Free ACAMS CGSS Practice Exam: Global Sanctions

Last revised: June 18, 2026

Try 100 free CGSS practice exam questions across the exam domains, with answers, explanations, timed mock exams, topic drills, and the Finance Prep next step.

This free full-length CGSS practice exam includes 100 original Finance Prep questions across the exam domains.

These are original Finance Prep practice questions aligned to the exam outline. They are not official ACAMS questions, copied live-exam content, or exam dumps. Use them to preview question style and explanation depth before continuing with mixed sets, topic drills, and timed mock exams in Finance Prep.

Practice count note: exam sponsors can describe total questions, scored questions, duration, or administrative exam-day rules differently. Always confirm current exam-day rules with the sponsor.

Practice questions

Questions 1-25

Question 1

Topic: Building a Sanctions Compliance Program

A sanctions analyst reviews an onboarding file for Delta Trading Ltd. The program standard requires escalation when sanctioned persons own 50% or more of an entity in the aggregate, directly or indirectly, or when a sanctioned person can control the entity through board appointment, veto, or other decision rights. What conclusion does the exhibit support?

Delta Trading Ltd.:
- 30% owned by Northbay Holdings Ltd.
- 25% owned by River Port SA.
- 45% publicly held with no holder above 5%.
Northbay Holdings Ltd.:
- 100% owned by Listed Person A, a sanctioned person.
River Port SA:
- 60% owned by Listed Person B, a sanctioned person.
- 40% owned by an unrelated non-sanctioned investor.
Governance:
- Listed Person B has a contractual veto over changes to Delta Trading Ltd.’s suppliers and payment banks.
A. Delta Trading Ltd. should be escalated because a sanctioned person may control it through veto rights even though aggregate sanctioned ownership is below 50%.
B. Delta Trading Ltd. should be treated as sanctioned because Listed Person A and Listed Person B together own 55% of it indirectly.
C. Delta Trading Ltd. does not require escalation because no sanctioned person directly owns shares in it.
D. Delta Trading Ltd. does not require escalation because the publicly held shares are the largest ownership block.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions ownership and control analysis is not limited to direct shareholding. The analyst should trace indirect ownership through intermediate entities and aggregate sanctioned ownership where the program standard requires it. Listed Person A indirectly owns 30% of Delta through Northbay. Listed Person B indirectly owns 15% of Delta through River Port, because 60% of River Port’s 25% Delta stake equals 15%. Together, sanctioned persons indirectly own 45%, which is below the stated 50% ownership escalation threshold. However, control is a separate concept. Listed Person B’s contractual veto over suppliers and payment banks may allow meaningful influence over Delta’s business operations, so the file should be escalated for a sanctions control determination.

Treating the entity as 55% indirectly owned incorrectly adds River Port’s full 25% stake instead of Listed Person B’s 15% indirect interest.
Focusing only on direct ownership misses the need to trace ownership through intermediate entities.
The public float does not eliminate a control concern created by a sanctioned person’s veto rights.

The exhibit shows 45% aggregate indirect sanctioned ownership, but Listed Person B’s veto over key commercial and banking decisions creates a separate control concern.

Question 2

Topic: Building a Sanctions Compliance Program

A bank’s quality assurance review finds several cross-border payments that should have produced sanctions alerts but did not. The sanctions lists were current, the matching thresholds were unchanged, and structured customer and beneficiary name fields were screened. In each missed case, the potentially sanctioned vessel or end user appeared only in the payment’s free-text remittance information, while the structured fields were blank or contained only the bank customer’s name.

Which data issue is most likely causing the missed matches?

A. The matching threshold is too low, producing excessive exact-name matches.
B. The sanctions list update cycle is too slow to capture newly designated parties.
C. Relevant free-text payment fields are not being ingested or mapped into the screening process.
D. The customer risk rating model does not include enough jurisdiction risk factors.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Missed matches often arise from data coverage and data-mapping gaps rather than from the screening algorithm itself. Here, the relevant sanctioned vessel or end-user names were present in the payment record, but only in free-text remittance information. If that field is not captured, parsed, or mapped into the screening engine, the system cannot compare those names against sanctions lists. Current lists and stable thresholds do not solve a field-coverage problem. A risk rating weakness may affect broader risk analysis, but it does not explain why specific names visible in payment messages failed to alert.

A slow list update cycle would be plausible if the names were newly listed and absent from the screening data, but the facts state the lists were current.
A low matching threshold generally increases alerts and false positives; it does not explain missed names excluded from screening.
A weak customer risk model may impair risk analysis, but the immediate failure is that relevant payment data was not screened.

The missed names appear only in free-text fields, so excluding those fields from screening would prevent the tool from matching them.

Question 3

Topic: Sanctions Frameworks and Governance

A manufacturer is reviewing a proposed logistics contract for a shipment to a permitted customer. The direct freight forwarder cleared name screening today.

Exhibit:

Proposed sanctions clause:
- The forwarder represents that, as of the signing date, it is not named on applicable sanctions lists.
- The forwarder may appoint carriers, agents, vessels, and transshipment providers without prior approval.
- The forwarder will notify the manufacturer only if a regulator or court orders it to stop performance.
The final route, vessel, and carrier names will be selected after booking.

Which contract-clause concern is most directly supported by the exhibit?

A. The clause creates a blocking-regulation conflict by requiring compliance with a foreign sanctions regime.
B. The clause does not require sanctions controls to extend to carriers, agents, vessels, and other performance parties.
C. The clause relies on a sanctions license but does not track the license conditions or expiration date.
D. The clause improperly treats a permitted shipment as prohibited because a freight forwarder is involved.

Best answer: B

What this tests: Sanctions Frameworks and Governance

Explanation: A sanctions clause should support the actual control need in the transaction. Here, the direct forwarder screened clean, but the contract allows later selection of carriers, agents, vessels, and transshipment providers without approval. The main concern is not the initial screening result; it is that the clause does not extend sanctions obligations to the parties and assets that may perform the shipment. A stronger clause would require appropriate sanctions compliance by subcontractors and other performance parties, prior approval or screening where needed, prompt notice of sanctions-related changes, and rights to suspend or terminate if performance would create sanctions exposure.

Treating the permitted shipment as prohibited overstates the facts; the exhibit identifies a control gap, not an automatic prohibition.
A license concern is unsupported because no license, exemption, condition, or expiry is mentioned.
A blocking-regulation conflict is unsupported because the exhibit does not identify competing legal regimes or a prohibited foreign-law compliance requirement.

The exhibit shows that the clause covers only the forwarder at signing while allowing unscreened third parties to be used later without approval or notice.

Question 4

Topic: Building a Sanctions Compliance Program

A global bank reviews an escalation involving a newly onboarded corporate customer. The customer was not listed on any sanctions list, and an onboarding analyst closed a name-screening alert as a false positive. Two weeks later, trade operations stopped a payment after identifying that a listed person owned 52% of the customer through two intermediate holding companies. The bank’s applicable sanctions guidance treats entities owned 50% or more in the aggregate by listed persons as restricted, even if the entity is not separately listed. The customer’s ownership chart was in the onboarding file. The review also finds that onboarding procedures require only direct customer name screening, while trade operations procedures require indirect ownership aggregation. There is no enterprise standard assigning ownership/control analysis responsibilities or escalation triggers.

What is the best conclusion?

A. The primary issue is a governance weakness requiring a program-wide ownership/control standard, clear roles, escalation triggers, and quality assurance.
B. The primary issue is excessive trade operations intervention because screening had already cleared the customer during onboarding.
C. The primary issue is a sanctions list-management failure because the customer was not added to the official sanctions list before onboarding.
D. The primary issue is an individual analyst error that should be resolved through coaching on how to close false positives.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions compliance program needs consistent governance over ownership and control analysis. Here, the decisive facts are not just that an analyst missed information. The ownership chart was available, but different parts of the bank applied different standards: onboarding looked only at direct name screening, while trade operations applied indirect ownership aggregation. The absence of an enterprise standard for ownership/control analysis, role assignment, escalation triggers, and quality assurance means the weakness sits at the program governance level. Coaching an analyst may be useful, but it would not fix inconsistent procedures or unclear accountability across business lines.

A list-management failure is not supported because the guidance already required treating the indirectly owned entity as restricted even though it was not separately listed.
Treating the matter only as analyst error overlooks the inconsistent procedures and missing ownership/control responsibilities.
Trade operations acted appropriately by identifying indirect restricted ownership under the applicable aggregation rule.

Inconsistent procedures and undefined responsibilities show a program governance gap, not merely an isolated analyst review failure.

Question 5

Topic: Sanctions Frameworks and Governance

A global bank’s EU branch receives a payment request. The sanctions team records the following note:

Payer: longstanding EU customer.
Beneficiary: Alpha Trading Ltd.
Screening result: Alpha Trading Ltd. is 51% owned by Viktor M., who is listed under a U.S. sanctions program but is not listed by the EU or UN.
U.S. legal note: U.S. persons and certain facilitation are prohibited from dealing with entities 50% or more owned by Viktor M.
EU legal note: a blocking regulation may prohibit the EU branch from complying with the relevant U.S. measure unless an authorization or exception applies.
Current status: no license, authorization, or exception has been confirmed.
Group policy: unresolved conflicts between sanctions obligations and blocking measures must be escalated to the sanctions governance committee before execution, rejection, or customer communication.

What governance response is best supported by these facts?

A. Hold the payment and escalate to sanctions governance and legal counsel to resolve authority scope, blocking-regulation risk, and any needed authorization before deciding.
B. Ask the customer to certify that Alpha Trading Ltd. is not sanctioned and process the payment if the certification is received.
C. Process the payment through the EU branch because neither the beneficiary nor its owner is listed by the EU or UN.
D. Reject the payment immediately under the U.S. ownership rule and tell the customer the bank cannot process it because Alpha Trading Ltd. is blocked.

Best answer: A

What this tests: Sanctions Frameworks and Governance

Explanation: When sanctions obligations conflict or the authority scope is unclear, the governance response should control the activity while the institution obtains a documented legal and compliance decision. Here, the U.S. ownership rule creates potential restrictions, while the EU blocking note creates a separate risk if the branch refuses solely to comply with the U.S. measure. No license, authorization, or exception has been confirmed, and the internal policy specifically requires escalation before execution, rejection, or customer communication. A temporary hold with escalation to sanctions governance and legal counsel allows the bank to assess applicable law, facilitation risk, permissions, documentation, and communications in a controlled way.

Immediate rejection may create blocking-regulation risk and violates the policy requirement to escalate before rejection or customer communication.
Processing based only on EU and UN list status ignores the U.S. ownership finding and potential facilitation risk.
A customer certification can support due diligence, but it does not resolve the ownership evidence or the legal conflict.

The facts show an unresolved conflict and unclear authority scope, and group policy requires governance escalation before processing, rejecting, or communicating.

Question 6

Topic: Sanctions Frameworks and Governance

A multinational manufacturer receives an order from a nongovernmental hospital in Country X, which is subject to broad country sanctions. The relevant sanctions rules supplied to the compliance team state:

A general license permits exports of listed medical supplies and related payment processing to nongovernmental civilian hospitals in Country X if no sanctioned party owns or controls the buyer, consignee, freight forwarder, or paying bank.
Medical exemptions do not cover dual-use lab equipment or shipments to military or state-security end users.
A specific license is required before dealing with a sanctioned party or exporting goods outside the general license scope.

Due diligence shows the products are ordinary surgical gloves and syringes, the hospital and paying bank are not listed and have no sanctioned ownership or control, and the freight forwarder screening is clear. What process step best fits the facts before shipment?

A. Reject the order because broad country sanctions prohibit all exports and related payments without exception.
B. Document reliance on the general license, retain screening and ownership evidence, and proceed subject to the license conditions.
C. Apply for a specific license because every shipment to Country X requires case-by-case government approval.
D. Treat the medical exemption as eliminating the need to screen the buyer, banks, and freight forwarder.

Best answer: B

What this tests: Sanctions Frameworks and Governance

Explanation: A general license or exemption can permit activity that would otherwise fall within a sanctions restriction, but only within its stated scope and conditions. Here, the supplied rule permits listed medical supplies and related payment processing to nongovernmental civilian hospitals when no sanctioned party owns or controls the relevant parties. The due diligence facts support that conclusion: the goods are ordinary medical supplies, the end user is a nongovernmental civilian hospital, and screening and ownership/control checks are clear. The appropriate step is to document the basis for using the general license and proceed only within its conditions. A specific license would be needed if a sanctioned party were involved or the goods or end use fell outside the general license scope.

Rejecting the order ignores the supplied permitted-activity pathway for qualifying medical supplies.
Applying for a specific license is unnecessary when the transaction fits the stated general license and no disqualifying facts are present.
Treating the medical exemption as a substitute for screening is wrong because the license conditions expressly require no sanctioned ownership or control.

The facts fit the stated general license for medical supplies, with no sanctioned ownership, control, parties, or excluded end use identified.

Question 7

Topic: Building a Sanctions Compliance Program

A sanctions compliance manager reviews recent quality assurance results for customer name-screening alerts:

The procedure tells analysts to “clear false positives using available customer information.”
Twelve cleared alerts contain only the disposition no match; none identify the customer identifiers compared, sources reviewed, or reasoning for name variations.
Two repeat alerts involving similar names were cleared by different analysts using different rationales.
The screening system retains the alert score and list record, but not the analyst’s supporting analysis.

What documentation improvement is most directly supported by these facts?

A. Create a customer attestation form requiring customers to certify that they are not sanctioned parties.
B. Add a board-level sanctions policy statement confirming that customer screening is mandatory for all in-scope relationships.
C. Implement a standard alert disposition record that captures identifiers compared, sources reviewed, rationale, escalation, and approval evidence.
D. Document the vendor’s sanctions list update frequency and service-level commitments in the screening procedure.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions screening program needs documentation that supports repeatable, reviewable decisions. The facts show that analysts are clearing alerts without recording which identifiers were compared, what evidence was reviewed, or why a potential match was rejected. The inconsistent treatment of repeat alerts also points to a lack of standardized documentation for disposition rationale and review. A useful procedure should not only say that false positives may be cleared; it should require a record of the analysis, including data fields considered, source evidence, decision rationale, escalation if needed, and approval or quality review where applicable. This improves auditability, supports quality assurance, and helps demonstrate that sanctions decisions are evidence-based rather than subjective.

A broad board policy may support governance, but it does not fix missing alert-level rationale and inconsistent analyst records.
Customer attestations can supplement due diligence, but they do not replace documented screening analysis.
Vendor update documentation may be relevant to list management, but the weakness concerns analyst disposition records, not list currency.

The weakness is incomplete and inconsistent documentation of alert analysis, so the most relevant improvement is a standardized disposition record with supporting rationale and review evidence.

Question 8

Topic: Building a Sanctions Compliance Program

During pre-processing due diligence for a trade-related payment, a sanctions analyst reviews the bank policy and payment file. The policy requires a payment to be held and escalated when documents show a sanctioned-country nexus, a concealed end user, or an instruction to omit sanctions-relevant information unless a valid license or exemption is documented.

Ordering customer: Nova Machinery Ltd., Singapore; no sanctions screening match.
Beneficiary: Anatolia Trading LLC, Türkiye; no sanctions screening match.
Payment purpose: “spare parts for industrial pumps per invoice A-918.”
Commercial invoice: ship-to address is Al Marsa Oil Services, Country X; Country X is comprehensively sanctioned under the bank policy.
Bill of lading: port of discharge is in Country X.
Customer email: “The goods are ultimately for Al Marsa; please leave the Country X destination off any bank messages.”
License or exemption file: none found.

What sanctions due diligence conclusion is best supported?

A. Hold and escalate the payment because the trade documents show a sanctioned-country nexus and a request to omit material sanctions information.
B. Freeze the funds immediately because every payment involving Türkiye must be treated as blocked property.
C. Process the payment because the ordering customer and beneficiary did not match sanctions lists.
D. Process the payment after obtaining a customer attestation that Anatolia Trading LLC is not sanctioned.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Transaction-level sanctions due diligence looks beyond the screened names in the payment message. Trade documents, shipping instructions, invoice details, end-user information, and customer communications can reveal a sanctions nexus that is absent from the payment fields. Here, the invoice and bill of lading show Country X as the destination, and Country X is within the bank’s comprehensive sanctions policy. The customer’s request to omit the destination from bank messages is also a red flag because it suggests concealment of sanctions-relevant information. Without a documented license or exemption, the appropriate action is to hold and escalate for sanctions review rather than process based only on clean name-screening results.

