Companies are forced to check whether their business contacts and employees are on international sanctions lists. Otherwise, there is a risk of high penalties and personal liability. The legal requirements can be met with software for checking sanction lists.
Paragraphs 130 and 9 OWiG and Paragraphs 13 and 14.2 StGB stipulate that companies are obliged to supervise exports. The current international conflicts increase the need for export controls to avoid law violations. Companies must be able to rule out that their business contacts and employees are on international sanctions lists. Otherwise, there is a risk of high penalties and personal liability. A complete screening and clean documentation can solve this. It is important to have a tool that can be integrated into SAP: It can check all processes and ensures an automated comparison with the sanctions lists that are always up-to-date. Guest author Marie-Helene Wessel from the Sapper Institute lists important criteria for selecting the software for checking sanctions lists.
Table of Contents
Ongoing Execution Of The Sanctions List Check
Groups, Medium-Sized Or Small Companies: They are all obliged to carry out a sanctions list check for every business contact, regardless of the country where the customer, supplier, or trading partner is based. This is an extremely extensive task for the compliance officer with a great deal of responsibility. Especially when you consider that the comparison with the lists must occur not only once but continuously during the entire process runtime, if, for example, a machine is to be produced by a plant manufacturer in several months, the recipient can appear on a list during the production process. This means that contact details on receipts must be constantly checked. In order not to endanger the business relationship and not to be liable for prosecution.
The number of data records, sanctions lists, and updates is constantly increasing. In 2019 there were more than 30 lists with over 110,000 records worldwide. In 2020 more than 600 updates were carried out. The USA alone publishes sanctions lists via the Bureau of Industry and Security (BIS) and the Office of Foreign Assets Control (OFAC), which are updated up to 300 times a year. There are lists from the EU, the UN, and worldwide countries such as Canada, Japan, and Australia. A wealth of information, the verification of which becomes an impossible task without an appropriate software solution.
What Software For Sanctions List Checking Should Offer
Several criteria should be checked to decide which software for sanctions list screening and export control is best suited to the company. In addition to the powerful SAP solution for global trade, there are smart add-ons on the market. With these, specific challenges in the SAP environment can be solved elegantly and significantly more cost-effectively. Trust in the original is great, but it is important that the provider deals intensively with the topic and the necessary content, especially in sanctions list checks. Small providers have it easier here and use the opportunity as a competitive niche provider. But what is important, how can I, as a decision-maker, separate the wheat from the chaff?
Integrability Into The Existing System Landscape
A simple implementation of the software package in the existing system landscape is a prerequisite for the acceptance and functionality of sanctions list screening using the software. In the SAP environment, the software should only have been created with SAP onboard resources so that it runs on any SAP system and can be used by any user without training. Out-of-the-box solutions also make different on-site programming unnecessary. If these requirements are met, the implementation using release-specific SAP transports and standard exits/enhancements should not take longer than a week or ten days. It is optimal if the add-on fits in so well that it can be easily adapted to the company organisation with just a few mouse clicks. This eliminates the need for complex customising projects. If users can also install the SAP add-on in their namespace, this is particularly helpful and a sign of the provider’s professionalism.
Integration Of Interfaces In The SAP System
It can have fatal consequences if the connection to the web service is interrupted during a sanctions list check and there is no message. A software solution for compliance screening must therefore guarantee fully automatic monitoring of the interfaces, for example, using a recovery tool. The tool allows all unsuccessful checks to be cached during a network disruption. It automatically reactivates the connection to the web service after a fault and processes the open data records. The integration of checks using SAP standards, such as EDI, IDOC, BAPI, etc., must also be guaranteed. Last, the response times in SAP online transactions should be in the millisecond range.
Main Functions Of The Compliance Officer
A software solution for checking sanctions lists must work as reliably as possible and guarantee the person responsible a high level of security. Therefore, users must automatically check address data in real-time in all relevant SAP modules. That means Sales and Distribution (SD), Purchasing (MM), Finance (FI/CO), and more. Since these are often export documents, the add-on should support all languages and international character formats. In cooperation with his SAP specialists, the compliance officer must be able to configure the test scenario individually for his current needs. This applies in particular to the selection of the sanctions lists for the respective clients and company codes, the recipients of the hit notifications, and the system’s reaction in the event of a hit.
A low software error rate is an important decision-making criterion so that users do not have to interrupt their work due to incorrect hits constantly. For example, Sapper is the market leader for compliance software in transport logistics. The domino tool guarantees an error rate of just 0.1 to 0.3 per thousand. Companies use this software daily to carry out 84 million transactions worldwide. The algorithm scans each word and each letter individually and can thus compensate for hearing and spelling errors and transposed letters. Even with poor data quality, it delivers hits if letters are missing or different. This means an enormously high level of security in the processes.
Sanction List Check: Dealing With Hit Handling
Action is required if a business contact is on one of the international sanctions lists. And the compliance officer should not be alone in this. The program should offer numerous and individually adaptable options to design efficient hit handling. If the algorithm finds a match, it should be possible to determine how the warning appears on the screen and who is informed. This can range from a silent alarm to a blockade for saving to an absolute block of the process in SAP.
Documentation And Reporting
How will the hit be dealt with, then? The precise documentation and reporting of which steps the responsible processor initiated after the warning is very important to prove compliance-compliant action in the event of an audit. Software for checking sanctions lists should therefore make it possible to bundle all the facts that the person responsible takes into account for his decision and thus enable the traceability of each case; for at least ten years. This documentation is indispensable for audits and new employees to get a complete picture of their predecessor’s work.
Add-On For The Sanctions List Check
Companies must be able to prove throughout the entire business relationship that their partners are not on sanctions lists. Of course, a manual check is impossible. Appropriate industry software makes the work of the compliance officer much easier. When selecting the product, it is advisable to ensure that the add-on can be easily integrated into the existing system landscape, that it automates all-important work steps for the user, and is highly customizable.