The Bank of Lithuania outlined key deficiencies of sanctions-related control measures for financial market participants

On the 21st of July, the Bank of Lithuania published a report on the implementation of international sanctions and restrictive measures within financial market participants. Drawing conclusions from the analysis of 20 banks, electronic money institutions and payment institutions, the report outlined key deficiencies of sanctions-related control measures and provided guidance on how these controls can be further improved to ensure compliance.

According to the report, proper implementation of international sanctions relies on an effective internal control framework that shall contain at least the following elements:

1. a designated employee responsible for the execution of international sanctions compliance program,

2. internal sanctions compliance policy and control procedures,

3. databases, systems, resources and/or other tools utilized for the implementation of international sanctions,

4. effective, ongoing sanctions risk management, and keeping up to date with the latest information regarding international sanctions.

The measures implemented by the financial market participants shall be reviewed periodically, and their effectiveness shall be assessed to ensure that the previously implemented measures are relevant and suitable following any changes to its business activity, increase to the number of clients or transactions performed by them, etc.

Before deciding on the methods of implementing international sanctions, financial market participants should assess their suitability taking into account the content and the scope of applicable international sanctions, own business model, the nature of services and products provided, the customer base, geographies served, locations where customers reside (are registered) and locations to or from which the operations are carried out.

Financial market participants should constantly monitor information about international sanctions and assess the risks of international sanctions that they face when conducting their business activities. They are required to check clients for compliance with international sanctions, restrictive measures, both before establishing a business relationship with the client and throughout the duration of the business relationship.

When managing the risk of international sanctions, financial market participants must assess all risks, even if the probability of their occurrence is low.

In the light of this, we recommend that you read the report carefully and:

1. perform gap analysis/audits of your own sanctions’ compliance program (SCP). Each SCP should be based on the particular risks of the organization and should incorporate a commitment by senior management, an institution-wide risk assessment process, a system of internal controls, a testing and auditing function, and an effective training program.

2. remediate the deficiencies, if any, and

3. perform sanction training for the staff. The organization must commit to ensuring that, upon learning of a confirmed negative testing result or audit finding, or other deficiency pertaining to its SCP, it will take immediate and effective action to provide training to or other corrective action with respect to relevant personnel. An effective training program is an integral component of a successful SCP. The training program should be provided to all appropriate employees and personnel on a periodic basis (and at a minimum, annually) and generally should accomplish the following: (i) provide job-specific knowledge based on need; (ii) communicate the sanctions compliance responsibilities for each employee; and (iii) hold employees accountable for sanctions compliance training through assessments. An adequate training program, tailored to an entity’s risk profile and all appropriate employees and stakeholders, is critical to the success of an SCP.

Should you require any assistance with the above, we are here to help. ECOVIS ProventusLaw  team of certified sanctions experts, experienced trainers, and AML/CTF compliance experts regularly provide bespoke, risk-based sanctions and AML/CTF compliance solutions for businesses and financial market participants in line with the local and regional regulatory requirements and best practices. Our services may be provided in English, Lithuanian, Russian, and Mandarin Chinese.

Newsletter SubscriptionGet in touch