Clean customer and beneficiary screening does not resolve the Country X nexus shown in the trade documents.
A customer attestation can support due diligence, but it does not replace document review or escalation when the file shows a prohibited or high-risk nexus.
Freezing is not supported merely by Türkiye’s involvement; the file supports a hold and escalation based on Country X and concealment indicators.

The documents show Country X as the destination and end-user location, and the customer’s omission request heightens sanctions evasion concern despite no name-screening match.

Question 9

Topic: Sanctions Frameworks and Governance

A global bank is updating its controls after three new measures issued by authorities in jurisdictions where it operates. The measures cover:

newly listed persons subject to asset-freezing restrictions;
named companies subject only to a prohibition on specified new financing, not a full asset freeze; and
restricted exports of certain dual-use components to a specified region.

The current control blocks any customer or payment that matches a sanctions list and keeps a short alert note. Management asks whether the same screening and disposition process can be used for all three measures. What is the best recommendation?

A. Use the existing list-screening tool for all three measures and close alerts when the name does not appear on a blocked-person list.
B. Apply the asset-freeze workflow to all matches because any sanctioned target should be blocked until a regulator confirms otherwise.
C. Use separate control paths for each sanctions type, with asset-freeze handling for blocked persons, financing-condition review for sectoral restrictions, trade due diligence for restricted goods, and documented escalation for uncertain cases.
D. Rely on customer certifications for the financing and export measures, while keeping automated list screening only for named blocked persons.

Best answer: C

What this tests: Sanctions Frameworks and Governance

Explanation: Sanctions controls should reflect the legal scope and operational risk of the measure. A blocked-person designation usually requires interdiction, asset freezing, reporting, and strict recordkeeping. A sectoral or activity-based restriction may allow some dealings but prohibit specific financing, maturity, services, or other activities, so the review must examine transaction terms rather than simply freeze all assets. A restricted-goods measure requires trade due diligence, including goods classification, destination, end use, end user, and licensing conditions. A single list-match workflow is too narrow because it may miss activity-based and trade-based prohibitions, while a universal blocking rule can over-restrict permitted activity and create operational errors. The better approach is risk-based screening, monitoring, documentation, and escalation tailored to the sanctions type.

Treating every restricted party as fully blocked can be wrong when the measure prohibits only specified activity.
Customer certifications can support due diligence, but they do not replace screening, ownership analysis, payment review, or trade-document review.
A blocked-person list alone will not reliably detect restricted goods, restricted regions, or prohibited financing terms.

Different sanctions types restrict different conduct, so controls must capture the relevant target, activity, evidence, and escalation path for each measure.

Question 10

Topic: Building a Sanctions Compliance Program

A regional bank reviews a sanctions monitoring miss. A commercial customer sent several USD wires for marine spare parts to an unlisted supplier in a third country. The supplier and customer names screened clean, but the payment remittance lines repeatedly named a vessel that had been added to a sanctions list two weeks earlier. The bank’s interdiction tool screens originator, beneficiary, and bank-name fields only; remittance, vessel, port, and goods-description fields are not included in sanctions screening. Which control improvement best addresses the weakness?

A. Lower the fuzzy-match threshold for customer and beneficiary name screening across all payment alerts.
B. Require the customer to provide an annual certification that it will not transact with sanctioned vessels or ports.
C. Escalate only future payments involving the same customer for manual review after settlement.
D. Configure and test the interdiction tool to screen sanctions-relevant payment and trade fields, including vessel, port, remittance, and goods-description data.

Best answer: D

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions monitoring controls must screen the data elements that can reveal a prohibited party, vessel, location, or activity. Here, the screening tool worked only on party-name fields, while the decisive sanctions indicator appeared in payment and trade-related text. The appropriate control improvement is to expand field coverage and validate that the interdiction tool screens relevant message data against current sanctions lists and risk terms. Lowering name-match thresholds would not find a vessel name in an excluded field. Customer certifications may support due diligence, but they do not replace automated screening and control testing. Post-settlement review is also weaker than interdiction because potentially prohibited payments may already have been processed.

Lowering name thresholds targets match sensitivity, not the excluded remittance and vessel fields that caused the miss.
Annual customer certification is a supporting control, but it cannot substitute for sanctions screening of transaction data.
Post-settlement manual review does not prevent processing and is too narrow if other customers use similar payment fields.

The miss occurred because sanctions-relevant message fields were excluded from screening, so expanding and testing field coverage directly addresses the monitoring weakness.

Question 11

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions investigator is reviewing whether several unusual facts are connected or merely weak standalone indicators. What does the exhibit support?

Payment facts:
- A third-party payer, Mira Trading FZE, paid an invoice issued to Baltic Tools OU.
- The wire reference included PO-8841, the same purchase order number later found in a customer support ticket about a cryptoasset settlement.
Trade facts:
- The invoice describes the goods as industrial controllers.
- The first draft shipping instruction named Severo Machinery LLC as end user, but the final document replaced it with Orion Engineering two days after Severo appeared on a sanctions list.
Ownership facts:
- Mira Trading and Orion Engineering share the same director and office address.
- Severo’s former majority owner transferred shares to a nominee shortly after designation but retained a power of attorney over Orion’s bank account.
Cryptoasset facts:
- The support ticket says the “remaining balance for PO-8841” was paid to a wallet controlled by Orion.
- Blockchain analytics show recent upstream funding from a wallet cluster associated with Severo’s procurement network.
A. A trade documentation quality issue that should be resolved by obtaining a corrected final invoice only
B. An unrelated set of weak indicators because each fact could have a legitimate explanation when viewed separately
C. A routine payment-screening false positive caused mainly by a third-party payer and abbreviated trade-party names
D. A linked sanctions evasion pattern involving document changes, third-party payment, retained control, and cryptoasset settlement

Best answer: D

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Sanctions evasion analysis looks for connections among indicators, not just whether each indicator is suspicious in isolation. Here, multiple facts converge on the same transaction and parties: the same purchase order appears in the wire and cryptoasset ticket, the end user changed immediately after a designation, the substitute parties share management and address links, the sanctioned party’s former owner retained banking authority, and cryptoasset funding traces back to an associated procurement network. Those links support a coordinated effort to continue activity through substituted parties, altered documents, third-party payment, ownership or control restructuring, and cryptoasset settlement. A single third-party payment or document change might be weak alone, but the combined pattern is stronger evidence of sanctions evasion.

Treating the facts as unrelated overlooks the shared purchase order, party links, retained control, and cryptoasset trail.
Calling it a payment-screening false positive focuses too narrowly on the wire and ignores trade, ownership, and cryptoasset evidence.
Limiting the matter to invoice correction misses the substituted end user and control indicators tied to a sanctioned network.

The same purchase order, substituted end user, shared control links, retained banking authority, and connected cryptoasset flow tie the indicators into one coherent evasion pattern.

Question 12

Topic: Building a Sanctions Compliance Program

A sanctions compliance team is updating the inherent sanctions risk score for an existing trade finance customer. The scoring guide says the highest increase should be assigned to the factor that creates the most direct sanctions nexus.

Customer: Distributor of industrial filtration equipment incorporated in a country with no comprehensive sanctions.
Ownership: Two disclosed owners, both screened with no sanctions list matches and no indirect ownership concerns identified.
New activity: Documentary letters of credit and related payments will support shipments to a final consignee located in a territory subject to broad territorial sanctions in the bank’s operating jurisdiction.
Goods: Not identified as controlled or dual-use in the available documents.
Screening: Customer, owners, vessel, and named banks have no confirmed sanctions matches.

What scoring factor does the exhibit most strongly support increasing?

A. Product risk from routine documentary letters of credit
B. Geographic and end-user exposure to a sanctioned territory
C. Screening match risk from confirmed sanctions list hits
D. Ownership and control risk from the customer’s disclosed owners

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions risk assessment should weight the factor that most directly connects the activity to a sanctions restriction. Here, the customer and owners have no identified sanctions matches or ownership concerns, and the goods are not described as controlled or dual-use. The decisive fact is that the trade finance activity supports shipments to a final consignee in a territory subject to broad territorial sanctions in the bank’s operating jurisdiction. That creates direct geographic and end-user exposure. Routine trade finance products can carry sanctions risk, but the product type is not the strongest driver when a restricted destination or end user is present.

Disclosed owners do not drive the increase because no direct or indirect sanctions ownership or control concern is identified.
Confirmed screening match risk is unsupported because the screening results show no confirmed sanctions list matches.
Documentary letters of credit can require careful review, but the routine product type is less decisive than the sanctioned-territory consignee.

The final consignee’s location creates the clearest direct sanctions nexus and should drive the largest increase in inherent risk.

Question 13

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions analyst at a global bank is reviewing a customer’s request to finance a shipment of industrial controller modules. The customer’s invoice lists a buyer in a free-trade zone, but the draft bill of lading originally named an end user in a sanctioned region before being amended. The payment is to be routed through an unrelated offshore trading company with a vague reference to “consulting support.” Corporate registry records show the buyer is held through two recently formed companies with the same nominee director and service address, and a shareholder agreement gives a sanctioned individual approval rights over bank accounts and senior managers. The customer also offers to pay part of the transaction fee in stablecoin from a wallet that blockchain analytics links to a mixer and a designated virtual asset service provider.

What should the analyst do next?

A. Escalate as potential sanctions evasion, pause processing, and consolidate payment, trade, ownership-control, and blockchain evidence for sanctions investigation and legal review.
B. Release the transaction because the current invoice and amended bill of lading do not name a sanctioned party directly.
C. Accept a customer attestation about the end user and process the transaction if the stablecoin payment is replaced with fiat currency.
D. Treat only the wallet alert as a crypto AML issue and allow the trade finance review to continue separately.

Best answer: A

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Combined sanctions evasion often appears as a pattern rather than a single decisive fact. Here, the amended shipping document, vague third-party payment route, shell-like ownership structure, control rights held by a sanctioned individual, and exposure to a mixer and designated virtual asset service provider all point in the same direction. A sanctions specialist should not clear the transaction based only on the absence of an exact name match. The appropriate response is to pause processing and escalate for a coordinated review that links the payment flow, trade documents, ownership and control evidence, and blockchain intelligence. The investigation can then determine whether the transaction must be rejected, blocked or frozen, reported, or otherwise handled under the applicable sanctions rules.

A lack of a direct name match does not resolve ownership, control, routing, end-use, or virtual asset red flags.
A customer attestation and a switch from stablecoin to fiat do not cure the trade-document and control concerns.
Treating the wallet alert in isolation misses the broader sanctions evasion pattern across the transaction.

The facts show connected red flags across payment routing, trade documentation, control rights, and virtual assets, requiring a coordinated sanctions investigation before processing.

Question 14

Topic: Building a Sanctions Compliance Program

A sanctions compliance manager is reviewing exposure in an instant cross-border payment product offered to fintech clients. The product team provides this summary:

Fintech clients can submit high-volume, low-value cross-border payments through an API for same-day settlement.
The bank has no direct relationship with the fintech clients’ underlying end users.
Payment messages sometimes contain abbreviated beneficiary names and incomplete address fields.
Current sanctions controls screen the fintech client at onboarding and annually, with weekly post-settlement sampling of payment activity.
A test file identified a beneficiary name matching a sanctioned-party alias, but the payment would have settled before the weekly review.

What control response does the exhibit support?

A. Continue annual screening of fintech clients and require them to certify that their end users are not sanctioned parties.
B. Approve the product only for low-value payments because smaller payments present minimal sanctions exposure.
C. Implement pre-settlement payment screening and interdiction using complete originator and beneficiary data, with holds and escalation before release.
D. Replace payment screening with post-settlement AML transaction monitoring tuned for unusual payment patterns.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Financial services and products create sanctions exposure through how value moves, who can access the service, and when the institution can stop a prohibited transaction. Here, the bank is enabling same-day cross-border payments for end users it does not directly know, and the current control occurs after settlement. A weekly review may detect a problem, but it does not prevent the bank from processing a prohibited payment. The incomplete payment data also weakens matching quality. The appropriate response is to require complete payment information, screen relevant parties before settlement, interdict potential matches, and escalate unresolved alerts before funds are released. Client certifications and onboarding screening can support the program, but they cannot replace transaction-level controls for a real-time payment product.

Annual client screening addresses customer risk but does not control sanctioned beneficiaries appearing in live payment messages.
Post-settlement AML monitoring may identify suspicious patterns, but it is not a substitute for sanctions interdiction before release.
Low value does not eliminate sanctions risk; sanctions prohibitions can apply regardless of payment amount.

The exposure is real-time payment activity with incomplete data and delayed review, so the control must screen transactions before settlement and prevent release of potential matches.

Question 15

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions investigations manager reviews a case file involving a corporate customer that sent a payment for high-value machinery through a newly added intermediary in a high-risk jurisdiction. The file contains a payment message, a screening alert, and a company registry extract showing that a listed person owns 30% of the intermediary. The analyst’s case note says: “The listed person probably controls the intermediary through relatives, so the payment is prohibited. Relationship management says the customer is important, so no report is needed. Approved for closure.” No separate approval record or legal analysis is attached.

What is the best recommendation?

A. Revise the file to separate verified evidence, assumptions needing support, sanctions analysis, the final decision, and named approvals before closure or reporting.
B. Keep the note as written because a single narrative is more efficient and preserves all relevant information in one place.
C. Close the case because the registry extract shows less than majority ownership by the listed person.
D. Freeze the payment immediately because any ownership by a listed person makes the intermediary sanctioned.

Best answer: A

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Sanctions investigation records should distinguish what is known from what is inferred and who approved the outcome. Verified facts include the payment message, screening alert, ownership record, and customer details. Assumptions, such as possible control through relatives, may be legitimate hypotheses but require corroboration and analysis. The sanctions analysis should apply the relevant authority, ownership/control rules, licenses, exemptions, and reporting obligations to the facts. Decisions, such as freezing, rejecting, reporting, or closing, should be separately documented with accountable approval. This structure supports quality review, legal escalation, auditability, and regulator-facing defensibility. It also reduces the risk that commercial considerations or untested assumptions drive the sanctions outcome.

Treating 30% ownership as automatically dispositive ignores the need to analyze control, aggregation, and the applicable sanctions authority.
Freezing immediately based only on an unsupported control theory may be premature without documented analysis and approval.
A single mixed narrative can obscure evidence, assumptions, reasoning, and authorization, weakening the investigation record.

Separating these elements creates a defensible investigation record and prevents unsupported assumptions or business pressure from being treated as approved sanctions conclusions.

Question 16

Topic: Building a Sanctions Compliance Program

An international bank is onboarding Meridian Components Ltd. The AML onboarding workflow collects natural-person beneficial owners only at 25% or more. A sanctions analyst obtains additional ownership information:

24% is owned by Eastline SPV, wholly owned by Person A, who is listed under a sanctions regime applicable to the bank.
24% is owned by Northbay SPV, wholly owned by Person B, who is listed under the same regime.
3% is owned by Crest Nominees for Person C, who is also listed; Person C has veto rights over major financing and supplier changes.
49% is widely held.

The bank’s sanctions standard requires escalation where applicable guidance treats entities as restricted based on direct or indirect 50% ownership, aggregated listed-party ownership, or control rights. Which response best fits these facts?

A. Obtain a customer attestation that the SPVs are independent, then open the account with monitoring.
B. Pause onboarding and escalate for sanctions/legal review of indirect aggregated ownership and control rights.
C. Proceed if AML due diligence shows no natural-person owner at or above the 25% collection threshold.
D. Clear Meridian because no listed person individually owns 50% or more.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions ownership and control analysis is not the same as AML beneficial ownership collection. AML procedures may use a threshold for collecting natural-person owners, but sanctions review must look through entities, nominees, indirect holdings, aggregated listed-party interests, and control rights. Here, no listed person individually owns 50%, and each listed interest is below the AML 25% collection threshold. However, the listed persons together account for 51% of Meridian, and Person C also has veto rights over important business decisions. Because different sanctions regimes may apply ownership and control guidance differently, the safe operational response is to pause onboarding and obtain sanctions/legal review before opening the account or processing activity.

The 25% AML collection threshold is not a sanctions safe harbor.
A single-person 50% test misses aggregated listed-party ownership.
Customer attestations can support due diligence but do not replace look-through ownership and control analysis.

The listed persons’ indirect interests aggregate to 51%, and Person C’s veto rights create a control issue requiring escalation before activity.

Question 17

Topic: Detecting and Investigating Sanctions Evasion Techniques

A virtual asset service provider is reviewing a pending customer withdrawal before broadcast to the blockchain. What control or escalation response does the exhibit support?

