Implementation Of Russian Sanctions In The Netherlands - A Hands-On ICT-Perspective

Introduction.

Morning, many people have asked me in the last few weeks since the invasion in Ukraine 'Why are The Netherlands so slow with implementing different packages of Russian Sanction Policies? Especially against the so-called high-worth individuals, the 'Russian Oligarchs'?

There are actually three reasons for that. The first one is never talked about and that is how to implement sanctions technically in for instance a financial institution like a large bank. The second one is related to political-decision making in The Netherlands within the context of the current political internal environment & the third one has to do with the financial and economical interests of large companies in the financial services and consulting industry including, specialist tax-lawyers, consultants & legal specialists in structurning legal entities fast in off shore banking locations in the financial district in Amsterdam, the 'Zuidas'.

A short history of sanctions.

Since 2001, sanctions against countries, organisations and individuals have been implemented and introduced worldwide on a large scale as part of 'The War on Terror' and subsequently against Iran, among others. This article explains how this is done in practice for e.g. the financial sector, but also for the government and what are important ICT-hurdles.

9/11 and the War on Terror.

After 9/11, under pressure from legislation in the United States, sanctions were introduced worldwide at a strategic, tactical and operational level in, among other things, the financial services sector. A retrospective study of the financing of the attacks on the WTC in New York revealed, among other things, that the total financing of estimated 500k $ had been 'gathered' through many small amounts via private bank accounts in a number of countries and that those payments were therefore made in the old systems. with fixed limits per country would not have ringed a bell. At that time, I was working in the global off-shore industry at ABN Amro Trust.

Due to the legal obligation to be 'compliant' for all companies in the financial sector, among others, intelligent AI-based software had to be quickly installed at those institutions worldwide, linked to SWIFT, which, in addition to signaling with 'hits' and blocking 'forbidden money transactions' by countries, organisations including different types of companies including banks, and individuals that were blacklisted by the US, the EU and/or locally also recognised patterns of payments that you did not know beforehand.

Such as, for example, payments to a specific person or a network of people around the attack on the WTC in New York. Those AI systems created and are making automated 'transaction monitoring' within their own company and between financial institutions e.g. possible, producing many real but also many false hits. Those systems could and were also used to try to combat money laundering: anti-money laundering (AML).

'Legacy ICT-systems and hierarchal and functional silo-databases'

In addition, it became again clear that there were many separate databases of different types of customers within the different organisations and that relevant information and documentation about different types of companies and organisations was often unstructured, spread over many different old hierarchal databases (Cobol, IMS-DB and IMS-DC), often not up to date, redundant or even not available at all. Both at the individual financial institution level, and at the national Government level (Dutch tax authorities and Chambers of Commerce ('KVK'), for example).

Because of this situation, when trying to apply client due dilligence (CDD), on new (private) clients as well as corporate onshore and offshore clients with all different types of legal forms and legal structures in the Netherlands, in all other countries in the EU and around us, 'relationship monitoring' of for instance Ultimate Beneficial Owners (UBOs) within the context of Know-Your-Customer (KYC) was and still is practically impossible as individuals are members of often overlapping virtual networks of 'trees' of global offshore-structures ('nested structures').

And finally, to make the introduction or change of sanction packages like against Russa, Russen companies and Russian individuals even more complex at all levels within a single company across all functional and customer-segmentation silo's, every product administration, including for example, when buying and selling real estate locally, or taking out loans and mortgages or trade facilitation, often had and has its own CRM and own paper-based and/or partially digitised document management in every financial institution involved.

As a regular customer (private individual and/or entrepreneur) of large banks and also large insurers including in The Netherlands, you often experience the consequences of all these ICT-related legacy problems on a daily basis, despite the hip mobile apps: banks and insurers continue to send you product information and other offers even though you have had that product for a long time. In the event of a divorce, death or other life events, it is very difficult to get changes implemented quickly across databases in all these silos quickly and correctly.

Conclusion.

All these ICT-related problems and the fact that sanction packages against Russia, Russian companies and Russian individuals are to be implemented effectively and efficiently by national governments and their political leaders fast at different times in different ways and at different stages in the different European countries makes it technically independent of a slow a compromise-driven decision-making process and important financial-economic reasons a complex business.

'Taking political decisions on sanctions is one thing, implementing them is another thing all together'.

The good news is that decision-making and implementation of sanction packages be done better and faster using smart systems, but you have to approach it and above all organise implementation completely different than it has been done until now. You have to include people with hands-on practical experience, "practitioners''. Because as Peter Senge, the famous strategy guru already said in 1997: 'Practitioners think about what they have lived through, because the source of their thinking is experience instead of concepts'.

'Practitioners think about what they have lived through, because the source of their thinking is experience instead of concepts like with many academics'.

The next column is about hurdles in and around decision-making on a national level in some European countries and especially The Netherlands and how they delay fast implementation of sanctions.

Dr Tony de Bree EEP MBA worked at Corporate IT Strategy & Architecture on 'De Zuidas' at ABN Amro (1997-2001) in Amsterdam, at ABN Amro Trust, the offshore banking unit for corporates and private clients globally after 9/11 (2001 -2004) as global project manager eTrust, as project manager at Global Compliance Private Banking, until 2008, as global project manager CDD at Private Clients Global, as a management team member of the Global Due Diligence Central Department and from 2008 to the end of 2011 as global split-up manager KYC for ABN Amro worldwide (data, documentation and ICT-systems).

He is the author of 'Diary of a banker' in Dutch (Dagboek van een Bankier) in which he shared his hands-on experiences in offshore banking, Compliance & KYC after 9/11 and 2011, in stories such as 'A Building With Empty Rooms' (see the header of this article) in the financial center, 'de Zuidas' in Amsterdam.

Since 2011, he has been selecting, advising and training FinTech & RegTech startups & scale-ups and is presenting and facilitating on-demand sessions for different customers on these strategic, tactional and operational hands-on experiences in AML, KYC, off-shore structures & cybersecurity globally. You can contact him here.