Export Compliance

Seven best practices to prevent complacency from creeping into your day-to-day screening routine

In recent years, increased government regulations—both U.S. and international—dictating with whom organizations can and cannot do business have made it more and more difficult for companies to remain compliant.

Businesses today must check their customers, contacts, leads, accounts, visitors, vendors and suppliers against hundreds of government watch lists.

That’s daunting in and of itself, but when you factor in that these lists change frequently, sometimes daily, and that companies must also keep audit records of their due diligence, it’s enough to give most people a headache. But there are ways to ensure your business is not violating any U.S. export laws and regulations.

For best results, don’t just screen—screen SMARTLY. And sure, you could do it manually, but you could be missing out on better accuracy and efficiency. For even better results: implement these best practices directly in your day-to-day operations by integrating restricted party screening directly in your business systems.

Best Practice #1: Search refinement settings are your friends.

If you’re using a restricted party screening software tool like Visual Compliance, you can reduce false positives (who has the time to wade through hundreds of unwanted results?), and also ensure you’re not missing alerts due to typos or names with multiple possible spellings.

You can also maximize screening efficiency by understanding what various settings do and determining when you should use them and when it would be more efficient to turn them off. Among your options: grammatical variations on a word (e.g., with “s” or “ed” endings), synonyms or nicknames, or even matches that simply sound like your search term.

Best Practice #2: Mind the three W’s of screening:

  1. Who to screen: International customers may be obvious, but what about domestic customers that re-export internationally? What about your employees, or visitors to your facilities? Take a good look at all the parties with whom you connect to make sure nobody is overlooked.
  2. When to screen: At minimum, initial screening should be done before signing a contract with a new customer or manufacturer, but if done at the first point of contact, that’s even better. No sense wasting valuable time and effort to turn a lead into a customer if you can’t do business with them with them in the end. It’s great if you have this practice built into your manual screening processes, but even better if it’s built into your processes automatically. Our article, Become the Master of Your Export Compliance Mountain, provides a high-level overview of the benefits of automating the restricted party screening process.Oh, and we would be remiss if we did not mention that rescreening should happen at regular intervals thereafter (See Best Practice #4)!
  3. What to enter in the search fields: When using Visual Compliance, be strategic and select parameters in all possible fields—such as City, State and Company—to increase the quality of matches returned.

Best Practice #3: Audit recording is essential.

You can screen until the cows come home, but in an audit, if there’s no record of your restricted party screening activity it’s as though it never happened. Details about who you screened, when you screened and the result of that screening are integral not only to passing your audit but to avoiding internal oversights and miscommunication. Conscientious day-to-day screening keeps your transactions legal, but don’t neglect your responsibility to prove your due diligence. Thankfully, Visual Compliance has audit capabilities built right in.

Best Practice #4: Rescreen daily.

Once you’ve screened and received the all-clear on your party, it’s tempting to high-five your colleagues and add to your “done” pile. But no denied party screening is ever really “done” so long as you’re still doing business with the individual or company in question. Government watch lists change often—even a longtime employee or customer can suddenly appear as a denied party—and regular rescreening is the only way to know your transactions are compliant each and every time.

The most effective way to ensure regular rescreening happens is by automating the process altogether, either by integrating screening into your business systems so that screening occurs automatically when a record is updated, a new order is placed, or subscribing to an daily automated rescreening service, like Dynamic Screening—or even both.

Best Practice #5: Timeliness is everything.

You need access to the most current, up-to-date sanctioned and denied party lists or your screening results simply can’t be trusted. Receiving updates as they are published is your best bet.

Best Practice #6: List selection matters.

You may think screening against every list available is wise, but by doing so you’re actually inviting invalid matches. Pare down the number of lists you use by doing some self-examination of your industry, where your customers are located, and the products you export. If, for example, your company does not deal with government contracts of any kind, screening against the General Services Administration (GSA) List is unnecessary.

Best Practice #7: Your escalation process.

Smart screeners have an incident management plan or process in place for when denied party screening yields a match. They ensure decision-makers receive all the details required to investigate and clear transactions with minimal delay (postponing lawful shipments won’t endear you to impatient customers) or, if there’s a true threat of violation, immediately stopping the transaction.

Many companies use email alerts as a reliable communication channel to keep the right people in-the-know. Thoroughly detailed notes regarding your incident response activities are a must so that facts are clear and decisions are defensible in case of an audit.

There you have it—a solid compliance program demands SMART screening practices, like the ones detailed above. Now imagine if you could do the above directly and automatically in your ERP (e.g., SAP®, Oracle®, NetSuite®, etc.), CRM (e.g., Salesforce®), MRP or other system of record?