Customer request: Withdraw 18 ETH to a new external wallet.
Blockchain alert: The destination wallet received funds yesterday from a wallet identified on a current sanctions list.
Additional pattern: The funds moved through a high-risk mixer before reaching the destination wallet.
Customer explanation: “Payment for advisory services,” with no contract, invoice wallet address, or end-user details.
Internal standard: Pending transfers involving listed wallets, sanctioned services, or apparent evasion patterns must be held and escalated to sanctions compliance for documented review before release.
A. Release the transfer after obtaining a customer certification that the recipient is not sanctioned.
B. Lower the screening threshold for future virtual asset alerts but allow this withdrawal because the customer is not listed.
C. Process the transfer and add the customer to ordinary AML transaction monitoring for future review.
D. Hold the pending transfer, preserve the alert evidence, and escalate to sanctions compliance before any release decision.

Best answer: D

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Virtual asset sanctions controls should act before a transaction is broadcast when the activity is still within the provider’s control. The exhibit shows several sanctions-risk indicators: exposure to a listed wallet, use of a high-risk mixer, a new external wallet, and an unsupported commercial explanation. The internal standard also gives a clear control requirement: hold pending transfers involving listed wallets, sanctioned services, or evasion patterns and escalate for documented sanctions review before release. A customer certification may support due diligence, but it cannot replace sanctions screening and investigation when blockchain evidence indicates possible sanctions exposure.

A customer certification alone is weak support when blockchain analytics show listed-wallet exposure and mixer activity.
Ordinary AML monitoring is not enough because the risk is a current sanctions concern involving a pending transaction.
Tuning future thresholds does not address the immediate controllable withdrawal or the required escalation.
Focusing only on whether the customer is listed ignores destination-wallet exposure and evasion indicators.

The transfer is still controllable and the exhibit shows listed-wallet exposure, mixer use, and insufficient customer support requiring sanctions escalation.

Question 18

Topic: Building a Sanctions Compliance Program

A global financial institution is updating its sanctions risk assessment after combining several business lines into one platform. The platform will clear cross-border payments for foreign respondent banks, issue and confirm letters of credit for commodity shipments, provide custody and corporate-actions processing for international securities funds, finance receivables, and arrange trade credit insurance for exporters. A pilot review found no direct customer name matches against the institution’s sanctions lists, and the business sponsor proposes rating the platform low risk on that basis. What is the best recommendation?

A. Rate the platform low risk because sanctions exposure exists only when a direct customer is listed.
B. Rely on respondent-bank and exporter certifications unless a transaction produces an exact sanctions-list match.
C. Focus the assessment on letters of credit because payment clearing, custody, insurance, and lending are not sanctions-sensitive once onboarding screening is complete.
D. Assess each product channel for sanctions exposure from counterparties, intermediaries, jurisdictions, goods, vessels, securities, ownership/control, and licensed activity before assigning the rating.

Best answer: D

What this tests: Building a Sanctions Compliance Program

Explanation: Financial services create sanctions exposure through parties, property, activity, and jurisdictions connected to the service. Cross-border payments and correspondent banking may involve respondent banks, nested relationships, originators, beneficiaries, routing banks, and sanctioned jurisdictions. Trade finance may expose the institution to restricted goods, end users, vessels, ports, and document inconsistencies. Securities services may involve blocked issuers, sanctioned owners, prohibited debt or equity, corporate actions, or distributions. Lending and insurance may support restricted projects, vessels, exporters, or collateral. A sanctions risk assessment should therefore look beyond customer onboarding and direct list matches, using risk-based controls such as payment screening, trade due diligence, ownership/control analysis, license review, escalation, and recordkeeping.

Direct-customer screening alone misses exposure created by noncustomer parties, property interests, and restricted activity in the service chain.
Limiting review to trade finance ignores sanctions-sensitive payment clearing, securities custody, lending, and insurance activity.
Certifications can support due diligence, but they do not replace screening, transaction review, ownership/control analysis, and escalation where risk indicators appear.

Sanctions risk can arise from the full transaction and service chain, not only from direct customer list matches.

Question 19

Topic: Sanctions Frameworks and Governance

A sanctions compliance team reviews this proposed contract language for a new foreign distributor:

The distributor represents that it is not sanctioned and is not owned or controlled by a sanctioned party.
The distributor must not resell goods to sanctioned parties, prohibited end users, or restricted jurisdictions.
The distributor must promptly notify the company of ownership changes or sanctions-related inquiries.
The company may request supporting records and may suspend shipments or terminate the agreement if a sanctions concern cannot be cleared.

What does this language best support in the sanctions controls framework?

A. Automatic authorization to proceed with transactions once the distributor signs the contract.
B. Transfer of all sanctions compliance responsibility from the company to the distributor.
C. A substitute for government licenses, exemptions, or other formal sanctions authorizations.
D. Contractual commitments, information rights, and exit rights that support due diligence, monitoring, and escalation.

Best answer: D

What this tests: Sanctions Frameworks and Governance

Explanation: Sanctions-related contract clauses are part of a broader controls framework. They are used to obtain representations, impose ongoing sanctions obligations, require notice of relevant changes, preserve access to records, and give the company remedies such as suspension or termination. These clauses help allocate responsibilities and create enforceable control points in a commercial relationship. They do not by themselves authorize prohibited activity, eliminate the company’s compliance duties, or replace risk-based screening, ownership and control analysis, trade due diligence, escalation, or licensing review. A well-designed clause supports evidence gathering and control execution when a sanctions risk arises.

Treating signature as automatic authorization fails because contractual consent does not override sanctions laws or list changes.
Shifting all responsibility to the distributor fails because the company still needs its own sanctions controls and documented decisions.
Substituting the clause for a license or exemption fails because only the relevant authority can create scoped legal permission for otherwise prohibited activity.

The clause helps embed sanctions compliance obligations into the business relationship without replacing screening, ownership analysis, or legal review.

Question 20

Topic: Detecting and Investigating Sanctions Evasion Techniques

A global bank is reviewing a $450,000 trade payment for a long-standing manufacturing customer. The bank’s applicable sanctions program prohibits support for exports to Country R unless a valid license applies. No license is on file.

Review notes:

The customer says the goods are industrial pumps for a new distributor in a free-zone warehouse.
The shipment was split into three invoices of $150,000 each.
The distributor was incorporated six months ago and has no public operating history.
A draft packing list obtained from the freight forwarder named a Country R company as final consignee; the revised documents remove that consignee and show only the free-zone warehouse.
Automated screening produced no exact listed-party match.

Which fact is the most material indicator of sanctions evasion requiring escalation before processing?

A. The distributor was recently incorporated and has no public operating history.
B. The trade documents were revised to remove the Country R final consignee and show only the free-zone warehouse.
C. The automated screening system produced no exact listed-party match.
D. The shipment was divided into three invoices of equal value.

Best answer: B

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: When several concerns appear, the most material sanctions evasion indicator is the fact that most directly connects the activity to a prohibited destination, party, or restriction. Here, the draft packing list identified a Country R final consignee, and the revised documents removed that reference while showing a free-zone warehouse. That pattern suggests concealment of the true end user or destination, especially because the applicable sanctions program prohibits support for exports to Country R and no license is on file. Splitting invoices and using a new distributor can support concern, but they are less decisive without the document trail showing a sanctioned-country nexus. A clean automated screen does not resolve the issue because evasion often involves intermediaries, incomplete data, or altered documentation rather than an exact listed-party match.

Invoice splitting may suggest structuring, but it is not as directly tied to the prohibited Country R destination.
A newly incorporated distributor with no public operating history increases due diligence concern, but it does not by itself establish a sanctions-evasion pattern.
A no-match screening result does not clear a transaction when trade documents indicate possible concealment of a sanctioned destination.

The document change directly indicates possible concealment of a prohibited final destination under the applicable sanctions program.

Question 21

Topic: Sanctions Frameworks and Governance

A sanctions specialist is preparing a governance memo for a global bank. What compliance conclusion does the following note support?

Global guidance: A multilateral standards body recommends risk-based sanctions controls and screening of customers, counterparties, and beneficial owners.
National measure: The bank’s home jurisdiction has designated Arda Minerals; firms subject to that jurisdiction must freeze assets and not make funds or economic resources available to it.
Blocking rule: The paying branch’s local law restricts compliance with specified foreign sanctions against Country Z unless legal authorization is obtained.
Institutional policy: The bank’s policy declines business involving Country Z state-owned mining entities, but requires legal review when a blocking rule may apply.
A. The bank should apply the strictest restriction automatically because blocking rules do not affect internal sanctions decisions.
B. The bank should ignore its institutional policy whenever no sanctions list match is confirmed.
C. The bank must analyze each source separately because guidance, binding law, blocking rules, and internal policy can create different duties and conflicts.
D. The bank can rely on global guidance alone because it overrides national measures and branch-level blocking rules.

Best answer: C

What this tests: Sanctions Frameworks and Governance

Explanation: Sanctions specialists need to classify the source of a restriction before applying it. Global guidance can shape expectations for a risk-based program, but it usually does not by itself identify the legal action required for a specific transaction. National measures create binding obligations for persons within their scope, such as freezing or prohibiting funds. Blocking rules can create a competing local restriction on complying with certain foreign sanctions, so they require legal and governance escalation rather than automatic rejection. Institutional policy may be more conservative than law, but it operates within the legal framework and should specify approvals, documentation, and conflict handling. The note therefore supports source-by-source analysis before deciding whether to screen, freeze, reject, decline, or escalate.

Treating global guidance as overriding law confuses program expectations with binding national obligations.
Ignoring institutional policy after no list match misses risk appetite controls that may be stricter than legal minimums.
Applying the strictest restriction automatically overlooks blocking rules and possible conflicts needing legal review.

The note shows that each source has a different legal effect, so the bank needs source-by-source analysis before deciding whether to freeze, reject, decline, or escalate.

Question 22

Topic: Detecting and Investigating Sanctions Evasion Techniques

A bank is reviewing a trade finance request for a long-standing electronics exporter. The invoice describes the goods as “industrial spare parts,” but the packing list identifies programmable controllers that the bank’s sanctions policy treats as higher-risk dual-use items. The stated buyer is a newly formed trading company in a free trade zone bordering a sanctioned country. The shipment route goes through that free trade zone, the end-user certificate is blank, and the payment is being made by an unrelated company. Name screening produces no exact sanctions-list match.

Which trade due diligence concern is most relevant?

A. A standard documentation mismatch that can be resolved by obtaining a corrected commercial invoice only
B. Low sanctions risk because the buyer, payer, and exporter produced no exact sanctions-list matches
C. A routine payment operations issue because the payer is unrelated to the buyer named on the invoice
D. Possible concealment of restricted end use or end user through vague goods descriptions, missing end-user information, and third-country transshipment

Best answer: D

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Trade due diligence should look beyond exact name screening when the facts suggest possible diversion. Higher-risk dual-use goods, vague or inconsistent descriptions, a newly formed intermediary in a transshipment hub near a sanctioned country, a blank end-user certificate, and third-party payment are red flags for concealed end use or concealed end user. The correct response is to treat the concern as a potential sanctions evasion pattern requiring enhanced trade review, end-user verification, and escalation under the sanctions compliance program. A clean exact-match screening result does not resolve risks created by trade documents, routing, goods type, and payment structure.

Treating the unrelated payer as only a payment operations issue ignores its relevance to trade-based sanctions evasion.
Relying on no exact list match is insufficient when the transaction has diversion and end-use red flags.
Correcting the invoice alone would not address the blank end-user certificate, high-risk goods, routing, and third-party payer.

The combined trade-document gaps, dual-use goods, intermediary location, and routing pattern point to possible diversion to a prohibited end user or end use.

Question 23

Topic: Building a Sanctions Compliance Program

A payment screening analyst is reviewing an alert before releasing an outbound payment. What escalation action does the exhibit support?

Payment status: Pending; funds have not been released.
Beneficiary in payment: Al Noor Trading FZE, Dubai, registration number FZE-88421.
Screening hit: AL NUR TRADING FZE, active sanctions list entry for procurement support.
Listed aliases: Al Noor Trading FZE; listed registration number FZE-88421.
Internal procedure: An active list hit with an alias or name match plus a matching registration number must be escalated as a probable true match; payment remains on hold pending sanctions investigations/legal review.
A. Release the payment after obtaining a customer attestation that the beneficiary is not sanctioned.
B. Process the payment and add the beneficiary to enhanced monitoring for future activity.
C. Keep the payment on hold and escalate it as a probable true match to sanctions investigations/legal review.
D. Clear the alert as a false positive because the primary listed name is spelled differently from the payment name.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions payment alert should be escalated when the match facts meet the organization’s true-match criteria, especially before funds are released. Here, the spelling difference in the primary listed name is not enough to clear the alert because the sanctions entry includes the exact beneficiary name as an alias and the registration number is identical. The exhibit also states that internal procedure requires escalation and a payment hold when an active list hit has an alias or name match plus a matching registration number. Customer attestations and future monitoring may support broader due diligence, but they do not override a probable sanctions match or allow release before specialist review.

Treating the hit as a spelling-only difference ignores the exact alias and matching registration number.
A customer attestation is not a substitute for sanctions investigations/legal review when true-match criteria are met.
Future monitoring does not address the immediate obligation to hold and escalate the pending payment.

The active list entry, alias match, and identical registration number meet the stated procedure for probable true-match escalation before release.

Question 24

Topic: Detecting and Investigating Sanctions Evasion Techniques

A global bank has interdicted a customer’s outbound payment and opened a sanctions investigation. Review the case note:

Payment purpose: marine equipment shipment, $2.4 million.
Invoice omits the end user and requests “urgent processing without additional bank questions.”
Shipping records list a vessel that was renamed two weeks after being linked in public advisories to a sanctioned shipping network.
The customer emailed the relationship manager: “If compliance asks, do not mention the final consignee until we speak.”
The relationship manager asks whether to tell the customer that the payment is stopped for sanctions review and request a revised invoice.

What escalation path is best supported by the case note?

A. Notify the vessel owner or beneficiary that the funds are held because of a possible sanctions match.
B. Escalate to sanctions investigations and legal before any substantive customer contact, maintain the hold, and use only approved neutral wording if a response is required.
C. Release the payment if the customer certifies that no sanctioned party is involved, then review the documents later.
D. Have the relationship manager disclose the sanctions concern to the customer and request a corrected invoice and written explanation.

Best answer: B

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: The note contains multiple sensitivity indicators: an interdicted payment, possible sanctions-network links, missing end-user information, urgency, and a customer request that could suggest concealment. In that setting, uncontrolled communication can compromise the investigation, allow document tailoring, or notify a potential target. The safest escalation path is to involve sanctions investigations and legal or another designated escalation authority before any substantive external contact. If the business must respond to customer pressure, the response should use pre-approved neutral wording, such as an operational review is pending, without identifying a sanctions alert, list match, investigation theory, or potential reporting action.

Disclosing the sanctions concern to the customer could tip off the customer and invite altered documents.
A customer certification may support due diligence, but it does not replace sanctions investigation when evasion indicators are present.
Direct notice to the vessel owner or beneficiary could alert a potential target and should occur only under approved legal or regulatory direction.
Maintaining the hold while escalating preserves control over both the funds and the communication risk.

This path controls tipping-off risk by routing the matter to specialists and limiting external communication to non-revealing, approved wording.

Question 25

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions specialist at a multinational bank reviews a stopped outbound wire transfer. The funds are in the bank’s suspense account and have not been credited, returned, or released.

The beneficiary is Orion Trade Ltd., which is not itself named on a sanctions list.
Current corporate registry records show a listed individual owns 60% of Orion through two holding companies.
Identifier review confirms the listed individual, and no license, exemption, or permitted activity applies.
Bank procedure states that unresolved potential matches go to internal sanctions escalation, while confirmed property of a listed person or a 50%-or-more-owned entity must be frozen and reported to the sanctions regulator. Law-enforcement contact requires legal approval and separate criminal-evasion indicators.

Which action best fits these facts?

A. Maintain the freeze on the suspended funds and submit a frozen-asset report through the approved sanctions reporting process.
B. Close the alert as a false positive because Orion Trade Ltd. is not directly named on the sanctions list.
C. Keep the funds pending and request more ownership information from the customer before any reporting action.
D. Contact law enforcement immediately and notify the customer that the payment was stopped for sanctions reasons.

Best answer: A

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: A confirmed ownership/control hit involving property held by the institution requires more than ordinary internal escalation. The facts show the beneficiary is 60% owned by a listed individual, the match has been confirmed, the funds are under the bank’s control, and no license or exemption applies. Under the stated procedure, the bank should maintain the freeze and report the frozen asset to the sanctions regulator. Additional customer due diligence may support records, but it does not replace required asset handling and reporting once the ownership link is confirmed. Law-enforcement coordination may be appropriate in some evasion cases, but here the procedure requires legal approval and separate criminal-evasion indicators before that step.

