Adverse Media Screening: When Likes and Shares Hurt Your Brand

Developing comprehensive prevention against money laundering and the financing of terrorism can already feel like fishing in murky waters – even the biggest, most fraudulent fish can hide in the mud. If you are on a fraud team and it’s your job to catch ’em all, one of your responsibilities is to assess the risk of each fish.

While most will diligently submit their personal information, allowing you to hook the bad fish easily, you can only identify others as risky due to their appearance in adverse media. Compared to simply netting the big bad fish and tossing them out, however, the adverse media screening process is about as straightforward as taking all the silt out of the river.

How can you land the big ones and the small fry with negative media attention? SEON’s anglers can help, so the likes and shares associated with your company don’t become adverse.

What Is Adverse Media Screening?

Adverse media screening is a part of strong Customer Due Diligence (CDD) and Know Your Customer (KYC) verification that monitor for increased risk based on an individual’s appearance in relevant media outlets. Though this step of those processes is referred to as “adverse” media screening, the news itself could potentially be negative or positive in nature. The risk associated with that media exposure includes coverage that makes the individual more likely to become a target for bribery or blackmail.

Adverse media screening may present the largest exception to the adage that “all press is good press”.

As part of a larger anti-money laundering (AML) and countering of the financing of terrorism (CFT) program, a compliance-minded adverse media screening program might include:

• A well-defined scope and schedule for screening, with decisions made on risk appetites, the scope of the screened media outlets, frequency of the screening, and thresholds for what is considered risky or not.
• Sourcing comprehensive and regularly updated databases to reference personally identifiable information (PII) against, which should include sanctions lists, crime lists, watch lists, and appearances in media outlets.
• Implementing a risk-based, data-driven technological approach to both monitoring for risk and streamlining the workflows around the risk assessment process, including maximizing opportunities for automation and efficiency.
• Resources to continually monitor accounts deemed risky, while also documenting the entire process comprehensively.
• Staff training both inside and outside risk management teams on best practices for conducting adverse media screening, as well as general awareness of pervasive fraud and money laundering threats.
• Policies for maintaining ongoing compliance based on changing laws and industry-standard best safety practices. 

Establishing this framework is an important step in bringing an organization inside the compliance perimeter, in addition to being a part of a strong AML software. However, the framework itself may be a more easily defined task than the actual adverse media screening.

Types of Adverse Media

Beyond certain hard lines of riskiness, such as the appearance of a customer on a sanction or watch list, it is up to each organization to determine what qualifies as adverse media, and whether or not that media makes the customer a high-risk individual. Notably, companies may want high-risk individuals like politicians and world leaders to be their customers. However, by accepting them as customers, they also accept the security responsibilities that go alongside this.

Customers determined to be high-risk trigger enhanced due diligence (EDD) processes. These include ongoing monitoring for signs of risky behavior that indicate money laundering, account takeovers (ATO), or otherwise suspicious activity.

Indicators that, depending on industry context, amount to adverse media include:

• Criminal activity: Instances of financial crime, fraud, drug trafficking, terrorism, or cybercrime should make fraud teams reconsider customer risk levels, regardless of whether or not that crime reaches the public or not, with the awareness that media exposure makes it more likely that regulating bodies will take interest.
• Political exposure: Government officials with lots of media coverage, particularly of high rank, including their relatives and close associates, should be monitored carefully for signs that the person is involved in money laundering or has become a financial crime victim.
• Sanctions: High-profile sanctions will likely hit news outlets before international sanctions lists are updated. Risk teams should be aware of any sanctions announcements and update their policies and internal lists accordingly.
• Reputational damage: If an existing or applying customer isn’t necessarily a business or government leader, they may be otherwise exposed in the media. Both good and bad exposure may constitute a high-risk individual. This is up to individual organizations to determine, hopefully in line with the same determinations of regulating bodies.
• High-risk geolocations: Some countries or locations may fall in and out of the perimeter of risk depending on the world’s political and economic climate. Customer connections originating from these places should be monitored and handled appropriately as political winds change. 
• Regulatory actions: Fines, penalties, or other legal action taken against individuals or organizations should factor into risk appetites. Doing business with entities in the regulatory doghouse should certainly be considered high-risk, as companies being scrutinized may attempt to make sudden moves. Becoming an instrument in those moves may lead to regulatory risk exposure for your business.

Companies mandated to monitor for risk should have a program in place to scan for adverse media coverage as it emerges and a policy on what should be done when those scans turn up results.

What Are the Sources of Adverse Media?

Though there are some services that aggregate adverse media specifically for risk management purposes, the sources of this coverage are all publicly-accessible news outlets. A comprehensive adverse media screening program should be looking at all of them, though a social media lookup service, reverse phone or email service, or media scanning service will certainly assist with the review process.

Sources that need to be referenced for adverse media include:

• news outlets, including digital, print, and televised sources
• sanctions lists including watch lists, crime lists, politically exposed person (PEP) lists, and any other relevant lists
• criminal records
• social media attention
• official government channels that flag risky entities for various reasons
• official databases that track things like legal proceedings, bankruptcies, and tax woes

Any “hits” that turn up as a result of an adverse media screening process, however, are useless without risk thresholds being determined and adhered to. These thresholds require top-down approval, not only for the awareness of internal decision-makers but also so there is a consistent metric across all business channels.

