Asking the right questions is crucial to picking the right provider. Get it right, and you’ll have a strong partner that’s turning your risk operations into a growth engine for your business.
Ultimately, the right solution will depend on how large the institution is, the costs and resources available, and of course risk appetite. And this can vary widely from organization to organization. But there are common factors to consider. Here are a few factors to consider to help you make the right choice.
Your internal processes: Can they meet them?
Considering the constantly evolving regulatory focus, one size fits no one when it comes to due diligence. It’s important to find the middle ground and this is why a customizable solution is key. Compliance and financial officers should have full control on risk escalation, with the ability to define customized lists of red flags.
For example, some teams might not want a certain region or activity to trigger a review. A system that can customize each alert is key to reducing operational bottlenecks and streamlining due diligence processes. Risk providers are not meant to replace your team of experts, but rather augment them with tailored maritime insights to each organization’s needs, risk appetite, and internal processes. It’s about a partner for the long-term who ‘gets’ your business.
Are you falling for feature bait?
We’ve all seen terms like “advanced analytics” or “entity resolution” but what do these features really mean for your business? It’s not uncommon to come across a long list of “differentiators”, usually in the form of buzzword tech features that sound attractive but don’t always show in results. This is why it’s important to ask critical questions that get to the bottom of what exactly the capabilities are.
Ask for reference clients who can speak to the due diligence impact that those features have provided. Ask for specific use cases that those features address. Feature listing doesn’t speak to value or directly solve business pain. Focus on value-based questions that uncover your pain points and challenges, so you can make sure that they meet your true needs.
Are they proactive or reactive?
The intricate nature of global maritime trade creates ample opportunities for exploitation by bad actors. The recommendation we have for you here is this: find a vendor that can identify bad actors that don’t yet belong to designated lists. As typologies like identity tampering and GNS manipulation become more commonplace, the exposure to sophisticated risk is bound to grow. Identifying deceptive shipping practices is a good first step, but it’s not enough. Standard deceptive shipping practices are evolving into more systematic methods employed by bad actors to conceal their activities. Ask whether the vendor has an adaptable platform that can quickly identify new trends, and account for the hundreds of variables involved in accurately vetting each vessel. Infinitely more adaptable than rule-based systems – agile technologies can detect evolving typologies.
What do they do to manage false positives?
How can you ensure your vendor won’t flood you with false alerts? Basic technologies often trigger a high number of investigations – too many for existing compliance teams to keep operations running smoothly. A vendor that has proprietary models, rather than relying on data providers, can fine-tune risk recommendations with greater accuracy and precision.
For example, LNG terminals in certain areas require tankers to lower their radio output as a safety means. Systems that can then exclude LNGs and a region near these terminals can result in less false positives. Vendors who have a team of experts who review and investigate any inquiry and accordingly make any necessary enhancements to the data is mission-critical when it comes to differentiating between legitimate behavior and potential activity linked to sanctions.
Can they offer explainable data?
To clear business fast you need actionable insights. And the key to this is explainable data. The problem with data providers is that they don’t always encourage quick decision making. But this is what’s needed to boost business growth. Data needs to be accessible and easy to understand. Instant and accurate insights that go beyond raw data give you a complete picture of risk exposure across your business.
This allows teams across departments and use-cases to easily incorporate it into their processes and swiftly take action. When you can see everything from the exact duration and location of dark activity to real-time container tracking, you can identify risky events as they occur and meet regulatory expectations more readily. What’s more, you can prevent onboarding new business with exposure to maritime risk.
Are they a partner or a provider?
It’s important to look out for expertise and support from your solution provider. One with active support and collaboration that helps you achieve your goals – is key. It’s just as important as the technology you choose. You should be able to work with them to take deceptive practice typologies and come up with a control environment specific to your institution. Questions to ask: Can risk thresholds be adjusted to my specific business needs? Can alerts and notifications be tailored to my risk appetite?
Due diligence expectations are not what they once were. With every case that makes the news, regulators will only continue to crack down. Yet, until you make a change, the likelihood of the circumstances being any different remain dim. With the tips mentioned above, we invite you to look at this process as a transformation project. Finding the right approach will be a journey, but if you take in mind these considerations, we’re quite sure you will land in a better place.