Direct listing is not required under the stated 50%-or-more ownership rule.
More ownership collection is for unresolved cases, not a confirmed ownership match with property already held.
Immediate law-enforcement contact and customer notification conflict with the stated approval process and may create confidentiality or tipping-off concerns.

The bank holds confirmed property of an entity 60% owned by a listed person, so the stated procedure requires freezing and sanctions regulator asset reporting.

Questions 26-50

Question 26

Topic: Sanctions Frameworks and Governance

A global bank is updating its sanctions governance log after several developments affecting a high-risk trade-finance customer. Which development should be classified as sanctions creation rather than implementation, enforcement, licensing, or compliance monitoring?

A. A competent authority grants a time-limited authorization for a specific payment otherwise prohibited by the measure.
B. A regional authority adopts a new autonomous restrictive measure prohibiting financing for specified maritime services.
C. A regulator imposes a penalty on a bank that processed prohibited maritime financing after the measure took effect.
D. A national competent authority issues guidance explaining how firms should screen for the new maritime restriction.

Best answer: B

What this tests: Sanctions Frameworks and Governance

Explanation: Sanctions creation occurs when a competent political or legal authority establishes or changes the sanctions measure itself, such as adopting a new prohibition, listing regime, sectoral restriction, asset-freeze requirement, or embargo. Implementation turns that measure into operational rules, guidance, list updates, or domestic procedures. Enforcement addresses suspected or confirmed violations through investigations, penalties, or other supervisory action. Licensing permits specific activity that would otherwise be restricted, subject to conditions. Compliance monitoring checks whether an institution’s controls continue to operate effectively. Here, the adoption of the new autonomous restrictive measure is the act that creates the substantive sanctions restriction.

Guidance on screening explains how to operationalize the restriction; it does not create the restriction.
A penalty for prohibited financing is enforcement after a breach or alleged breach.
A time-limited authorization is licensing because it permits specific otherwise prohibited activity.

Adopting a new restrictive measure establishes the sanctions obligation and is therefore sanctions creation.

Question 27

Topic: Building a Sanctions Compliance Program

A regional bank is updating its sanctions program after launching trade finance and cross-border payment services. The board has approved a high-level sanctions policy stating that the bank will comply with applicable sanctions, but internal audit found inconsistent procedures across business lines and informal escalation practices for potential matches. Which documentation approach is the best recommendation?

A. Limit documentation to the board policy, current sanctions lists, and a requirement that staff contact legal when uncertain.
B. Maintain integrated program documentation covering governance responsibilities, sanctions risk assessment, customer and trade due diligence, screening controls, escalation paths, and ongoing monitoring.
C. Rely on the screening vendor’s user guide for matching rules, alert handling, list updates, and investigator decision standards.
D. Document onboarding due diligence only, because screening and escalation decisions can be handled case by case by experienced investigators.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions compliance documentation should translate the high-level policy into operating expectations that are consistent across business lines. For a bank adding trade finance and cross-border payments, documentation should identify who owns sanctions governance, how risks are assessed, what due diligence is required, how customer, payment, and trade screening are performed, when issues must be escalated, and how controls are monitored. A board policy alone is not enough because staff need documented procedures and decision standards. Vendor materials may support the process, but they do not replace institution-specific controls, responsibilities, escalation criteria, and monitoring requirements.

A board policy and sanctions lists are necessary, but they do not provide enough detail for consistent control operation.
Vendor guides explain tool functionality, not the bank’s full sanctions governance, risk methodology, or escalation standards.
Onboarding due diligence is only one control area; screening, escalation, and monitoring also need documented procedures.

Effective sanctions program documentation should describe the key control framework from governance and risk assessment through due diligence, screening, escalation, and monitoring.

Question 28

Topic: Building a Sanctions Compliance Program

During onboarding, a manufacturer screens a proposed freight forwarder. The screening tool returns a potential sanctions match:

Proposed third party: Northern Star Shipping FZE, United Arab Emirates; the file contains no incorporation number, full address, or ownership details.
List record: North Star Shipping LLC, listed for sanctions evasion; aliases include N. Star Shipping; country is United Arab Emirates; the record includes a registration number and Jebel Ali address.

The business asks to proceed because the legal names are not identical. Which review step best fits these facts?

A. Clear the alert because the proposed third party’s exact legal name does not match the listed party’s name.
B. Lower the fuzzy-matching threshold to reduce future alert volume from similar shipping-company names.
C. Hold onboarding and obtain reliable identifiers and ownership/control information to compare with the list record before dispositioning the alert.
D. Ask the proposed third party to confirm in writing that it is not the sanctioned party and then proceed with onboarding.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: A potential customer or third-party sanctions name match should be reviewed using reliable identifiers, not just exact name comparison. Close names, aliases, transliteration differences, shared countries, and similar business activities can make a match plausible. When the onboarding file lacks key information such as registration number, address, date of incorporation, directors, or ownership/control details, the alert cannot be responsibly cleared. The relationship should remain on hold while the reviewer obtains and compares sufficient data to determine whether the proposed party is the listed party, owned or controlled by a listed party, or a false positive. If the comparison still suggests a potential true match, escalation under the sanctions compliance process is appropriate.

Clearing because the names are not identical ignores aliases, spelling variation, and transliteration risk.
Changing screening thresholds addresses system tuning, not the immediate disposition of a specific potential match.
A self-certification may support due diligence, but it cannot replace independent identifier comparison and sanctions review.

The available data is insufficient to clear a close name match, so the next step is to gather and compare reliable identifiers before deciding whether to escalate or clear.

Question 29

Topic: Building a Sanctions Compliance Program

A bank’s payment filter reviewed only the originator and beneficiary name fields for an incoming MT103. The sanctions procedure requires escalation before release when any payment message field identifies a listed financial institution or a restricted final destination.

:50K:/784455
Aster Trading LLC
Dubai AE
:56D:VOLGA BANK
MOSCOW RU
:59:/221900
Baltic Medical OU
Tallinn EE
:70:/INV 904 MEDICAL EQUIPMENT
FINAL DESTINATION: SEVASTOPOL
:72:/ACC/URGENT SAME DAY VALUE

Current sanctions data includes Volga Bank, and the procedure treats Sevastopol as a restricted final destination. What should the analyst do next?

A. Keep the payment from release and escalate using the :56D: intermediary institution and :70: final-destination information.
B. Ignore :56D: because intermediary institutions are routing data rather than sanctions-relevant parties.
C. Treat :70: as an invoice narrative field that should be reviewed only after settlement.
D. Release the payment because the :50K: originator and :59: beneficiary fields did not produce a sanctions match.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Payment sanctions review is not limited to the originator and beneficiary fields. SWIFT payment messages can contain sanctions-relevant information in party fields, routing fields, and free-text fields. Intermediary or account-with institution fields may identify a listed bank, while remittance or sender-to-receiver information may reveal a restricted destination, goods description, vessel, invoice reference, or other investigation lead. Here, :56D: identifies a listed financial institution, and :70: identifies a restricted final destination. Because the procedure requires escalation when any message field contains that information, the analyst should keep the payment from release, escalate, and document the relevant fields rather than relying only on the screened customer names.

Screening only the originator and beneficiary misses other payment parties and embedded sanctions risk indicators.
Intermediary institution data can be sanctions-relevant when it identifies a listed or restricted financial institution.
Remittance information is not automatically harmless narrative; it may reveal destination, goods, end use, or other investigation triggers.

The intermediary institution and remittance information contain sanctions-relevant data that trigger escalation under the procedure.

Question 30

Topic: Building a Sanctions Compliance Program

A sanctions compliance analyst at a manufacturer is reviewing an export shipment before release. What sanctions compliance action does the exhibit support?

Product: navigation-grade accelerometers; the internal classification record marks them dual-use and states “license required for Country R.”
Customer: Orion Agro LLC in Country N; no sanctions list match; described as an agricultural equipment reseller.
End-user statement: equipment will be installed at Vostok Defense Research Institute in Country R for “UAV navigation testing.”
Shipping papers: commercial invoice lists Orion Agro as consignee and leaves the ultimate end user blank; freight instruction asks the forwarder to deliver onward to Country R.
License note on file: License L-104 covers agricultural sensors shipped to Orion Agro in Country N only; it excludes re-export to Country R and military end uses.
A. Hold the shipment and escalate for sanctions/export-control license review before release.
B. Release the shipment because the named customer is unsanctioned and located in Country N.
C. Treat the order as a false-positive screening alert and close without further review.
D. Request a corrected invoice naming the defense institute, then release under License L-104.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Trade due diligence does not stop at screening the direct customer. The review must consider the goods classification, destination, end user, end use, routing, and license scope. Here, the product is identified as dual-use and requires a license for Country R. The end-user statement and forwarding instruction point to onward delivery to a defense research institute for UAV navigation testing. The existing license is limited to agricultural sensors shipped to Orion Agro in Country N and expressly excludes re-export to Country R and military end uses. Those facts support a shipment hold and escalation for sanctions and export-control review before any release decision.

Clear screening on Orion Agro does not resolve end-user, end-use, destination, or re-export risk.
Updating the invoice may improve documentation, but it cannot expand a license that excludes Country R and military end uses.
Closing as a false positive ignores trade-document evidence that the proposed shipment falls outside the existing license.
A shipment hold preserves control while legal, licensing, and sanctions specialists assess whether the transaction is prohibited or licensable.

The documents show dual-use goods, a restricted destination, a military end use, and license conditions that do not cover the proposed transaction.

Question 31

Topic: Building a Sanctions Compliance Program

A bank’s sanctions team is reviewing a payment-screening alert before releasing an outgoing payment. The team uses the following triage standard: a potential match is unsupported when only the name is similar and available identifiers conflict; unresolved when key identifiers are missing or mixed; and likely true when the name match is supported by corroborating identifiers.

Alert evidence:

Sanctions list record: Orel Logistics Limited, address Unit 5, East Port Industrial Zone, Novara, associated vessel MV Nina.
Payment beneficiary: Orel Logistics Ltd., address Unit 5, East Port Ind. Zone, Novara.
Invoice description: port service payment for MV Nina.
Customer response: the beneficiary is “not the listed company,” but no different registration number or address was provided.

What is the best handling decision?

A. Release the payment after documenting the customer’s statement that the beneficiary is not the listed company.
B. Treat the alert as likely true, maintain the payment hold, and escalate under sanctions procedures for legal, blocking, and reporting handling.
C. Clear the alert as unsupported because the beneficiary’s registration number was not provided.
D. Mark the alert as unresolved and reduce the screening threshold to prevent similar name-only matches.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions alert should be dispositioned based on the full evidence, not on the name alone. Here, the beneficiary’s name is a close legal-name match to the listed party, and two independent identifiers also line up: the address and the vessel connected to the invoice. The absence of a registration number does not overcome those corroborating facts, especially when the customer did not provide an alternative identifier that would distinguish the beneficiary from the sanctioned party. The appropriate response is to keep the transaction from processing and escalate through the organization’s sanctions procedures for legal review, blocking or rejection treatment, and any required reporting. A customer denial may be relevant evidence, but it does not clear a strongly corroborated match by itself.

Missing registration data does not make the match unsupported when address and vessel details corroborate the listed party.
A customer statement is not a substitute for independent sanctions evidence or documented identifiers.
Threshold tuning is a program-control issue, not the right response to a specific alert with corroborating match evidence.

The matched name is supported by the same address and associated vessel, so the evidence is strong enough to treat the alert as likely true rather than unsupported or merely unresolved.

Question 32

Topic: Sanctions Frameworks and Governance

A bank is reviewing a payment for a corporate customer exporting medical equipment to a sanctioned jurisdiction. The customer provides a specific license from the relevant sanctions authority. The license authorizes shipments of listed dialysis machines by the customer to Hospital A and related payments through non-sanctioned banks through 30 September. Today is 4 October. The invoice also includes installation services for Hospital B. The relationship manager says the renewal is expected and the hospital names are probably an administrative error. What is the best operational response?

A. Reject the transaction as a confirmed sanctions violation and close the customer relationship without further review.
B. Place the transaction on hold and escalate for sanctions/legal review to verify a valid renewal or amendment covering the parties, activity, payment route, and dates before processing.
C. Process the payment because healthcare-related activity is generally treated as humanitarian and lower sanctions risk.
D. Process the payment while documenting that the customer expects the license renewal to be approved.

Best answer: B

What this tests: Sanctions Frameworks and Governance

Explanation: Licenses, exemptions, and permitted activities are scoped authorities, not blanket approvals. A sanctions operations team must confirm that the authority is valid at the time of activity and covers the relevant parties, goods or services, payment channels, jurisdictions, conditions, and any reporting or recordkeeping requirements. An expired license, a different counterparty, or added services creates a scope problem that cannot be cured by customer assurances or relationship manager assumptions. The appropriate response is to hold or interdict the transaction and escalate to sanctions/legal or licensing specialists for confirmation, renewal, amendment, or other documented authority before release. Immediate rejection may be appropriate in some cases, but the facts here require review rather than treating the matter as already conclusively determined.

Humanitarian purpose can support eligibility for a license or exemption, but it does not override stated license limits.
Expected renewal is not the same as current authority to process a transaction.
Changing transaction descriptions to fit a license would undermine records and conceal the real activity.
Closing the relationship without review skips the required scope analysis and documentation.

The expired and mismatched license cannot be assumed to cover different dates, parties, or services, so processing must pause until valid authority and scope are confirmed.

Question 33

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions investigator is preparing case documentation for a held trade finance payment. The internal policy prohibits dealings with Orion Industrial Group (OIG), a listed sanctioned party, and with entities owned or controlled by OIG unless a valid license applies.

Investigation notes:

Applicant: Cedar Machinery Ltd., an existing customer with no list match.
Beneficiary: Amber Procurement LLC, not directly listed.
Invoice: industrial pump parts sold to Amber Procurement LLC; delivery instructions list “OIG Mining Project Office” as notify party and “North Ridge Mine” as the final site.
Bill of lading: consignee was changed from “OIG Mining Project Office” to “Amber Procurement LLC” one day after the bank requested end-user details.
Registry extract: Amber Procurement LLC was formed six weeks ago; its sole manager is also OIG’s procurement director, and it uses the same office address and phone number as OIG.
Customer response: “Amber is not sanctioned”; no license or exemption was provided.

What evidence summary is best supported for documenting the sanctions investigation conclusion?

A. The alert is best treated as a false positive because Amber Procurement LLC is not directly named on the sanctions list and the customer stated that Amber is not sanctioned.
B. The file supports a direct breach by Cedar Machinery Ltd. because the applicant is listed and continued the transaction without providing a license.
C. Amber may be acting as an intermediary for a sanctioned end user because the trade documents identify OIG’s project office and site, the consignee changed after diligence, and Amber shares management and contact details with OIG.
D. The matter is primarily an AML onboarding concern because Amber Procurement LLC is newly formed and the goods involve industrial equipment.

Best answer: C

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: A strong sanctions investigation conclusion should tie specific evidence to the sanctions risk being documented. Here, the beneficiary is not directly listed, but multiple facts connect the transaction to OIG: OIG appears in the trade documents as notify party and final site, the consignee was changed after the bank asked for end-user details, and the nonlisted beneficiary shares management and contact information with OIG. Those facts support a concern that Amber may be used to conceal or facilitate dealings with a sanctioned end user or controlled party. The absence of a license or exemption further supports escalation and documentation of the potential breach. The conclusion should avoid unsupported shortcuts, such as treating a nonlisted name alone as a false positive or asserting that the applicant is listed when the file says it is not.

A nonlisted beneficiary does not end the analysis when documents and ownership or control indicators connect it to a sanctioned party.
A newly formed company can be relevant, but the decisive issue is the sanctions connection to OIG, not a generic AML onboarding concern.
Cedar Machinery has no list match in the facts, so documenting a direct applicant-list breach would overstate the evidence.

The cited documents collectively support a sanctions evasion concern involving a nonlisted intermediary connected to a sanctioned party.

Question 34

Topic: Detecting and Investigating Sanctions Evasion Techniques

A global broker-dealer freezes a custody account after a list update identifies the account’s beneficial owner as a designated person. The account holds publicly traded securities issued by a non-sanctioned company. The owner’s lawyer asks the firm to sell the securities immediately to avoid market losses and says a recent regulator notice permits divestment activity. The notice permits non-designated investors to divest securities issued by a newly sanctioned issuer for a limited period; it does not refer to frozen accounts owned or controlled by designated persons. Local rules require frozen assets to be reported to the competent authority. What is the best action?

