Leveraging Unique Datasets for Next Generation Compliance Programs

There are spaces where some of the world’s largest companies must operate shoulder to shoulder with bad actors, known and not.

Nearly 20,000 sanctions have been levied against Russian assets since Putin and his leadership team decided to invade Ukraine in February of 2022. The reality of economic expansion despite historically unprecedented levels of sanctions paints a clear picture of why sanctions are no longer a reliable, comprehensive tool for identifying and disrupting poor behavior. 

Sanctions are showing their age as a leading indicator of poor behavior. Unique datasets that focus on illicit networks, identifying individuals and companies before they are sanctioned, allow compliance and enterprise risk management professionals to lean into the transparency required of next generation compliance programs.

Sanctions origins and the evolution of global economic interdependence.

Sanctions are showing their age as a WWII era weapon of economic warfare. Over 78 years have passed since the foundation of the United Nations – the multilateral body that underscored the necessity for economic interdependence. War is less likely as long as countries are more interconnected through trade, investment, and the mutual benefit of working together to grow. Against this context, sanctions were a powerful tool to coerce compliance. In today’s multipolar world, economic interdependence is no longer driven by a single set of interests and values, much like it was among the 21 countries represented at the signing of the 1945 Paris Peace Conference.

No, today’s economic realities dictate that there are several interdependent economic systems that do not rely on one another. While they do overlap somewhat, the various channels that facilitate the movement of goods and services, and finance, are no longer stymied by what a small group of countries may define as “sanctioned.” This is why traditional compliance programs that rely on sanctions monitoring, and action taken based on who has or has not been sanctioned, are less relevant in 2024 than they ever have been since 1945.

Economic realities and the limitations of
traditional sanctions

In the West, we think of extra-systemic patterns and the groups of relationships that dictate them as non-compliant. Or perhaps rogue. Indeed they are when evading United Nations defined controls. But so-called “rogue” states such as China and Russia are members of the United Nations Security Council. Yet they have their own world view. They look back at the West with a pointed finger and say “imperial.” This tit-for-tat exchange affects markets, products, goods, and services; more importantly, it creates spaces where some of the world’s largest companies must operate shoulder to shoulder with bad actors, known and not.

These illicit networks are almost always tied to sanctioned individuals and their companies. Afterall, companies don’t commit crimes. People do. But to see that someone has been sanctioned is little more than a warning light. You know something is wrong, but further diagnosis is required to figure out where the problem lies and how to fix it. This is why unique datasets that focus on illicit networks and the relationships that exist between known bad actors – those sanctioned or convicted of a crime – and their broader networks are an important addition to any forward-leaning compliance program, especially for those companies operating in emerging and edge markets.

International legislative responses and their impact on global compliance strategies

Naturally, governments in the West are aware of the geopolitical reality that we now operate in a multi-polar world – a reality that drives regulation to which all general counsels must adhere. In the United States, the Uyghur Forced Labor Prevention Act (UFPLA) has received much attention for both the focal point on forced labor reduction in China and the teeth that it applies to goods at US ports that have any suspicion of forced labor attached to them. And many businesses have suffered from fines and delayed delivery of just-in-time products. The UFPLA has spread from its initial focus on textiles to include polysilicon, plastics, chemicals, batteries, household appliances, industrial and manufacturing materials, and more. 

In Canada, this style of “transparency” legislation has also taken hold with the May 2024 implementation of the Fighting Against Forced Labour and Child Labour in Supply Chains Act (formerly known as S-211). The EU has recently passed its own version of transparency legislation, the Corporate Sustainability Due Diligence Directive. Australia and the UK both have their own forms of transparency legislation, the Modern Slavery Act 2018 and the Modern Slavery Act 2015, respectively. 

Regulatory and enforcement regimes that follow these legislative packages will only strengthen over time as governments continue to respond to geopolitical realities. At the same time, the compliance technology provider space has been slow to respond to an increased need for transparency. The advent of artificial intelligence (AI) and the drive to leverage AI tools into product development cycles to take advantage of the hype has been more of a distraction than a great leap forward. In the wake of this nearly two-year hype cycle, AI-driven big data models remain designed for companies that check a box – that need a minimal amount of information to meet requirements and move on. 

Quick answers to short but important questions, like, “should we work with this person,” or “should we work with this company?” are still not readily available across multiple jurisdictions outside of mature markets like Canada or the United Kingdom. Transparency legislation demands that we take these questions a step further to more complex questions about the nature of relationships and second and third degree, or indirect, relationships between individuals and companies. True transparency has yet to be achieved. And when there is truly a need for transparency, general counsels and their teams that run global compliance or enterprise risk management (ERM) programs have come to realize that big data is not enough.

Leveraging unique data sets for a next
generation compliance

Unique datasets, specifically indices of illicit networks, begin to offer a way forward. First, they bring unstructured data into structured datasets that may be scanned against a large number of customers or suppliers. Next, while they do take into account who has been sanctioned or convicted of a crime, they treat these data as a starting point and dig from there. Individuals and companies related to sanctioned entities provide a landscape of possibilities for who has taken up the mantle for their sanctioned counterpart. These are the individuals who are likely to be sanctioned next, but only after several months, or more, of illicit behavior. Illicit network datasets also consider organized crime, and the relationships these individuals and companies may have with people who have been, or who will be sanctioned, and the politicians who provide cover and support, for a fee.

Unique datasets of illicit networks are powerful and have proven results. They allow you to see what you cannot see about relationships, especially in emerging and edge markets. Yet there is a limitation because they are man-made. The trade off for granularity and true transparency is speed and scale. 

The ERM program manager who oversees 75,000 suppliers across 85 jurisdictions could build a program that leverages unique datasets for her entire program. This would be a powerful program, but getting there would be slow – measured in months to get set up rather than the weeks required for an enterprise-level ERM platform. The additional teams needed to conduct and manage the research required to keep these datasets reasonably updated is too heavy a lift for most vendors in this space. So she is more likely to leverage unique datasets for illicit networks where her supply chain is both critical and overlaps with those jurisdictions that are known to be troublesome due to the shifting sands of global geopolitics, and roll the dice on how much she understands about what’s happening across her global operations. 

Yet transparency legislation dictates that she already needs the additional granularity, today in 2024. ERM and other compliance teams need details and confidence in their work to support, for example, the electronic vehicle (EV) company executive who might be called in front of the U.S. Congressional Select Committee on China to answer questions under oath about the source of chemicals used in his batteries. Or the mining equipment supplier who only after the fact discovered that he sold millions of dollars worth of equipment to a company in the Democratic Republic of the Congo that is partially owned by an – as yet – unsanctioned political power broker. Or the financial services compliance VP in Guatemala who has recently learned that his service has been used to launder money between the United States and a Venezuelan criminal organization. 

The International Monetary Fund (IMF) expects the Russian economy to expand by 3.2% in 2024, while it assesses that the German economy will grow at a modest 0.2%. There are many variables that define this remarkable difference in economic performance, not the least of which are sanctions. According to one sanctions dashboard, nearly 20,000 sanctions have been levied against Russian assets since Putin and his leadership team decided to invade Ukraine in February of 2022. The reality of economic expansion despite historically unprecedented levels of sanctions paints a clear picture of why sanctions are no longer a reliable, comprehensive tool for identifying and disrupting poor behavior. 

Sanctions monitoring and coverage should remain a central component of every compliance program. Yet only the programs that go beyond sanctions into illicit networks, leveraging unique datasets, will find themselves future proof as global leading economies continue to legislate transparency while  unwinding the geopolitical order established nearly 80 years ago in France.