June 29, 2022

Negative News Screening (NNS) or what used to be called Adverse Media Screening or Bad Press Searches is an important part of Customer Due Diligence (CDD). Facts are key in CDD and what is written about a company or person might reveal facts that the Financial Institution (FI) had not found itself or might describe opinions that influence the risk based decision around accepting or keeping a client.

It is however a process that is more art than science. Technology can help but ultimately humans need to make decisions about how relevant published news is, taking into account how old the ‘news’, how reliable the text and how reputable the source is while holding all this information against the risk appetite of the FI.

At the same time this is arguably the CDD process that is most labour intensive; a well known director or a sizeable company will easily get thousands of hits in the press, reading it all and deciding on relevancy and impact is no easy feat.

The FAQ document published recently by the Wolfsberg Group (WG) <https://www.wolfsberg-principles.com/sites/default/files/wb/Negative%20News%20Screening%20FAQs%20%282022%29.pdf> intends to advise FIs in this area. And it does – of course – but… is it all helpful?

The tone is set in Q1: there is no universally agreed and accepted definition of Negative News. But for the purpose of the document it’s defined as “information available in the public domain which FIs would consider relevant for the management of Financial Crime risk”. FIs that hope to find Do’s and Dont’s and an exact description of how to implement NNS will be disappointed, the document gives guidance indeed but FIs still have to figure out a lot on their own.

It’s useful though that the WG guides FIs to the level possible for instance to ensure an FI takes into account the risk category and the risk stage in assessing news about clients, directors and UBO’s. It’s a good thing as well that not only effectiviness of measures is taken into scope but also the efficiency. What’s missing though is the 3rd element of the ‘good/cheap/fast triangle’ which is the speed of the review and potential client impact. NNS is a part of KYC in which judgement and risk appetite re a client’s exposure in the press play an important role, needless to say this might impact customer experience.

Q4 talks about how to perform NNS without needing excessive manual resources, hinting at the considerable amount of manpower many FIs dedicate to NNS. Also here there are some tips and tricks but there is no conclusive answer. Finding potentially negative news – based on predefined keywords and criteria – is easy, interpreting the findings is the challenge and that can hardly be automated.

The WG gives some criteria – availability and creditibility in Q13 and Q14 – that FIs can use to select potential sources for use in NNS but there’s very little guidance on what todo  with and how to use social media. Based on some research it would be good to get a list of sources that the WG considers industry best practise so FIs that start or want to improve their NNS practise can use that as a basis instead of starting from scratch. Another element that is not touched upon is a natural bias in publications based on exposure and how ‘attention seeking’ people are; somebody that is out there more often and gets a lot of potential NNS hits is not necessarily less trustworthy or more suspicious than somebody that lies low and avoids public exposure.

The evaluation criteria in Q17 give a good start for FIs to assess their NNS framework and practise but – as said – a more detailed guidance on what industry best practise looks like would be welcome.

The section on internet search engines in Q18 – 20 is a bit basic but a good start. One element that’s hardly touched upon is the fact that – based on experience – the teams implementing search engines, AI and other tools (for the sake of ease let’s call them the IT-team) and the compliance team ‘come from different planets’. The compliance team wants to see ‘all relevant news’ but is often not able (or willing) to define in terms of keywords, search criteria and logical operators what relevant is, while the IT-team understands the mechanisms of the tooling but lacks the subject matter expertise to parameterize the engines. Anyone who has been in meetings where these 2 worlds meet and try to arrive at a solution, know there is a distinct need for data scientists and AI experts with content knowledge and subject matter expertise.

In Q22 on the difference between Rules Based and Risk Based approach the document mentions “Consideration should be given to the level of alert investigation needed and the knowledge and skills required by investigators”. Well… that’s a bit of an understatement in our view. What happens in real life is that for reasons of auditability and control at least 2 and often 3 pairs of eyes validate discarding an alert, not even taken into account a likely QA review after the  fact on a periodic basis. That makes the process expensive, lengty and slow and not necessarily better. It would be worth considering taking out process steps that build in control but limited additional quality and replace that with giving more authority to highly skilled analysts that handle alerts in a 1-step process only monitored by a periodic quality assurance and of course a periodic audit.

As for the use of Artificial Intelligence the report is a bit light, and the used terminology is at times not completely consistent; on page 8 for instance “Internet-based NNS” is mentioned leaving the  reader to wonder if there are still FIs that do NNS without using the internet. If we compare AI applied in NNS for instance with the AI used in advertising it’s obvious a lot of improvements in NNS are still possible.

The FAQ do not cover a lot on disinformation and socially media. That’s a broad topic in itself and it’s difficult to give guidelines in this respect, but it touches on the fact that ‘news’ has 2 dimensions. First of all it’s the facts itself then there is the reaction and opinion of the public on the facts. If a director of a corporate client is only suspected of embezzlement, he’s still innocent. The facts don’t call for any action from the FI. However, if the audience on social media gets all haywire on this suspicion it might mean the director becomes a ‘persona non grata’ for the organization anyway. Related to that is fact that the time element is missing, the opinion on certain public figures can change overnight; see the change in opinion on Vladimir Putin since the invasion of the Ukraine or a bit a longer ago I remember something similar happening to former president Mubarak who was once a reputable client of many western banks until the Egyptian Revolution broke out.

Finally, Q29 gives a good summary and any leader, manager or expert working in the field of NNS should take the report serious. For an insider it might not give a lot of new information but it gives a good overview.

As a conclusion a few points:

  • NNS improves the FI’s understanding of a client and can improve the assessment of risks and mitigating measures;
  • NNS needs an intelligent approach; more use of Artificial Intelligence can be made but also in the manual steps an intelligent approach is required. More control and more ‘checkers that check the checkers’ is not the answer. More training, intelligent process design, good QA and delegation of authority to specialists are recommended in our view;
  • the WG is not conclusive on multi (local) language screening; although not easy it is a must in NNS;
  • the FAQ document is a good start while a guideline with more detailed industry best practise would be welcome. NNS is common practise but in many FIs it’s still in it’s infancy and help is much needed to guide these firms;

FIs should take a pragmatic approach, focus on training analysts, apply AI where possible and should not fear to miss negative news. From the outset it needs to be accepted that not all bits and pieces of information about a client can be found, analysed and assessed. NNS is important but only supports the more formal parts of CDD and only helps to build a better understanding of a client.