A. Release the account because the securities were issued by a non-sanctioned company and are not themselves listed.
B. Maintain the freeze, do not sell the securities unless specific authority covers the activity, report the frozen assets, and escalate for licensing review.
C. Permit the sale if the lawyer confirms in writing that the proceeds will not be transferred to the designated owner.
D. Sell the securities and keep the cash frozen because converting the assets does not benefit the designated owner.

Best answer: B

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Permissible activity involving frozen assets depends on the exact scope of the applicable license, exemption, or authorization. A divestment permission may allow certain parties to reduce exposure to restricted securities, but it does not automatically authorize activity in a frozen account owned or controlled by a designated person. Selling frozen securities can be a prohibited dealing even if the proceeds remain blocked, unless the relevant authority specifically permits the transaction and its conditions are met. The firm should preserve the freeze, document the analysis, make any required frozen-asset report, and escalate to legal or sanctions compliance to determine whether a specific license or regulatory authorization is needed.

Holding the sale proceeds frozen does not cure an unauthorized dealing in frozen property.
A lawyer’s assurance or customer instruction cannot replace a valid license, exemption, or competent authority approval.
The issuer being non-sanctioned does not remove restrictions when the account is owned or controlled by a designated person.

The divestment notice does not cover a designated owner’s frozen account, so any sale or transfer requires specific authority while reporting and escalation proceed.

Question 35

Topic: Sanctions Frameworks and Governance

A global financial institution operates branches in several countries. The sanctions officer reviews the following note after a new restrictive measure is announced:

A multilateral body announced an arms embargo against Country Z, but member states must implement it through domestic law.
Jurisdiction A has already enacted asset-freezing and screening obligations tied to the measure.
Jurisdiction B has enacted only an import/export restriction on covered military goods.
The institution’s current global policy says all multilateral sanctions announcements are treated as immediate blocking requirements across all branches.
No specific customer alert, payment, license request, or shipment is pending.

What does the exhibit most directly support?

A. A payment processing decision to release payments involving Country Z unless they involve military goods.
B. A governance decision to align the global sanctions policy, escalation roles, and jurisdiction-specific controls with the implemented measures.
C. A trade due diligence decision to classify all Country Z-related shipments before allowing any business activity.
D. An alert review decision to clear potential matches in Jurisdiction B because no asset-freezing rule has been enacted there.

Best answer: B

What this tests: Sanctions Frameworks and Governance

Explanation: Governance decisions address how an institution interprets and implements sanctions frameworks across its enterprise, including policy standards, authority, escalation, and jurisdiction-specific control requirements. The exhibit describes different domestic implementations of the same multilateral measure and an existing policy that may overstate or misalign the required treatment across branches. Because there is no named party alert, payment instruction, license request, or shipment file, the supported action is not alert disposition, payment release, license administration, or trade document review. The practical need is to update or clarify governance so the institution applies the correct controls in each jurisdiction while maintaining a defensible global standard.

Clearing alerts is not supported because no screened party, potential match, or alert evidence is presented.
Releasing payments is not supported because there is no payment message, counterparty, purpose, or applicable payment restriction analysis.
Classifying shipments may be relevant in trade controls, but the exhibit presents no shipment, goods description, end user, or trade document.

The facts show a framework alignment issue across jurisdictions, not an operational decision on a specific alert, payment, license, or shipment.

Question 36

Topic: Sanctions Frameworks and Governance

A manufacturer is approving a new freight forwarder for an urgent shipment. The contract-control file shows:

The contract requires the forwarder to comply with applicable sanctions and to notify the manufacturer of sanctioned-party involvement.
The forwarder signed a certificate stating that it has no sanctioned owners, agents, or routing points.
Screening found no match on the forwarder’s legal name.
An unresolved alert remains on the forwarder’s managing director, with the same date of birth as a listed person but a different spelling.
The proposed route includes a transshipment point in a restricted jurisdiction, and no license or exemption review is documented.

What conclusion is best supported by these facts?

A. The manufacturer should add a stronger indemnity clause after shipment and address the alert during the next periodic review.
B. The contract clause and certificate support the file but do not replace resolving the alert, reviewing the route, and escalating before release.
C. The shipment may be released because the forwarder’s legal name produced no sanctions screening match.
D. The shipment may be released because the forwarder certified that it has no sanctioned-party involvement.

Best answer: B

What this tests: Sanctions Frameworks and Governance

Explanation: Contract clauses, sanctions certifications, and indemnities are useful governance controls, but they do not perform the core compliance work. They can allocate obligations, require notice, and support enforcement if the counterparty breaches its commitments. They do not resolve a live screening alert, verify ownership or management risk, determine whether a route is permitted, or document whether a license or exemption applies. Here, the file contains two unresolved risk indicators: a potential match involving a key individual and a transshipment point in a restricted jurisdiction. Releasing the shipment based only on the contract language would leave the manufacturer without evidence that the sanctions risk was assessed and controlled. The appropriate conclusion is to pause release, resolve or escalate the alert, review the route and any license or exemption basis, and document the decision.

A clean match on the forwarder’s legal name is incomplete when a key individual has an unresolved alert.
A counterparty certificate is not a substitute for independent screening, route review, and escalation.
Adding indemnity later does not cure an unresolved sanctions risk before shipment release.
Periodic review is not enough when current transaction facts create an immediate sanctions concern.

The signed clause is only a supporting control; the unresolved individual alert and restricted routing point require sanctions review and escalation before shipment release.

Question 37

Topic: Building a Sanctions Compliance Program

A regional bank’s sanctions quality review found that several customers were not generating expected screening alerts until staff manually searched alternate spellings. The customer system contains legal names, trading names, non-Latin script names, passport names, dates of birth, addresses, and beneficial owner names, but the sanctions screening file sent each night includes only the primary legal name and customer number. List feeds are current, and recent tuning tests show the matching threshold performs as approved when complete identifiers are provided. Which remediation should the sanctions compliance officer recommend?

A. Require relationship managers to obtain annual customer attestations that no sanctioned parties are involved.
B. Remediate the screening data feed so all relevant identifiers, aliases, transliterations, and ownership parties are mapped, validated, and re-screened for affected records.
C. Increase sanctions list-feed refreshes from daily to hourly for all screening systems.
D. Lower the screening threshold across all customer and payment screening to capture more fuzzy matches.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions screening is only as reliable as the data supplied to the screening engine. Here, the list feed and matching threshold are not the primary weakness. The failure occurs because important identifiers already available in the bank’s records, such as aliases, transliterations, dates of birth, addresses, and beneficial owner names, are not included in the nightly screening file. The best remediation is to fix the data mapping and validation process, then re-screen the affected population to identify any missed matches. This improves both data integrity and program effectiveness because the screening control can evaluate the complete risk-relevant information. Tuning or list refresh changes may be useful in other circumstances, but they do not solve missing source data.

Lowering thresholds may increase false positives, but it does not correct missing aliases or ownership data.
More frequent list refreshes do not address the fact that the screening engine is receiving incomplete customer identifiers.
Customer attestations can support due diligence, but they do not replace complete screening data, mapping controls, and re-screening.

The root weakness is incomplete and unmapped source data, so data remediation and re-screening directly improve screening integrity and effectiveness.

Question 38

Topic: Detecting and Investigating Sanctions Evasion Techniques

A bank is reviewing a trade finance request for the export of specialized pressure-control valves. The goods are not prohibited for ordinary industrial use, but the bank’s sanctions procedures require escalation when documents suggest possible diversion to a sanctioned end user or restricted sector.

Case facts:

The applicant is an existing customer with a clean screening history.
The stated buyer is a newly formed trading company in a neighboring, non-sanctioned country.
The end-use certificate says only “industrial maintenance” and is signed by the trading company, not by the site operator.
Shipping instructions route the goods through a free-trade zone and ask the freight forwarder not to show the final site on the bill of lading.
The customer’s email chain refers to “the refinery client across the border,” in a jurisdiction subject to energy-sector restrictions.
Name screening of the applicant, buyer, and freight forwarder produces no sanctions-list match.

What is the best sanctions compliance action?

A. Approve the transaction because all named parties screened clear and the destination country on the invoice is not sanctioned.
B. Approve the transaction if the applicant adds a contract clause stating that the goods will not be reexported to a sanctioned jurisdiction.
C. Place the transaction on hold and escalate for sanctions/trade compliance review, including independent verification of the end user, end use, routing, and any license or prohibition issue.
D. Automatically freeze the goods and funds because any reference to a restricted-sector refinery confirms a sanctions violation.

Best answer: C

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: End-use and end-user review looks beyond list screening. A clear screening result for named parties does not resolve a trade transaction when documents indicate possible concealment of the real destination, end user, or sector. Here, several facts point to possible diversion: a vague end-use certificate from an intermediary, a request to omit the final site from transport documents, routing through a free-trade zone, and a reference to a refinery in a restricted jurisdiction. The appropriate response is to pause processing and escalate for sanctions and trade compliance review. Verification may include independent end-user confirmation, ownership and control checks, route review, goods classification, and assessment of any license, exemption, or prohibition. A contractual promise may support controls but cannot replace due diligence where red flags are present.

Clear name screening is insufficient when trade documents suggest concealed end use or diversion.
A contract clause or customer certification does not cure unresolved end-user and routing red flags.
Freezing or treating the matter as a confirmed violation is premature without confirming the applicable restriction and the parties, property, and transaction status.

The vague end-use certificate, concealed final site, free-trade-zone routing, and reference to a restricted-sector refinery create diversion risk that requires escalation and verification despite no list match.

Question 39

Topic: Building a Sanctions Compliance Program

A global bank is replacing its sanctions screening engine. The tool will be used for customer onboarding, cross-border payments, and trade-finance reviews involving counterparties, vessels, and goods descriptions. The project team wants approval to move to production after confirming that UN, EU, and U.S. lists load correctly, exact-name test records generate alerts, and the false-positive rate at the proposed threshold is within the operations target. No testing has used production-like payment or trade data, aliases, transliterations, indirect party fields, or known nonmatches.

What should sanctions compliance require before approving production use?

A. Approve deployment and require operations to review the first month of alerts for any missed issues.
B. Rely on the vendor’s sanctions-screening certification and retain it with the implementation file.
C. Conduct independent validation using representative customer, payment, and trade data, with test cases for aliases, transliterations, thresholds, field mapping, list updates, false positives, and false negatives.
D. Lower the alert threshold so more potential matches are captured before production release.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions screening technology should be validated for the specific ways it will be used. Here, the tool is not limited to exact customer-name matching; it will support onboarding, payments, and trade-finance screening across multiple party fields and risk indicators. A reliable validation should test whether relevant data is ingested and mapped correctly, whether sanctions lists update as expected, and whether matching logic performs acceptably with aliases, transliteration differences, partial names, vessel or trade fields, and known nonmatches. It should also assess false positives and false negatives at the proposed threshold and document limitations or remediation before production approval. Vendor demos, list-load checks, and exact-name tests are useful but insufficient because they do not show whether the system is reliable for its full intended use.

Post-deployment monitoring may be part of ongoing control, but it does not replace pre-production validation when major intended-use areas were not tested.
Lowering the threshold may increase alert volume, but it does not prove that data mapping, matching logic, or false-negative risk is controlled.
Vendor certification can support due diligence, but the institution remains responsible for validating the tool in its own data, configuration, and risk environment.

Reliable approval requires validation against the tool’s intended sanctions uses, not only exact-name matching and list-loading checks.

Question 40

Topic: Building a Sanctions Compliance Program

A bank is refreshing the sanctions risk assessment for a trade finance portfolio. One long-standing corporate customer screens clean against sanctions lists and has transparent ownership. The proposed transactions involve letters of credit for high-specification microcontrollers that can be used in both civilian equipment and restricted military applications. The buyer and seller are in jurisdictions not currently subject to comprehensive sanctions, but the end user has not been fully documented.

Which risk area should most affect the sanctions risk assessment for this portfolio?

A. Customer risk because the customer has a long operating history
B. Jurisdiction risk because all cross-border trade is automatically high risk
C. Product and service risk related to dual-use goods and end-use uncertainty
D. Business risk because the portfolio has a low transaction volume

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions risk assessment should focus on the facts that most directly increase exposure to prohibited or restricted activity. Here, the decisive issue is the nature of the goods and service: trade finance for high-specification microcontrollers with possible military or restricted end use. Clean customer screening and transparent ownership reduce customer-related concerns, and the stated jurisdictions are not comprehensively sanctioned. Low volume may affect overall exposure, but it does not override the product and end-use risk. The appropriate focus is enhanced trade due diligence, including end-user and end-use review, rather than treating the case as mainly a customer history or geography issue.

A long operating history may lower customer risk, but it does not resolve sanctions concerns tied to dual-use goods.
Cross-border trade is not automatically high sanctions risk; the stated jurisdictions do not drive the concern here.
Low transaction volume affects scale, not the core risk created by trade finance for potentially restricted goods.

Dual-use goods financed through trade products create sanctions exposure even when the customer and listed jurisdictions do not present obvious red flags.

Question 41

Topic: Building a Sanctions Compliance Program

A bank is reviewing a trade finance customer that has no sanctions list matches. What sanctions risk assessment conclusion does the exhibit support?

Customer: Atlas Components LLC is an existing electronics wholesaler; its legal name, owners, and directors produced no sanctions screening matches.
Business activity and product: The transaction finances exported microcontrollers that the bank’s policy treats as dual-use goods requiring end-use review.
Jurisdictions: The goods are routed through a free-trade zone and delivered to a reseller near a country subject to technology and defense-sector sanctions.
Transaction context: The customer asks to split invoices below an internal review trigger, and the reseller will not identify the ultimate end user.
A. The relationship should be treated as low sanctions risk because the customer, owners, and directors do not match a sanctions list.
B. The review should focus only on the free-trade zone because routing jurisdiction is the only sanctions-relevant factor shown.
C. The relationship should receive enhanced sanctions review because the combined customer activity, product, jurisdictions, and transaction behavior create elevated risk despite no list match.
D. The concern should be handled only as AML structuring because split invoices are unrelated to sanctions risk assessment.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions risk assessment should evaluate the full context of a relationship or transaction. A clean customer or owner screening result is important, but it does not resolve risks created by the customer’s business model, the product involved, the route, the destination risk, and unusual transaction behavior. Here, dual-use goods, routing through a free-trade zone, proximity to a sanctioned jurisdiction, refusal to identify the end user, and invoice splitting all interact to increase the risk that the transaction could support prohibited end use, diversion, or sanctions evasion. The appropriate conclusion is enhanced sanctions due diligence and escalation under the bank’s risk-based controls, not automatic clearance based on one low-risk fact.

A clean name-screening result does not eliminate sanctions risk when product, route, and end-use facts create diversion concerns.
Focusing only on the free-trade zone misses the combined effect of goods, destination risk, customer behavior, and end-user opacity.
Split invoicing may raise AML concerns, but in this context it also supports sanctions evasion risk because it appears alongside dual-use goods and unclear end use.

The exhibit shows that sanctions risk depends on the combined context, not only the customer’s screening result.

Question 42

Topic: Building a Sanctions Compliance Program

A regional bank is updating its sanctions procedures for a new cross-border trade finance workflow. The following notes were taken after a policy walk-through:

The board-approved sanctions policy names compliance as the program owner, but trade override approval authority is not assigned.
The sanctions risk assessment rates trade finance involving regions near sanctioned jurisdictions as elevated, but procedures do not map that rating to enhanced review steps.
Customer files include sanctions certifications, but procedures do not require verification of owners, vessels, intermediaries, or end users.
The screening tool covers customer names, but payment fields and trade parties are not consistently screened.
Analysts may release holds after 24 hours without documented escalation, post-release monitoring, or case closure requirements.

What does the exhibit support?

A. The bank should document only a technology tuning plan because the policy already assigns program ownership to compliance.
B. Program documentation should be expanded to cover governance, risk assessment links, due diligence, screening scope, escalation, and monitoring controls.
C. The bank should treat the issue mainly as an AML customer due diligence deficiency unrelated to sanctions screening and escalation.
D. The bank should rely on customer sanctions certifications because trade finance counterparties are already covered by contractual commitments.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions program documentation should translate policy expectations into operational controls. Here, the notes identify more than a single system or file issue. They show unclear governance authority, a risk assessment that is not tied to enhanced procedures, due diligence gaps for owners and trade parties, inconsistent screening coverage, and weak escalation and monitoring after holds are released. A risk-based sanctions compliance program should document who owns decisions, how risk ratings affect review steps, what due diligence is required, which parties and fields are screened, when matters are escalated, and how cases or released activity are monitored and closed.

