Duration 2 days – 14 hrs
Overview
This course equips compliance, operations, and technology teams to implement Targeted Financial Sanctions (TFS) and run an effective customer and transaction sanctions screening program. It covers the PH context (AMLC sanctions guidelines and screening guidance, plus BSP communications to supervised institutions), and dives into practical program components: governance, risk assessment, list management, data quality, screening technology/matching logic, alert handling, escalation/freezing actions, documentation, testing, and audit readiness.
Objectives
- Explain TFS obligations (asset freezing / prohibitions) and what “effective implementation” looks like operationally.
- Design a sanctions screening program covering customers, transactions, and payments with clear roles and governance.
- Establish a risk-based screening risk assessment (products, channels, geographies, volumes, delivery model, vendor reliance).
- Implement list management and screening processes aligned to AMLC guidance on sanctions screening (data, matching, alert disposition, controls).
- Run effective alert/hit handling (true match vs false positive), including escalation, decisioning, and documentation (audit trail).
- Design a sustainable testing and audit approach (validation, tuning, QA sampling, independent review, metrics/KRIs).
Audience
- Compliance / AML / sanctions officers; MLRO support teams
- Transaction monitoring & investigations teams; KYC/EDD teams
- Operations leaders (onboarding, payments, branches, customer servicing)
- Risk management, internal audit, QA
- IT / data / engineering teams supporting screening systems
- Vendor management / procurement (for screening provider selection and oversight)
Pre- requisites
- AML/KYC fundamentals (recommended)
- Basic familiarity with your onboarding and payments/transaction flows (helpful, not required)
Course Content
Day 1 — TFS obligations + screening program design
Module 1: Sanctions & TFS fundamentals
- Types of sanctions; how TFS differs (targeted freezes/prohibitions)
- Terrorism/TF and proliferation/PF context and why speed matters (“freeze without delay”)
Module 2: PH TFS implementation landscape (60 mins)
- AMLC sanctions guidelines & TFS requirements overview
- BSP communications to supervised FIs on sanctions screening / TFS expectations
Module 3: Governance & operating model (90 mins)
- Roles/responsibilities (compliance, ops, IT, audit)
- Policies, maker-checker, escalation SLAs
- Documentation standards and confidentiality controls
Module 4: Sanctions screening risk assessment (90 mins)
- Risk drivers: products/services, customer base, delivery channels, geographies, transaction volumes
- Define screening coverage: onboarding, periodic, event-driven, payments, batch re-screening
- Third-party/vendor reliance controls
Workshop A: Build your “screening coverage map” (where screening happens in your journey)
Module 5: Data & list management (90 mins)
- Lists/sources and update governance (who owns updates, timing, evidence of updates)
- Data quality: name fields, aliases, DOB, address, transliteration, special characters
- Record linkage (customer ID across systems) and deduplication
Day 2 — Operations, matching logic, tuning, testing, and audit readiness
Module 6: Matching logic & technology (2 hrs)
- Exact vs fuzzy matching; phonetic/approximate match concepts
- Thresholds and calibration; managing false positives vs false negatives
- Real-time vs batch screening; performance and resilience considerations
Workshop B: Define match rules by risk tier (low/standard/high) and channel (onboarding vs payments)
Module 7: Alert/hit handling playbook (2 hrs)
- Triage steps: data enrichment, resolving identity, documentation
- True match vs false positive standards; decision rationale writing
- Escalation, freezing/prohibitions actions, communications do’s/don’ts
- Case file checklist (evidence pack + approvals + audit trail)
Module 8: Testing, validation, and audit (90 mins)
- Testing types: list-update tests, scenario injections, sampling, back-testing, UAT controls
- Independent review and audit evidence expectations (what you should be able to show quickly)
Module 9: Metrics & continuous improvement (60 mins)
- KRIs/KPIs: hit rates, false positive rate, disposition time, aging, repeat alerts, data defect rate
- Tuning cycle, change control, documentation, issue management (RCA/CAPA)
