceeds, requiring businesses to scrutinize and monitor client activities closely.
• Terrorism Act 2000: Mandates corporate screening by criminalizing involvement in terrorism-related activities and requiring businesses to ensure their services are not used for terrorist financing.
• Terrorist Asset Freezing Act 2010: Requires corporate screening to ensure businesses do not facilitate the transfer or use of frozen assets of individuals and entities involved in terrorism.
• Transfer of Funds (Information on the Payer) Regulations 2017: Requires accurate information to accompany fund transfers to ensure traceability. Businesses must collect and verify information about the payer and payee to prevent money laundering and terrorist financing, making corporate screening a critical compliance component.

Corporate screening regulations in the European Union

In the EU, corporate screening requirements have evolved through various directives and guidelines, primarily focusing on AML, know your customer (KYC), and corporate governance standards. The foundation of these requirements was laid by the Anti-Money Laundering Directives (AMLDs):

• The Fourth Anti-Money Laundering Directive (4AMLD) required companies to maintain and provide access to beneficial ownership information (BOI), expanding the scope of regulated entities and introducing stricter CDD measures. 
• The Fifth Anti-Money Laundering Directive (5AMLD) further enhanced transparency by tightening controls on virtual currencies and prepaid cards and mandating EDD for high-risk third countries and politically exposed persons (PEPs). 
• The Sixth Anti-Money Laundering Directive (6AMLD) clarified the definition of money laundering, extended criminal liability to legal entities, and introduced tougher penalties.

Additionally, KYC regulations in the EU require businesses to verify the identities of their customers before establishing business relationships. This involves understanding the nature and purpose of the business relationship, maintaining accurate and up-to-date customer information records, and reporting suspicious transactions to the relevant financial intelligence units (FIUs).

The General Data Protection Regulation (GDPR) also impacts corporate screening processes by setting stringent data protection and privacy standards. Companies must ensure the lawful processing of personal data, often requiring explicit consent from individuals, and implement robust data security measures. Individuals have the right to access, rectify, or erase their data.

Enforcement of corporate screening regulations in the EU is carried out by national regulatory authorities, with oversight from EU bodies such as the European Banking Authority (EBA) and the European Securities and Markets Authority (ESMA).

How does corporate screening work?

Similar to the customer screening procedures organizations must undertake before conducting business with consumers, corporate screening involves a series of checks to ensure all the parties involved are who they say they are and aren’t known criminals. However, with corporate screening, firms need to run these checks on companies and all the relevant people associated with them.

Corporate screening, therefore, includes several key components: 

1. UBO checks: Companies must acquire, record, and supply complete, up-to-date information such as the customer company’s registration number, name, address, and official status. They also need to verify the identities of top management employees and determine all-natural, legal persons who directly or indirectly own the business, verifying the number of shares they own and how much management control they have to determine the UBO. Anyone identified as a UBO must then be run through appropriate due diligence checks as per AML/KYC requirements.
2. Sanctions screening: Corporate screening also entails cross-referencing every involved individual and business entity against sanctions lists (such as the OFAC Specially Designated Nationals (SDN) list in the US) to determine whether they are known criminals. If they are on these lists, businesses must either subject them to EDD procedures, report their involvement to the relevant authorities, or cease transacting with them.  
3. Adverse media screening: Businesses should also conduct routine scans of news media worldwide to ensure that no parties involved in the customer business’ ownership chain – or indeed the business itself – appear in negative news stories that may implicate them in criminal activity. This process must also include screening news media in multiple languages, focusing on the locations where UBOs are identified as operating.

Common challenges of company screening in AML

Even though all financial organizations must establish B2B relationships with customers, corporate screening is a complex and intensive process that throws up various investigative and organizational challenges. Some of the most common include:

• The skill of criminals: Firms need to be particularly rigorous regarding corporate screening because criminals are particularly sophisticated when hiding their involvement in illicit transactions. Compliance teams need to uncover the true chain of ownership and identify whether or not any criminals are hiding behind other entities to commit financial crimes. Anything less results in significant penalties and severe reputational damage.
• The dynamism of risk: Firms need to be able to effectively screen their business customers before the start of the relationship and continually adjust the risk score assigned to each customer over time. While a client’s business may pass an initial check, the entire web of entities and individuals around it may change subtly or substantially throughout the relationship. Any time this happens, it exposes the business once again.
• The scale of screening: At an organizational level, firms need to establish teams, processes, and tools that can handle the complexity and scope of corporate screening. If too many of these processes are conducted manually or slowly, the overall efficiency of the compliance organization suffers. Moreover, it becomes harder to scale the compliance team as the business grows because the costs of inefficient screening efforts make it harder to onboard new team members.

Best practices for corporate screening

Given the non-trivial challenges of running and scaling corporate screening procedures, it’s worth considering the following best practices:

• Define policies with a risk-based approach: Every business needs to determine its own approach to risk management before outlining its procedures. By determining the kinds of risk the business is willing to tolerate, which risks it cannot abide by, and the resources it’s able to commit to the effort, it becomes much clearer which policies and procedures need to be implemented for corporate screening. Documenting these principles and processes helps operatives make decisions faster.
• Invest in employee training: Conducting corporate screening with the rigor and tact required takes finesse and nuance. Businesses can overcome the most important hurdles in scaling such an operation by investing time and effort into properly training and retraining staff. It helps employees conduct investigations more effectively and gives them the tools they need to navigate client relationships in a way that will ultimately serve the business in the long run.
• Score risk dynamically: In the interest of short-term efficiency and quickly onboarding corporate clients, some businesses treat risk scoring as a one-and-done activity conducted at the start of the relationship. In practice, this simply exposes firms to penalties and reputational damage when they fail to adjust to new developments that could undermine that risk score. Firms should ensure they’re using technology to update risk scoring dynamically throughout the relationship.  

The importance of advanced technologies

Effective corporate screening involves a massive scale of investigative effort, documentation requirements, and dynamic risk scoring.

Technology can help firms analyze more information rapidly, document processes more accurately, and dynamically update the status of all parties involved with client businesses in a way that manual efforts simply cannot keep up with.

Specifically, AI and machine learning can help firms navigate sanctions lists and adverse media far more efficiently than manual efforts can. Sophisticated software ensures employees have all the information they need at their fingertips rather than switching inefficiently between multiple screens and systems.

AI-driven solutions for company screening

Businesses of all sizes work with ComplyAdvantage to screen corporate clients more effectively and rapidly. Some of the top benefits firms experience include:

• Efficient automation of screening and continuous monitoring: Streamlined processes are achieved through automation for adverse media and sanctions screening. Continuous monitoring also ensures ongoing compliance, enabling firms to keep up with the latest regulatory requirements.
• Customizable screening parameters: Firms can tailor screening and monitoring setups according to their unique risk-based approaches and policies. This customization ensures that the service fits seamlessly into the company’s existing operational framework.
• Centralized information display: With ComplyAdvantage, all critical business information is accessible from a single screen. This centralized approach not only simplifies the review process but also aids in maintaining a comprehensive audit trail of every decision made, simplifying compliance and review processes.