Customer certifications can support due diligence, but they do not replace independent sanctions screening and ownership, vessel, intermediary, or end-user review.
The facts are sanctions-specific, including trade parties, screening scope, holds, escalation, and monitoring, not merely general AML customer due diligence.
Technology tuning alone would not address missing governance authority, risk-based procedures, due diligence requirements, escalation standards, or monitoring controls.

The notes show gaps across the core documented controls needed to operate a risk-based sanctions compliance program.

Question 43

Topic: Building a Sanctions Compliance Program

A global bank is updating its sanctions risk assessment for a prospective trade finance customer. The customer is incorporated and headquartered in a non-sanctioned jurisdiction and has no confirmed screening matches. Its main business is exporting industrial pumps that can be used in energy infrastructure. Recent invoices show sales through a new distributor in a free-trade zone bordering Country X, which is subject to comprehensive sanctions under the bank’s applicable sanctions programs. Several shipment documents omit the end user, and payment is expected from an unrelated trading company in a third country. The customer provides a standard contract clause stating that it will comply with sanctions.

Which risk assessment conclusion is best supported?

A. The customer presents low sanctions risk because neither the customer nor its distributor is a confirmed sanctioned-party match.
B. The sanctions risk is resolved by the contract clause, so no further end-user or routing review is needed.
C. The exposure should be treated only as AML risk because third-party payment is not a sanctions risk factor unless cash is involved.
D. The customer presents elevated sanctions risk because product type, routing, incomplete end-user information, and third-party payment create potential exposure despite no confirmed list match.

Best answer: D

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions risk assessment should consider more than list-screening results. Here, several risk areas converge: goods with potential sensitive end use, trade routing near a comprehensively sanctioned country, missing end-user information, and payment from an unrelated third party. These facts do not prove a violation, but they support an elevated sanctions risk conclusion and justify enhanced due diligence, review of end use and end user, payment-party screening, and documented escalation under the bank’s program. A compliance clause can support due diligence, but it does not replace independent sanctions controls.

No confirmed list match does not make the relationship low risk when trade, jurisdiction, and payment facts create sanctions exposure.
Third-party payment can be relevant to sanctions evasion, especially when combined with opaque trade routing or missing end-user details.
Contract clauses are useful controls, but they do not eliminate the need for screening, trade due diligence, and escalation where risk indicators remain.

The combined customer, product, jurisdiction, and transaction indicators support an elevated sanctions exposure conclusion that requires enhanced due diligence and escalation.

Question 44

Topic: Detecting and Investigating Sanctions Evasion Techniques

A relationship manager receives a call from an export customer after a wire payment is stopped. The sanctions team has placed the payment on hold because the beneficiary’s newly identified majority owner appears to match a sanctioned party, and Legal is reviewing whether the funds must be frozen and reported. The customer asks, “Is this about sanctions? If the owner is the problem, should we resend the payment using the beneficiary’s trading name instead?” Internal procedures require sanctions-related customer communications to be approved by Compliance or Legal.

What is the most appropriate response?

A. State that the payment is under compliance review, do not discuss sanctions-screening details or suggest alternatives, and refer further communications to Compliance or Legal.
B. Tell the customer the beneficiary’s owner is a possible sanctions match and ask for revised payment instructions that avoid the owner’s name.
C. Reject the payment and advise the customer to route future payments through a different intermediary bank.
D. Confirm that a regulatory sanctions report will be filed and explain the evidence needed to clear the match.

Best answer: A

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Customer communications during a sanctions hold, freeze review, or investigation must be tightly controlled. The institution may need to give a basic operational response, but it should not disclose screening logic, possible list matches, regulatory reporting plans, investigation steps, or asset-freezing decisions unless Legal or Compliance has approved the disclosure. The customer’s question creates a clear tipping-off risk because it asks whether sanctions caused the hold and proposes a workaround. The appropriate response is neutral, documented, and escalated through the approved sanctions communication channel. Advising the customer how to change names, routing, documentation, or counterparties could help sanctions evasion and undermine the investigation.

Disclosing the possible owner match gives the customer sensitive investigation information and may alert a target.
Confirming regulatory reporting or explaining clearance evidence reveals internal investigation and reporting actions.
Suggesting another intermediary or routing change is especially risky because it may help the customer bypass sanctions controls.

A neutral, approved response protects the investigation and avoids giving information or advice that could help evade sanctions controls.

Question 45

Topic: Building a Sanctions Compliance Program

A sanctions analyst reviews an interdicted outbound trade payment. Bank policy requires any unresolved potential match involving a listed vessel or sanctioned beneficiary to remain on hold and be escalated to the sanctions investigations team before release.

Customer: Long-standing importer with no prior sanctions issues
Beneficiary: Marine Parts Baltic LLC
Payment reference: “spare parts for MV NORTH STAR, IMO 9876543”
Screening result: MV NORTH STAR, IMO 9876543 appears on a sanctions list; the beneficiary is not listed
Customer request: The customer asks the relationship manager to “push the payment through today” because the shipment is delayed

What action should the analyst take?

A. Release the payment because the customer and beneficiary are not listed and the customer has a clean prior history.
B. Ask the customer to remove the vessel reference and resubmit the payment for screening.
C. Reject the payment immediately and tell the customer that the vessel is sanctioned.
D. Keep the payment on hold and escalate the alert with the payment details, vessel identifier, and customer request to sanctions investigations.

Best answer: D

What this tests: Building a Sanctions Compliance Program

Explanation: A payment alert involving a listed vessel is not resolved simply because the customer and beneficiary are not listed. The vessel identifier is a strong matching element, and the bank’s procedure requires unresolved vessel-related matches to remain on hold and be escalated before release. The analyst should preserve the payment hold, provide the sanctions investigations team with the payment message, vessel IMO number, screening result, and customer pressure to expedite, and avoid taking unilateral release or rejection action. Customer communication should be controlled and neutral while the sanctions review is pending.

A clean customer history does not override a current sanctions hit tied to a listed vessel.
Immediate rejection and detailed customer notification may be premature and can create investigation or confidentiality concerns.
Removing the vessel reference would undermine screening integrity and could facilitate sanctions evasion.

An unresolved match to a listed vessel must remain on hold and be escalated with the relevant evidence before any release decision.

Question 46

Topic: Building a Sanctions Compliance Program

A bank is performing independent assurance over its automated payment interdiction control. The documented control requires every outbound cross-border payment to be screened against applicable sanctions lists before release, with potential matches held until a sanctions analyst documents the disposition. Management provides the written procedure and a monthly dashboard showing alert volumes. Which testing step would provide the most relevant evidence that the control operated effectively during the review period?

A. Compare the sanctions list loaded in the tool with the regulator’s current list on the testing date.
B. Obtain the vendor description of the screening tool to confirm it supports fuzzy matching and sanctions list updates.
C. Reconcile the outbound cross-border payment population to screening logs and inspect a sample for pre-release screening, alert holds, and documented dispositions.
D. Review the written procedure to confirm it requires payment screening, alert escalation, and release approval.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Effective assurance evidence should connect the control objective to actual activity during the period tested. For payment interdiction, the strongest evidence usually includes the complete in-scope transaction population, screening-system logs, timestamps, list versions or update evidence when relevant, alert hold status, analyst disposition records, and release approvals. A procedure or tool description may support design assessment, but it does not show that every required payment was screened before release. A dashboard can help scope testing, but summarized metrics alone are not enough to prove control operation. Comparing current lists may support list-management testing, but it does not demonstrate that historical payments were screened and resolved as required.

Written procedures show intended design, not whether the control operated on actual payments.
Vendor capability information supports tool understanding, but capability is not evidence of effective operation.
A current list comparison may be useful for list-management assurance, but it does not test pre-release screening and alert disposition across the review period.

This directly tests whether the required screening and alert-resolution control operated on actual in-scope payments during the period.

Question 47

Topic: Building a Sanctions Compliance Program

A compliance analyst reviews a proposed export shipment. The trade review file includes these notes:

Product: industrial frequency inverters with a technical range that can support civilian manufacturing equipment or restricted enrichment-related equipment.
Parties: no sanctions list matches for the buyer, freight forwarder, or bank.
Documentation: buyer describes the items only as “spare parts” and has not identified the final end user.
Routing: buyer requests shipment through a free trade zone before delivery.
Internal procedure: potential dual-use goods or unclear end use require export-control review before shipment release.

What do these notes support as the most relevant trade due diligence step?

A. Clear the shipment because all screened parties produced no sanctions list matches.
B. Approve the shipment if the buyer signs a general sanctions compliance attestation.
C. Release the goods and monitor only the payment for unusual routing or bank involvement.
D. Escalate for export-control classification, license determination, and end-use/end-user verification before releasing the shipment.

Best answer: D

What this tests: Building a Sanctions Compliance Program

Explanation: Trade due diligence is not limited to sanctions name screening. When goods may be dual-use, the compliance step should focus on export-control classification, license requirements, and verification of the stated end use and end user. The absence of sanctions list hits reduces one type of risk but does not resolve whether the item is controlled, whether a license is required, or whether the routing and incomplete documentation suggest diversion risk. A general customer attestation can support the file, but it does not replace a technical classification and license determination. The shipment should not be released until the export-control questions are resolved and documented under the company’s procedure.

No sanctions list matches do not address dual-use classification or license obligations.
A general attestation is supporting evidence, not a substitute for end-use/end-user verification.
Payment monitoring may detect financial red flags, but it does not resolve whether the goods can be exported.
Free trade zone routing and vague documentation increase the need for trade due diligence rather than reducing it.

The goods have dual-use indicators and unclear end-use information, so classification and license analysis must occur before shipment release.

Question 48

Topic: Building a Sanctions Compliance Program

A bank’s sanctions team reviews a trade finance near miss involving one relationship.

Customer: OceanBridge Logistics, a freight forwarder onboarded as “general logistics,” with no current beneficial ownership, alias, expected trade corridor, or key counterparty fields in the customer profile.
Product: a letter of credit request covers industrial pumps with dual-use indicators; the invoice uses a broad goods description and no HS code.
Jurisdiction: the route includes transshipment through a free trade zone and a final consignee in a country adjacent to a comprehensively sanctioned jurisdiction; the corridor is not expected for this customer.
Screening: trade documents are screened only against the applicant and beneficiary legal names.
Data: the payment message contains a free-text consignee that fuzzy-matches a listed party’s known Romanized alias, but no alert generated because free-text fields are excluded from interdiction.

What program control improvement does the exhibit most strongly support?

A. Require structured capture and screening of key trade parties, goods, routes, vessels, aliases, and ownership/control data, with enhanced review for unusual high-risk corridors.
B. Lower the customer name-screening threshold for all onboarded customers while leaving trade-document screening unchanged.
C. Require the freight forwarder to provide an annual sanctions attestation before issuing future letters of credit.
D. Treat the matter as a one-time payment-filtering exception because the customer itself is not a sanctioned party.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: The exhibit shows more than a single missed name match. The relationship has incomplete customer data, an unusual trade corridor, goods with dual-use indicators, limited trade-document screening, and payment free-text data excluded from interdiction. A sound sanctions compliance program improvement should connect those facts into a risk-based trade control: collect structured data, screen relevant trade parties and aliases, assess goods and routes, update ownership/control and expected activity information, and escalate unusual high-risk corridors for enhanced review. This addresses both the source data problem and the screening design problem. A narrow change to customer screening alone would not cover consignees, vessels, routes, goods, or payment-message fields.

Lowering only the customer name-screening threshold does not fix missing trade-party data, excluded free-text fields, or incomplete customer profiles.
Annual attestations can support due diligence, but they do not replace sanctions screening, trade review, or route and product risk controls.
Treating the matter as a one-time exception ignores recurring program weaknesses across onboarding, trade finance, payment filtering, and escalation.

The facts point to an integrated trade sanctions control gap involving customer profile data, product risk, routing risk, screening scope, and excluded free-text data.

Question 49

Topic: Building a Sanctions Compliance Program

A regional bank’s QA review of sanctions payment-screening cases finds that investigators often close potential matches as false positives with short notes such as “not the same party.” In several files, the reviewer cannot tell which identifiers were compared, whether aliases and ownership/control information were checked, which sanctions list version was used, or why escalation was not required. The screening system retained the alert and payment details. Which documentation improvement best addresses the weakness?

A. Add a quarterly summary of total sanctions alerts, false-positive rates, and average case aging to the board reporting package.
B. Retain annual sanctions training attendance records for all payment operations and investigations staff.
C. Archive customer sanctions attestations in each customer file before allowing payment activity.
D. Require a standardized alert disposition record that captures identifiers compared, evidence reviewed, sanctions list details, ownership/control checks, rationale, date, and approval where required.

Best answer: D

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions program documentation should allow an independent reviewer to understand what was screened, what evidence was reviewed, how the analyst reached the disposition, and whether escalation or approval was required. Here, the system already keeps the alert and payment details; the gap is the case-level record supporting the false-positive decision. A standardized disposition template or checklist addresses that gap by requiring the analyst to document match factors, identifiers, aliases, relevant list information, ownership/control review, rationale, and required approvals. Management reporting, training records, and customer attestations may support the broader program, but they do not make individual alert decisions reproducible or defensible.

Board-level metrics help oversight, but they do not document why specific alerts were cleared.
Training attendance records show personnel completed training, not that case conclusions were evidence-supported.
Customer attestations can support due diligence, but they do not replace documented sanctions alert analysis.

The weakness is the inability to reconstruct and support alert-clearing decisions, so the most relevant fix is a required disposition record with evidence and rationale.

Question 50

Topic: Building a Sanctions Compliance Program

A bank is refreshing the sanctions risk rating for Caldera Tools, a commercial customer. The bank’s model adds current factor scores: Low 0-3, Medium 4-6, and High 7-9. A prohibited/exit override applies only if a listed or blocked person owns or controls the customer, or if a transaction requiring rejection or blocking has been identified.

Current approved score: 5, Medium.

Jurisdiction exposure: currently 2; changes to 4 if more than 20% of expected payments or trade documents involve a sanctions-sensitive jurisdiction.
Product/service: remains 2 for cross-border wires or trade finance.
Ownership/control: currently 0; changes to 2 if a non-listed indirect owner with at least 25% ownership is incorporated in a sanctions-sensitive jurisdiction.
Alert history: remains 1 because payment alerts required manual review but were resolved as false positives.

Refresh findings:

Caldera is adding trade finance for exports to a distributor in a sanctions-sensitive jurisdiction; documents estimate 35% of projected shipments.
A newly identified indirect owner holds 30% of Caldera and is incorporated in that same jurisdiction.
Screening finds no listed or blocked party, and Caldera has signed a sanctions compliance attestation.

What is the best conclusion for the rating refresh?

A. Increase the rating to High because jurisdiction exposure and ownership/control scores now bring the total score to 9.
B. Apply the prohibited/exit override because projected trade involves a sanctions-sensitive jurisdiction.
C. Reduce the rating to Low because the customer signed a sanctions compliance attestation before any transaction was processed.
D. Keep the rating at Medium because screening found no listed or blocked party and the payment alerts were false positives.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions risk rating should change when current facts change the inputs required by the scoring model. The prior score was 5, but the refresh creates two score changes. Jurisdiction exposure rises from 2 to 4 because 35% of projected shipments involve a sanctions-sensitive jurisdiction, exceeding the model’s 20% trigger. Ownership/control rises from 0 to 2 because the newly identified indirect owner holds 30% and is incorporated in that jurisdiction. Product/service remains 2, and alert history remains 1. The new total is 9, which falls in the High range. A clean screening result prevents the prohibited/exit override here, but it does not neutralize other scored sanctions risks. A customer attestation may support due diligence, but it does not override the formula inputs.

Clear list screening does not erase scored jurisdiction exposure or ownership/control risk.
The prohibited/exit override is not triggered because no listed or blocked owner/controller and no reject/block transaction were identified.
A sanctions attestation can support due diligence, but it is not a scoring offset for projected trade exposure or indirect ownership risk.

The updated formula score is 4 for jurisdiction exposure, 2 for product/service, 2 for ownership/control, and 1 for alert history, totaling 9.

Questions 51-75

Question 51

Topic: Building a Sanctions Compliance Program

An international bank finances commodity shipments. Internal quality testing found that several customers changed nominated vessels after trade approval. Vessel names and flags changed during the shipment, but the vessel IMO numbers stayed the same. The current control screens the customer and the initially named vessel only when the trade facility is approved. Which monitoring control best addresses this sanctions risk?

