If a financial institution's filtering system generates an alert matching a client to an individual on the Specially Designated National List, which investigation process should the financial institution follow?
Correct Answer: D
Sanctions screening standards require that when a hit is produced by the filtering system, the institution must determine whether the alert is a true match or a false positive through a structured escalation and investigation process. The Sanctions and Compliance Domains emphasize that financial institutions must evaluate all relevant identifiers, including entity type, name, ownership, vessel IMO numbers, and additional attributes. In the case of vessels, sanctions regulations often target vessels by name and ownership, meaning that a vessel with an identical name requires deeper investigation. Authorities such as OFAC, the EU, and the UK regularly designate vessels because of their involvement in sanctioned activities, and vessel names frequently overlap with commercial entities. Therefore, the correct investigative approach is to continue the investigation to determine the true ownership, IMO number, and whether the vessel is the sanctioned party. Options A, B, and C describe scenarios typically associated with clear mismatches or cases where additional investigation is unnecessary because essential identifiers do not match. However, vessels require continued review due to the regulatory emphasis on vessel ownership, registration, and operational control as determining factors in sanctions risk. Reference from Sanctions and Compliance Domains: Requirements for detailed matching processes in sanctions screening. Guidance on evaluating entity type, ownership, and identifiers when reviewing alerts. Rules relating to vessel sanctions, ownership determination, and verification steps. Procedures for identifying true matches versus false positives in sanctions screening.
CGSS Exam Question 12
Which steps demonstrate a sound governance framework? (Select Two.)
Correct Answer: B,C
A sound governance framework, according to Sanctions and Compliance Domains, includes: * Senior management ensuring adequate resources to investigate violations, identify weaknesses, and remediate control gaps. * Updating the sanctions risk assessment to incorporate findings and root causes from prior incidents. Human resources actions (A) are not a primary governance function. Reporting based on "lack of penalty" (D) is not a risk-based governance indicator. Zero-tolerance statements (E) do not constitute governance processes and may conflict with risk-based management expectations. Reference: Governance expectations under OFAC Framework for Compliance Commitments. Requirements for resource allocation and risk assessment updates.
CGSS Exam Question 13
Which are true regarding compliance with EU sanctions? (Select Two.)
Correct Answer: C,E
EU sanctions apply to: * All EU nationals, * All persons within the territory of the EU, including foreign nationals residing or operating within the EU, * All EU legal entities, regardless of where they operate, and * Any business conducted within the EU or using EU jurisdictional touchpoints. EU sanctions do not have general extraterritorial effect. Unlike US sanctions (which can apply based on currency, goods origin, or facilitation), EU sanctions apply within EU territory, including airspace, and to EU persons globally. EU sanctions do not automatically have a broader scope than US sanctions; in many cases, US sanctions have the broader reach. Reference: EU sanctions territorial and personal scope definitions. Applicability to EU territory, nationals, and persons operating in the EU.
CGSS Exam Question 14
A wire transfer alerts for a potential match in a region known for transshipment bordering a sanctioned jurisdiction. The payment field information does not match the transport document or invoice list. The customer refuses to provide any explanatory information. Which is the most appropriate next step?
Correct Answer: B
Sanctions and Compliance Domains provide that a financial institution must not execute a transaction when significant unresolved discrepancies exist, especially in high-risk transshipment regions. When: * documentation does not match payment details, and * the customer refuses to provide required information, the institution cannot proceed. Without clarity, the transaction may involve diversion, routed shipments, or indirect dealings with sanctioned entities. Rejection is appropriate because blocking only applies when a confirmed sanctions match exists. Reprimanding customers, forcing subpoenas, or engaging mutual legal assistance procedures are not required or appropriate steps in sanctions transaction handling. Reference from Sanctions and Compliance Domains: Requirements to reject a transaction when discrepancies cannot be resolved. Need for customer cooperation in sanctions investigations. Standards for handling high-risk transshipment-related alerts.
CGSS Exam Question 15
The EU Blocking Regulation prohibits an EU person or company from complying with:
Correct Answer: D
The EU Blocking Regulation prevents EU persons and companies from complying with certain foreign extraterritorial sanctions, specifically those identified in its Annex. These are primarily US secondary sanctions. The Regulation is designed to protect EU entities from the extraterritorial application of non-EU sanctions. It does not prohibit compliance with EU sanctions or dual-use laws. Only the specific foreign sanctions laws listed in the Annex are prohibited for compliance. Reference: EU Blocking Regulation scope. Restrictions on complying with foreign extraterritorial sanctions listed in the Annex. Distinction between EU law compliance and non-EU secondary sanctions.
