How to Use the Global Sanctions Index in Country Risk Ratings

Modern trade requires businesses of all sizes to increasingly rely on global supply chains, and in a world that is more turbulent than ever, understanding the financial crime risk of working in, or purchasing from, a certain country is crucial. Country risk ratings typically look at political, economic, security and legal risk.

Concerning this last category, the Financial Action Task Force (FATF), the European Union (EU), US Department of Justice (DoJ) encourage or require companies to understand their legal exposure to financial crimes in the countries in which they operate. Laws like the UK Bribery Act and the US Foreign Corrupt Practices Act (FCPA) make violations exceedingly costly, and sanctions are a key way that governments combat financial crime.

What Risk Does the GSI Examine?

The Global Sanctions Index (GSI) examines financial crime risk through the lens of sanctions lists and should be included in any country risk rating on financial crime. As discussed by an expert panel including former regulators regarding the GSI, whether a country has a sanctions list or not, and how technically adequate that sanctions list is, is an important indicator of whether a country is well equipped to fight financial crime, and if it actually does so. The below questions seem obvious, but until the GSI no one took a data driven approach to answering them:

1. Which countries globally have sanctions lists?

2. Are the sanctions lists technically adequate?

3. How does having a sanctions list tie into a country’s ability to fight financial crime?

4. What factors make a sanctions list easy to comply with?

5. How does a country with no sanctions lists enforce international sanctions?

   • Yes, some countries have laws that mandate compliance with United Nations and other sanctions, but according to FATF reports, the enforcement of these laws is lax.

How Should The GSI Scores Be Used?

Castellum.AI recommends adding the GSI country score to the Criminal / Financial Crime / Legal Risk section of a country’s risk assessment. The GSI country score should be weighted similarly to ratings issued by other organizations that look at financial crime, and we encourage risk-raters to evaluate the GSI alongside the following scores:

• Financial Action Task Force Black List / Grey List

• International Narcotics Control Strategy Reports (INCSR) ratings

• Transparency International Corruption Perceptions Index

• Basel AML Index
  
  

What Does The Full Index Provide?

The full Global Sanctions Index provides a detailed view on each country’s sanctions program with the backing data and weighting information for each of 20 criteria used to determine each country’s final weighted score and category scores. Each criteria is organized according to category — Data Integrity, Data Delivery, and Guidance. This includes detailed methodology and instructions on how to assess sanctions lists so that the GSI can be customized and adjusted for your organization’s internal needs. The GSI rankings are also compiled into an easy-to-analyze table of final weighted scores, similar to those published in the publicly available GSI.

In addition to detailed backing information used to compile the final weighted scores, the full dataset includes direct links to all primary sources: sanctions list files from government sanctions authorities, search platforms, and guidance documentation. This serves as a comprehensive global database of national sanctions to use either as its own resource or to feed into other products.

What Is The Value Add of The GSI?

The GSI criteria serve as objective, technical measures of how easy or difficult it is to comply with sanctions restrictions. Assessed by global sanctions data experts, each score has been compared with similar jurisdictions to eliminate unnecessary variation across criteria and countries.

By providing an objective means of assessing how well a country fights financial crime, the GSI impacts economic, political and legal risk factors that play into a country’s overall risk assessment. In addition to informing overall country risk, the GSI identifies the jurisdictions where you may be subject to local sanctions list screening requirements so that you can inform your global compliance policies and compare the ease of implementing compliance screening requirements across your international operations.

The GSI dataset serves as a:

• Database of sanctions lists directly linked to government sources and guidance

• Source dataset easily integrated into existing country risk models

• Customizable risk calculation that can be internal updated and adjusted over time and to fit your unique risk tolerance

Methodology

How did Castellum.AI assess autonomous sanctions lists? We developed a comprehensive model built around a central question: how easy is it to comply with a sanctions list, based on the structure, availability, and clarity of the data in the list? The practical application of how compliance is achieved allows for a detailed and objective approach to assessing sanctions lists across different formats, structures, languages, and, of course, content.

Our model is structured using frameworks that have been honed by country risk rating firms and experts for decades. We created a set of 20 criteria which are essential to sanctions compliance to objectively measure which lists are the easiest to comply with, and which are the hardest. Each criteria is weighted based on its impact on compliance. The criteria are then scored on a scale of one through five. Once scored and weighted, the results are compiled to arrive at a final weighted score that can be compared against other sanctions lists.

These criteria are grouped into three categories, detailed below.

1. Data Integrity     

Data integrity measures the quality and structure of data on each sanctions list. Castellum.AI divided this category into ten criteria that include the existence or lack thereof of a data schema, the detail of the schema, the freshness of the list, and the likely resultant false positive rate (a sanctions list that does not provide dates of birth will lead to a high false positives rate). Since the US OFAC SDN list provides unique identifiers for almost every entry (such as IDs, dates of birth and place of birth), the US list scored the maximum in the unique identifier component of the data integrity category. 

2. Data Delivery

There are seven criteria under the data delivery category, which includes the existence and functionality of a watchlist search tool, availability of automated notifications for sanctions list updates, the availability of multiple sanctions file formats, and the overall accessibility and ease of use. This category also covers how easy it is to find and access the sanctions list itself: is it buried on an obscure government authority’s website or is it easy to find?

3. Guidance

This category has three criteria which pertain to whether explanations are readily available as to why an entry is listed and whether guidance is available on the sanctions list’s web page. It also concerns whether justifications are directly linked to an entry. France’s Tresor Registre Des Gels includes a public guide regarding the searching of the watchlist and also includes detailed explanations for each entry for why they were sanctioned, resulting in a perfect score under the guidance category of the ranking sheet.