A. Perform event-driven maritime screening at key shipment milestones using vessel IMO number, vessel aliases, owner/operator, flag, and port-call data before document release or payment.
B. Screen only the vessel name again when the facility is renewed.
C. Review a sample of completed shipments quarterly to identify possible vessel sanctions issues after payment.
D. Require each customer to certify annually that it will not use sanctioned vessels for financed shipments.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions monitoring should match the specific risk being controlled. Here, the risk is not just customer sanctions exposure at onboarding; it is vessel substitution and maritime identity manipulation during live trade activity. A strong control screens the relevant maritime parties and attributes at the points when sanctions exposure can change and before the bank releases documents or funds. Using the IMO number is important because vessel names and flags may change, while the IMO number is a more stable identifier. Owner, operator, alias, flag, and port-call information can also reveal sanctions exposure that a name-only check may miss.

Annual customer certifications may support due diligence, but they do not independently monitor vessel changes during shipments.
Name-only rescreening at renewal is too narrow and too late for vessel identity changes during an active trade.
Post-payment sampling can support assurance testing, but it does not prevent the bank from processing a prohibited transaction.

This control targets vessel substitution and identity changes using stable identifiers and updated maritime risk data before the bank acts.

Question 52

Topic: Building a Sanctions Compliance Program

A bank is reviewing a new corporate customer, Delta Components Ltd. The bank’s sanctions standard requires treating an entity as restricted when a listed person owns, directly or indirectly, 50% or more in aggregate, or otherwise controls the entity.

Current ownership facts:

A listed individual owns 40% of Delta directly.
The same listed individual owns 100% of Orion Holdings.
Orion Holdings owns 15% of Delta.
The remaining 45% of Delta is held by unrelated, nonlisted shareholders.

Which fact is most relevant to the sanctions decision?

A. The listed individual has aggregate direct and indirect ownership of 55% of Delta.
B. No payments involving listed jurisdictions have been observed.
C. The remaining 45% is held by unrelated, nonlisted shareholders.
D. The listed individual has no officer title at Delta.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions ownership and control analysis requires looking beyond the immediate shareholder register. When a listed person owns an entity directly and also owns an intermediary that holds additional shares, the relevant interests may need to be aggregated. Here, the listed individual owns 40% of Delta directly and is attributed the 15% held by Orion Holdings because the individual owns Orion 100%. That produces 55% aggregate ownership, which exceeds the bank’s stated 50% threshold. The absence of an officer title or suspicious payments may be relevant to broader due diligence, but it does not change the ownership conclusion once the threshold is met.

Lack of an officer title does not negate ownership-based restrictions when the aggregate ownership threshold is exceeded.
Unrelated nonlisted shareholders do not offset the listed person’s attributable ownership.
Payment activity is relevant to transaction review, but the sanctions decision here turns on ownership and control.

The direct 40% interest plus the 15% indirect interest through a wholly owned company exceeds the stated 50% aggregate ownership threshold.

Question 53

Topic: Sanctions Frameworks and Governance

A sanctions analyst at a Singapore-based bank reviews a trade payment for a local corporate customer. The customer will pay a Turkish distributor for industrial parts that will be shipped to Country X. None of the named parties appears on the bank’s sanctions screening results. The file also shows these facts:

Country X is subject to comprehensive sanctions by Jurisdiction A.
The payment is in the currency of Jurisdiction A and will clear through a correspondent bank located there.
The parts include components marked as originating in Jurisdiction A.
The customer asks the bank to process quickly because the bank and all contracting parties are outside Jurisdiction A.

What is the best action?

A. Approve the payment after obtaining a customer certification that no sanctioned party is involved.
B. Process the payment if the customer changes the currency so it no longer clears through Jurisdiction A.
C. Process the payment because no named party matched a sanctions list and the bank is outside Jurisdiction A.
D. Pause processing and escalate for sanctions/legal review with additional due diligence on jurisdictional nexus, goods origin, and end use.

Best answer: D

What this tests: Sanctions Frameworks and Governance

Explanation: Geographic scope is not limited to where the customer, bank, or contracting parties are physically located. Sanctions exposure can arise from a transaction’s nexus to a sanctioning authority, such as use of that authority’s financial system, currency-clearing route, goods origin, nationals, entities, or other jurisdictional hooks. Here, the transaction involves Country X, clearing through Jurisdiction A, and components originating in Jurisdiction A. A clean name-screening result does not resolve those geographic scope issues. The bank should pause processing, escalate to sanctions/legal specialists, and obtain enough due diligence to determine whether the transaction is prohibited, licensable, exempt, or outside scope.

A clean list-screening result does not eliminate country, goods-origin, payment-route, or end-use risk.
Changing the payment currency may remove one nexus but does not address the Jurisdiction A-origin components or Country X exposure.
A customer certification can support the file, but it cannot replace sanctions scope analysis and escalation where clear jurisdictional hooks exist.

The currency clearing route and goods origin create potential Jurisdiction A nexus despite the parties being located elsewhere.

Question 54

Topic: Building a Sanctions Compliance Program

A sanctions analyst reviews a payment-screening alert for a USD customer payment. The customer and beneficiary do not match any sanctions list entries, and the beneficiary bank is in Germany. The SWIFT message includes this excerpt:

:50K: BLUE RIDGE COMPONENTS LLC, US
:59: NORDWERK SERVICE GMBH, DE
:70: INV 88421 - REPAIR KIT FOR CRIMEA SITE
:72: URGENT COMMERCIAL PAYMENT

The institution’s procedure requires payments with a sanctioned-country or comprehensively restricted-region nexus in the message text to be held pending sanctions review. What response best fits these facts?

A. Clear the alert because the customer, beneficiary, and beneficiary bank are not sanctioned parties.
B. Release the payment and add the beneficiary to enhanced monitoring for future activity.
C. Ask operations to remove the restricted-region reference from the remittance field and rescreen the message.
D. Hold the payment, escalate the apparent restricted-region nexus, and request supporting documentation before any release decision.

Best answer: D

What this tests: Building a Sanctions Compliance Program

Explanation: Payment-screening review is not limited to exact name matches. SWIFT fields can reveal a jurisdiction, end-use, vessel, goods, or other nexus that changes the sanctions risk. Here, the remittance information refers to a “Crimea site,” and the procedure specifically requires payments with a sanctioned-country or comprehensively restricted-region nexus to be held pending sanctions review. The appropriate response is to stop processing, escalate, and obtain documents such as invoices, contracts, shipping records, or service details so the institution can determine whether the payment is prohibited, licensed, exempt, or otherwise permitted. Clearing based only on negative party screening ignores material message facts.

Negative screening for the named parties does not resolve a jurisdictional or regional sanctions concern appearing in payment text.
Releasing first and monitoring later fails to control a potentially prohibited payment before execution.
Removing or altering remittance information is not a valid sanctions control and could conceal material information.

The message text creates a sanctions nexus that requires hold, escalation, and fact-gathering even though the named parties did not match a sanctions list.

Question 55

Topic: Building a Sanctions Compliance Program

A sanctions compliance manager reviews the following quality assurance findings after an ownership-related screening alert was closed without escalation:

Alert event: A supplier was 30% owned by Listed Person A and 25% owned by Listed Person B; both are on the same sanctions list.
Analyst disposition: The alert was closed as below 50% ownership because no single listed owner held a majority interest.
QA review: Two other teams reached different conclusions on similar ownership patterns in the same quarter.
Governance note: The sanctions policy has no named owner for ownership/control methodology, no approval record for the threshold interpretation, and no escalation standard for disputed ownership cases.

What conclusion do these facts best support?

A. A one-time alert-review error that should be resolved by coaching the analyst who closed the supplier alert.
B. A governance weakness in the sanctions program, because ownership methodology, escalation standards, and approval accountability are not defined.
C. A screening-tool tuning problem that should be resolved by lowering name-match thresholds for listed persons.
D. A customer due diligence documentation gap that should be resolved by requesting updated incorporation documents from the supplier.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: A single incorrect closure can be an alert-review issue, but repeated inconsistent conclusions across teams point to a governance problem. Sanctions compliance programs need documented ownership/control methodology, clear escalation standards, accountable policy ownership, and evidence that material interpretations have been approved. Here, the analyst’s closure is concerning, but the more important finding is that teams lack a consistent, authorized framework for handling aggregated listed-party ownership and disputed ownership cases. Quality assurance has identified a pattern, not just an isolated mistake. The appropriate conclusion is a program-level governance weakness requiring policy clarification, approval, training, and oversight.

Treating the matter as only analyst coaching misses the repeated inconsistency and missing governance controls.
Lowering name-match thresholds does not address ownership/control interpretation or escalation standards.
Requesting updated documents may support due diligence, but the facts show the main failure is inconsistent methodology and accountability.

The repeated inconsistent treatment and missing ownership, approval, and escalation governance show a program-level control weakness rather than only an individual review mistake.

Question 56

Topic: Detecting and Investigating Sanctions Evasion Techniques

A bank is reviewing a pending trade payment to a newly onboarded distributor. The screening alert is not an exact name match, but investigation notes show that a sanctioned individual reportedly transferred shares in the distributor to a relative two months before designation. The distributor sent a short email stating that no sanctioned person owns or controls it. The bank’s procedure requires evidence of current ownership and control before clearing potential sanctions evasion concerns.

Which source is most appropriate to resolve the concern?

A. Prior false-positive records for similar distributor names in the screening system
B. Current independent corporate registry extracts and ownership/control documents for the distributor and any holding entities
C. The payment message fields showing the distributor as the beneficiary
D. The distributor’s email attestation that it has no sanctioned owners or controllers

Best answer: B

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: The best investigation source is the one that directly resolves the unresolved sanctions risk with reliable, current evidence. Here, the risk is not merely a name similarity; it is possible evasion through ownership restructuring or control by a sanctioned person. Current independent corporate registry extracts, shareholder records, control documents, and holding-company records can show ownership layers, voting rights, directors, or nominee arrangements that are relevant to sanctions ownership and control analysis. A customer statement may support the file, but it should not replace independent evidence when there is a specific evasion concern. Payment message data confirms transaction parties, not underlying ownership. Prior false-positive history can help assess matching quality, but it does not resolve current control risk.

A customer attestation is useful only as supporting information; it is not enough when the concern involves possible ownership restructuring.
Payment message fields identify transaction participants but usually do not show beneficial ownership or control rights.
False-positive history may help with name-screening disposition, but it does not determine current ownership or control.

These records most directly address whether a sanctioned person retains direct, indirect, or control-based interests in the distributor.

Question 57

Topic: Building a Sanctions Compliance Program

A mid-size bank’s sanctions screening governance was written for domestic retail accounts. The bank is launching a trade finance desk that will process letters of credit involving exporters, freight forwarders, vessels, insurers, and end users in several higher-risk jurisdictions. The current standard requires customer name screening at onboarding and monthly rescreening, but it does not address trade parties, vessel screening, goods-related restrictions, or transaction-level interdiction. Which governance action best aligns screening controls with the bank’s changed sanctions risk exposure?

A. Rely on customer sanctions attestations for trade finance transactions because the bank already screens customers at onboarding.
B. Apply the same monthly customer rescreening process to all trade finance parties without changing governance documentation or escalation procedures.
C. Refresh the sanctions risk assessment and update the approved screening standard to define risk-based screening scope, frequency, data requirements, escalation, and ownership for the new trade finance activity.
D. Keep the existing customer screening standard and require trade finance staff to perform manual internet searches when a transaction appears unusual.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Screening controls should be tied to the institution’s sanctions risk exposure. A new trade finance desk introduces risks that differ from domestic retail banking, including non-customer parties, vessels, insurers, end users, goods restrictions, jurisdictional exposure, and transaction-level interdiction needs. The appropriate governance response is to refresh the sanctions risk assessment and update the approved screening standard or control matrix so the expanded control expectations are documented, approved, resourced, and consistently applied. Operational steps such as manual searches or expanded party screening may be part of implementation, but they should flow from a documented risk-based governance decision that defines scope, frequency, data quality requirements, escalation paths, and control ownership.

Manual internet searches are not a controlled substitute for a risk-based screening standard, especially for recurring trade finance exposure.
Customer attestations can support due diligence, but they do not replace sanctions screening and transaction controls.
Simply applying monthly customer rescreening to trade parties misses trade-specific risks and leaves governance gaps unaddressed.

The new business activity changes the risk profile, so governance should first update the risk assessment and control standard before implementing expanded screening.

Question 58

Topic: Sanctions Frameworks and Governance

A global bank screens a proposed credit transaction. The customer is an energy company that appears on a sectoral sanctions list, but it is not listed as a blocked or asset-freeze target. The applicable sectoral measure prohibits the bank from providing new debt with a maturity longer than 30 days to listed energy-sector entities. The customer requests a 90-day revolving credit facility, and no comprehensively sanctioned country or blocked party is otherwise involved.

Which response best fits these facts?

A. Clear the transaction because the customer is not a blocked party and no embargoed country is involved.
B. Freeze all customer assets immediately because any sanctions listing requires asset blocking.
C. Escalate the transaction for sectoral sanctions review, document the debt maturity analysis, and hold the facility pending a legal or licensing decision.
D. Proceed if the customer certifies that the loan proceeds will be used for ordinary business purposes.

Best answer: C

What this tests: Sanctions Frameworks and Governance

Explanation: Different sanctions types require different controls. A blocked-party or asset-freeze listing typically triggers freezing, rejection or blocking procedures, reporting, and strict restrictions on dealing with the target. Sectoral sanctions may not require an asset freeze, but they can prohibit specific activities, such as certain financing, services, goods, or maturities. Here, the decisive fact is the requested 90-day credit facility against a rule prohibiting new debt over 30 days for listed energy-sector entities. The bank should not treat the alert as either a full blocking case or a simple false positive. The appropriate response is transaction-specific escalation, documentation of the sectoral restriction analysis, and a decision under legal, licensing, or sanctions governance procedures before any commitment is made.

Freezing all assets overstates the requirement because the facts say the entity is not an asset-freeze target.
Clearing the transaction ignores the sectoral restriction that may prohibit the 90-day financing.
Relying on a business-purpose certification does not replace sanctions analysis, documentation, and escalation for covered sectoral activity.

The restriction is transaction-specific, so the bank should assess and document whether the 90-day facility falls within the prohibited sectoral financing rule before proceeding.

Question 59

Topic: Sanctions Frameworks and Governance

A trade finance team reviews a proposed letter of credit for subsea drilling components. The buyer and banks do not match any sanctions list. The applicable sanctions measure does not prohibit all trade with the buyer’s country, but it prohibits persons subject to the measure from providing financing, goods, or services for deepwater oil exploration in that country. The documents show the components will be used at an offshore deepwater field there.

Which sanctions type is most relevant to this review?

A. Sectoral sanctions targeting a restricted industry activity
B. Comprehensive sanctions prohibiting nearly all trade with the country
C. Arms embargo restrictions on military goods and defense services
D. List-based asset-freezing sanctions against a designated party

Best answer: A

What this tests: Sanctions Frameworks and Governance

Explanation: Sectoral sanctions restrict specific activities, industries, financing, services, or goods connected to a targeted sector, rather than blocking every transaction involving a country or only transactions with named listed parties. Here, the key facts are that no party is listed, trade with the country is not comprehensively banned, and the measure specifically restricts support for deepwater oil exploration. The trade finance review should therefore focus on whether the goods, financing, end use, and location fall within the covered sectoral restriction.

List-based asset-freezing sanctions would be central if the buyer, bank, vessel, or other party matched a designated person or blocked party.
Comprehensive country sanctions are not indicated because the measure allows some trade with the country and targets only specified activity.
An arms embargo is not the main concern because the goods and end use relate to energy exploration, not military goods or defense services.

The decisive restriction applies to a defined economic sector and activity, even without a listed party or full country embargo.

Question 60

Topic: Building a Sanctions Compliance Program

A sanctions compliance manager reviews a missed payment-screening alert after a correspondent bank inquiry. Which conclusion is best supported by the exhibit?