Why Is Adverse Media Screening Necessary?

Adverse media screening is an integral part of anti-money laundering efforts and the fight against terrorist financing. Databases of sanctions lists, PEP lists, crime lists, and other watch lists name specific individuals with whom doing business is prohibited, but regulators are aware that not only those explicitly named individuals constitute a risk.

In the fight against financial crime, it is important to be aware of who is presenting a current risk. The CEO of a major international corporation suddenly becoming well-covered by the media makes that person both a target for financial crime, as well as being more likely to become coerced into criminality. Complicating this process further is the fact that relatives and close associates also fall under the umbrella of risk in these instances, so those people must also be monitored for risk despite not being named on lists or in the media themselves.

Though regulators are aware of the steep challenge this poses to compliance teams, legislation makes it very clear that it is a challenge that must be met.

Adverse Media and a Risk-Based AML Approach

Most government bodies mandate a technological, risk-based approach to internal AML routines. Fraud monitoring platforms use this approach and are common tools for compliance teams. Each customer, and each transaction, must be measured and scored based on their behavior and data. Depending on the risk that the score represents, the organization must deploy a proportional security response.

The risk score generated should reflect various factors that indicate the likelihood of fraud or money laundering. These factors include:

• CDD data including PII should be monitored for legitimacy and cross-checked against watch lists.
• Transactional and behavioral data should be carefully monitored for suspicious activity that suggests money laundering and for signs that an attacker has compromised an account.
• Geolocation data should be collected and scored based on the riskiness of the originating location.
• Adverse media and PEP lists don’t necessarily mean a customer should not be allowed to continue with the business, but the appearance of these data points should trigger EDD and continuous risk monitoring, in addition to adding to the overall risk score.

The generated risk score and the accompanying actions taken should all be documented carefully as part of a holistic – and compliant – risk-based approach to AML.

What Are the Common Challenges with Adverse Media?

Adverse media represents very muddy waters to navigate, not only because of the blurry lines that define it but also due to the research process it necessitates.

As mentioned, regulating bodies have to create legislation with a liquid definition of who is considered a politically exposed person (PEP). The legal definition of “relatives and close associates” is vague enough to make risk teams’ responsibilities wide-ranging. Institutions like the Financial Action Task Force (FATF) note that, for example, individuals appearing in social media videos posted by terrorist organizations are included among these associates, despite the fact that their names and even faces might not be known. From a legal standpoint, this creates a huge gray area while also giving allowances for the difficulty of being 100% comprehensive.

Additionally, risk teams have the tricky balancing act of risk versus reward to calculate. How much of a regulatory risk does bringing this person on board come with? How much business do we stand to lose if we don’t take them on? If risk appetites are not carefully defined, this balancing act could take extensive human resources to manage.

Scaled money launderers will also attempt to hide important information like the ultimate beneficial owner (UBO) of a company, especially if that owner is named on a list. Part of due diligence for AML and CFT is determining that person, which may require significant research resources, and then that UBO and their relatives and close associates must also be screened for adverse media.

The best way to fall into as few pitfalls and time-sinks as possible is to create a risk team with all the recommended resources, up to and including a source of up-to-date information and training on dynamically spotting potential risk.

How Can SEON Help?

SEON offers a fraud investigation software solution to help automate as much of the risk-based AML approach as possible. Through device and browser fingerprinting, advanced APIs, and cross-checking with all relevant sanctions lists, watch lists, and other crime lists, alongside the machine learning systems that process customer data, risk scores are aggregated quickly, accurately, and with minimal interruptions to the customer experience. Common money laundering fraud like synthetic ID fraud is easily detected with SEON. 

The resultant machine learning (ML) analysis is also documented in the case that a suspicious activity report (SAR) needs to be generated, or if the SEON user later needs to produce evidence that the maximum has been done in terms of due diligence. Though these are often goalposts that move, currently SEON’s product offering aligns with the technological AML requirements for a risk-based software solution.

Screening for adverse media offers a particular challenge for any risk team that wants to maximize efficiency. Unfortunately, no compliant framework can completely automate the AML process, as a human counterpart will often need to be involved in the process to make a final risk determination. At this stage, SEON also offers simple and effective capabilities.

SEON’s reverse email and phone lookups can help manual review teams scrutinize user identities to a great depth to determine the likelihood that their PII is valid. The platform will reveal social media accounts associated with those data points, which can, in turn, be investigated by teams screening for adverse media – it could reveal a Twitter account that is currently being tagged in a controversial news cycle, for example.

The SEON platform also offers a simple AML lookup tool, which screens all relevant watch lists. This is invaluable when determining risk scores. Try it for free!

Though managing your organization’s risk exposure will always be a team effort that requires some manual review, tools like SEON can minimize the impact that these resource expenditures have on your bottom line. These expenditures, of course, will certainly outweigh the costs of incurring fines, legal fees, or even becoming a sanctioned entity yourself.