The payment counterparty was entered as Al Karam Trading FZE; the sanctions list entry used Al-Karam Trade F.Z.E. and included a transliterated alias added two weeks earlier.
The screening tool scored the match below the alert threshold and auto-closed it under a low-value payment rule.
There is no evidence that alias matching, transliteration settings, or auto-closure rules were tested after the list update.
The most recent tuning memo is 18 months old and does not explain the current threshold or fuzzy-matching settings.
A. Fuzzy matching eliminates the need for post-update testing when new aliases are added to sanctions lists.
B. Automated screening should be replaced by manual review of every payment because tool-based screening is unreliable.
C. Screening tools need governance, testing, tuning, documentation, and human review because outcomes depend on data, thresholds, matching rules, and judgment.
D. Low-value payments can be excluded from sanctions screening because sanctions risk is driven mainly by transaction amount.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Automated sanctions screening is a control system, not a self-proving decision maker. Matching results depend on the quality of customer and payment data, list updates, transliteration handling, fuzzy logic, thresholds, exclusion rules, and auto-closure settings. When those settings are not tested after a list update, a plausible match can fall below the alert threshold. Documentation is also essential because the institution must be able to explain why a threshold, rule, or workflow is appropriate for its risk. Human review remains important for exceptions, near matches, overrides, and higher-risk activity, especially where automated rules could suppress a relevant alert. The proper response is not to abandon screening or exempt low-value payments, but to operate the tool under a governed, risk-based framework with testing, tuning, evidence, and escalation.

Treating transaction value as the main screening criterion ignores that sanctions prohibitions may apply regardless of amount.
Relying on fuzzy matching without testing is unsafe because aliases, transliterations, and thresholds can still cause missed matches.
Replacing all automation with manual review is not a practical or risk-based control; automated screening still needs oversight and review points.

The missed alert resulted from untested matching logic, stale documentation, and an auto-closure rule that lacked documented human oversight.

Question 61

Topic: Building a Sanctions Compliance Program

A global bank is reviewing a proposed add-on to an existing correspondent banking service. The respondent bank has been screened and approved, and the global bank will screen payment message fields it receives before release. The add-on would let the respondent’s corporate customers submit payment files that are processed through the correspondent account, but the global bank may receive only the respondent bank’s name and limited free-text references for the underlying customers.

Which product or service feature creates the most relevant sanctions concern?

A. Providing the respondent with daily electronic account statements in its preferred file format
B. Allowing the respondent’s underlying customers to access the account when their identifying details may not be visible for screening
C. Charging the respondent monthly fees based on payment volume
D. Restricting the account to corporate payments instead of consumer card transactions

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: The key sanctions issue is transparency over the parties using the financial service. Correspondent banking becomes more sanctions-sensitive when a respondent’s customers, affiliates, or downstream banks can transact through the account and the clearing bank does not receive enough originator, beneficiary, or other party information to screen effectively. Screening only the respondent bank is not sufficient if the service design permits hidden or poorly identified underlying parties to access the payment channel. File formats, fee structures, and broad customer segment restrictions may affect operations or general risk, but they do not create the same direct sanctions concern as limited visibility into who is actually using the account.

Daily statement formatting is an operational feature, not the main sanctions-risk driver.
Volume-based pricing may affect business incentives, but it does not by itself obscure sanctioned parties.
Limiting use to corporate payments may still require controls, but the decisive concern is hidden access by underlying customers.

Nested or payable-through access can prevent the bank from identifying and screening the true parties to a transaction before processing.

Question 62

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions specialist reviews a trade finance file for an export of industrial valves. The bank has no license or authorization for business involving Country X, which is subject to sanctions on supplies for its oil-refining sector. What does the exhibit most strongly support?

Commercial invoice: industrial valves for water-treatment maintenance; consignee is Blue Delta Trading in a free zone in Country Y.
End-use statement: municipal water project in Country Y; end user listed as Blue Delta Trading.
Product specification: high-pressure, corrosion-resistant valves commonly used in refinery maintenance.
Buyer email to the freight forwarder: “After clearance in Country Y, truck the shipment to Project K in Country X. Do not name the Country X refinery on the documents.”
A. A sanctions ownership-control issue requiring aggregation of Blue Delta Trading’s shareholders before reviewing the shipment route.
B. A permissible sale because the invoice and end-use statement both identify a non-sanctioned country destination.
C. A routine shipping documentation inconsistency that can be resolved by obtaining a corrected consignee address in Country Y.
D. A trade-related sanctions evasion technique using false end-use documents and transshipment to conceal a sanctioned-country refinery end user.

Best answer: D

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Trade-related sanctions evasion often involves making a shipment appear destined for a non-sanctioned country or benign purpose while the real route, goods, end use, or end user points to a prohibited destination or sector. Here, the invoice and end-use statement describe a municipal water project in Country Y, but the email directs onward movement to Country X and asks that the refinery not appear on documents. The product specifications are also consistent with refinery maintenance, which is the sanctioned sector identified in the facts. Together, these facts support possible false end-use documentation, concealment of the true end user, and transshipment through an intermediary jurisdiction.

Treating the issue as a mere consignee-address correction ignores the explicit instruction to conceal the Country X refinery.
Ownership-control analysis may be relevant in other cases, but these facts point primarily to route and end-use concealment.
Reliance on the invoice and end-use statement alone is inadequate when contradictory routing and end-user evidence is present.

The documents state a benign Country Y water project, while the email and product specifications point to diversion through Country Y to a Country X refinery.

Question 63

Topic: Sanctions Frameworks and Governance

A sanctions analyst at a Singapore-based bank is reviewing a proposed trade finance transaction. What sanctions scope conclusion is best supported by these facts?

Sanctions review facts:

Customer: Singapore-incorporated distributor with no sanctioned-party name match.
Transaction: letter of credit for industrial valves shipped from Germany to a privately owned buyer in Country R.
Bank role: the bank’s German branch would issue and process the letter of credit.
Trade document: end-use statement identifies the valves for a new oil extraction project in Country R.
EU autonomous measures: firms operating in the EU are prohibited from supplying listed industrial valves for oil extraction projects in Country R.
Country U national advisory: non-Country U persons may be targeted by secondary sanctions for significant support to Country R oil extraction projects.
A. Only Singapore sanctions are relevant because the customer and the bank’s head office are in Singapore.
B. Country U sanctions are relevant only if the payment clears through Country U or a Country U person handles it.
C. The transaction is outside sanctions scope because the customer and buyer have no sanctioned-party name match.
D. Escalation is warranted because EU autonomous measures may apply through the German branch and shipment, and Country U secondary sanctions may affect non-Country U participants.

Best answer: D

What this tests: Sanctions Frameworks and Governance

Explanation: Sanctions scope is not limited to the country where the customer is incorporated or to list screening results. Cross-border activity can create multiple connections: where goods are shipped from, where a bank branch operates, what end use is involved, and whether another country asserts secondary or extraterritorial consequences. Here, the German branch and German shipment create an EU nexus under the stated autonomous measures. The end use matches the restricted oil extraction activity. Separately, the Country U advisory expressly warns that non-Country U persons may face secondary sanctions for significant support to the same type of project. These facts support escalation for sanctions legal and compliance review rather than ordinary processing based only on a clean name-screening result.

A clean name-screening result does not resolve goods, end-use, geographic, or sectoral restrictions.
Singapore incorporation does not eliminate sanctions exposure created by an EU branch, German shipment, or foreign secondary-sanctions risk.
Secondary sanctions can be designed to affect non-national persons even without payment clearing or direct handling in the sanctioning country.

The facts show both an EU operational nexus and an express extraterritorial secondary-sanctions risk despite no list match.

Question 64

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions investigator is reviewing a customer relationship after a payment alert. Which investigative focus is most supported by these case facts?

Customer payment: Meridian Components instructs a payment to Orion Parts FZE for technical services.
Attached invoice: industrial pressure sensors and controller boards shipped through a free-trade zone to Volna Energy Maintenance.
Ownership check: Volna Energy Maintenance is 60% indirectly owned by Volna Energy JSC, which is on the firm’s applicable sanctions list.
Forwarder email: asks Orion to remove the end-user name from shipping documents because “banks keep screening it.”
Refund request: Orion asks that an overpayment be returned to a virtual-asset wallet recently exposed to a sanctioned exchange.
A. Assess whether the parties are concealing a sanctioned end user or owner while routing goods and value through trade documents, payment instructions, and a flagged wallet.
B. Rely on Orion’s sanctions attestation if it states the goods are not destined for a listed customer.
C. Confirm whether the payment narration can be corrected to match the invoice before releasing the payment.
D. Treat the matter mainly as AML source-of-funds risk because Meridian and Orion are not directly listed.

Best answer: A

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Multi-channel sanctions evasion indicators should be investigated together, not as separate processing issues. Here, the payment description does not match the invoice, the trade documents identify an end user that is majority owned by a sanctioned party, the forwarder asks to remove that end-user name, and a refund is being redirected to a wallet with sanctioned-exchange exposure. Those facts support an investigation into whether the transaction structure is being used to conceal a sanctioned end user or owner and move value through alternative channels. Correcting the payment narrative or collecting an attestation would not resolve the sanctions concern without independent ownership, trade, payment, and virtual-asset analysis.

Correcting the payment description treats one symptom but ignores the ownership link, document alteration request, and wallet exposure.
Framing the matter only as AML source-of-funds risk misses the sanctions triggers created by indirect sanctioned ownership and sanctioned-exchange exposure.
A customer or counterparty attestation can support due diligence, but it cannot replace independent review when records already indicate concealment.

The facts connect a misdescribed payment, altered trade documents, sanctioned ownership, and virtual-asset exposure, so the inquiry should follow the concealed end user and value flow across channels.

Question 65

Topic: Building a Sanctions Compliance Program

A global bank is reviewing a customer name-screening alert for a new trade intermediary. The onboarding form shows the customer as Yusuf Abdallah Qasem. The sanctions screening tool returns a possible hit for Youssef Abdullah Kassim, with listed aliases including Yusif Abd Allah Qasim. The year of birth and city of residence match the customer record, but the spelling is not identical. The business unit asks whether the alert can be closed because the sanctioned name is spelled differently. What is the best response?

A. Close the alert because sanctions screening should only treat an exact spelling match as a potential sanctioned-party match.
B. Clear the alert if the customer signs an attestation that they are not the listed sanctioned person.
C. Escalate the alert for sanctions review because aliases and transliteration from non-Latin scripts can produce different spellings for the same person, especially when secondary identifiers align.
D. Reject the customer automatically because any name that resembles a sanctioned name must be treated as confirmed without further review.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions name screening must account for language differences, aliases, spelling variations, and transliteration because names from non-Latin scripts often have more than one valid Latin-script rendering. A sanctioned person may also use aliases, shortened names, reordered name elements, or different spellings across passports, trade documents, payment messages, and sanctions lists. Exact-match screening alone can miss a true match. In this scenario, the spelling differences do not justify closing the alert because the aliases are close and the year of birth and city of residence align. The appropriate response is sanctions review using available secondary identifiers, documentation, and escalation procedures.

Exact spelling alone is too narrow and can create false negatives when names are translated or transliterated differently.
Automatic rejection is too broad; a possible hit requires analysis before treating it as confirmed.
A customer attestation can support due diligence but cannot replace sanctions screening and match resolution.

Different spellings, aliases, and transliterations can still identify the same sanctioned person, so aligned secondary identifiers require review rather than automatic clearance.

Question 66

Topic: Building a Sanctions Compliance Program

A global bank is cleaning up sanctions compliance documentation after an internal review found that policy, procedures, system configuration records, and alert case files are being mixed. The documentation owner is drafting the enterprise sanctions screening policy. Which statement is most appropriate for the policy rather than a procedure, work instruction, system configuration note, or case file?

A. The interdiction system uses a 92% fuzzy-match threshold for Cyrillic-to-Latin name transliteration in the payment screening queue.
B. Alert 24-1187 was closed because the customer’s passport number and country of residence did not match the listed person.
C. The bank must screen relevant customers, counterparties, payments, and trade activity against applicable sanctions lists and document the disposition of potential matches.
D. Analysts must open the alert queue, select Potential Sanctions Match, compare date of birth fields, and enter the disposition code before closing the alert.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: A sanctions policy should set enterprise-level requirements, governance expectations, scope, accountability, and control principles. It should not read like a desktop procedure, system build record, or case investigation note. The correct statement establishes that relevant parties and activity must be screened against applicable sanctions lists and that potential matches must be documented. That is durable enough for a policy and can be supported by more detailed documents. Procedures can explain how analysts review alerts, work instructions can describe screen-by-screen actions, configuration notes can record match thresholds and tool settings, and case files can preserve evidence and decisions for specific alerts.

Queue navigation and disposition-code instructions are procedure or work-instruction content, not policy content.
A fuzzy-match threshold is a system configuration or tuning record, even if approved under the policy.
A specific alert closure reason belongs in case documentation, not in the enterprise policy.

This states a high-level sanctions compliance requirement that governs the program without prescribing operational steps or recording a single case outcome.

Question 67

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions investigator is reviewing a held outbound trade payment. The bank’s applicable sanctions rules prohibit transactions involving Country X unless a valid license or exemption applies.

Payment message: Ordering customer is Meridian Components Ltd.; beneficiary is Harbor Route Trading LLC in Country Y.
Payment purpose: industrial spares, invoice 4487; no reference to Country X appears in the payment fields.
Invoice 4487: Final destination is Port Delta, Country X.
Customer email to the relationship manager: “Please keep Country X out of the wire details and route through Harbor Route so the bank does not stop it again.”
File review: No license or exemption is recorded.

Which investigation step do these facts best support?

A. Release the payment because neither the customer nor the beneficiary produced a sanctions list match.
B. Close the review as a false positive and add the beneficiary to an exclusion list.
C. Keep the payment on hold and escalate it as potential sanctions evasion with the invoice and customer email preserved as evidence.
D. Ask the customer to resend the payment with neutral wording and no destination reference.

Best answer: C

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Sanctions investigations should focus on the full transaction context, not only name-screening results. Here, the invoice identifies a final destination in a prohibited country, and the customer’s email shows an apparent attempt to remove that reference from the payment message. The absence of a recorded license or exemption means the investigator should not release the payment based on clean party screening alone. The appropriate step is to maintain the hold, preserve the relevant documents and communications, and escalate the matter under the sanctions investigation process for legal, compliance, and reporting decisions as required by the institution’s procedures.

Clean customer and beneficiary screening does not resolve a prohibited destination or deliberate concealment.
Asking for a cleaner payment message would assist concealment instead of investigating it.
An exclusion list is inappropriate because the concern is transaction context and customer intent, not a recurring false name match.

The documents show a prohibited-country nexus and an instruction to conceal it, supporting hold, preservation, and escalation.

Question 68

Topic: Building a Sanctions Compliance Program

A bank’s AML transaction monitoring system reviews settled wire activity each night for unusual patterns, such as rapid movement of funds and high-risk jurisdiction exposure. A product owner proposes using the same nightly AML rules as the bank’s main control for sanctions on outgoing wires because the rules already generate alerts for suspicious payment routes. Sanctions lists can change during the day, and the bank must prevent prohibited payments before release when a listed party or restricted jurisdiction is involved. Which control change best fits these facts?

A. Lower the AML transaction monitoring thresholds so unusual outgoing wires are more likely to alert after settlement.
B. Require customers to certify annually that they will not send payments involving sanctioned parties.
C. Review a monthly sample of outgoing wires for sanctions exposure and remediate any prohibited payments found.
D. Add pre-release sanctions screening of relevant payment parties and jurisdictions against current lists, with interdiction and escalation of potential matches.

Best answer: D

What this tests: Building a Sanctions Compliance Program

Explanation: AML monitoring and sanctions monitoring can both use customer and transaction data, automated alerts, investigator review, escalation, and documentation. Their control purposes differ. AML transaction monitoring commonly looks for suspicious patterns, often after activity occurs, to support investigation and reporting. Sanctions controls must also prevent or stop prohibited activity, so payment screening and interdiction need to occur before release and against current sanctions data. In this situation, the existing nightly AML rules may help identify unusual behavior, but they are not enough as the main sanctions control because they operate after settlement and are pattern-based rather than list-based.

Lower AML thresholds may create more alerts, but it still leaves prohibited payments to be detected after settlement.
Customer certifications can support due diligence, but they do not replace screening and interdiction.
Monthly sampling is a testing or assurance technique, not a primary control to prevent prohibited payments.

Sanctions monitoring must include timely list-based screening and interdiction before prohibited activity occurs, even though it may share data, alert review, and escalation features with AML monitoring.

Question 69

Topic: Building a Sanctions Compliance Program

A sanctions compliance officer is assigned to quarterly assurance work over the payment-screening process. The scope memo says to verify whether closed alerts from the prior quarter were handled in accordance with escalation, evidence, and approval requirements. No current payment is being held, no confirmed sanctions match has been identified, and the daily screening jobs are running normally.

Which step best fits these facts?

A. Submit a regulatory sanctions report because prior-quarter alerts were reviewed after payment processing.
B. Open a live investigation case, hold the related payment, and request additional customer information before dispositioning the alert.
C. Select a sample of closed alerts, reperform the required review steps, and document any exceptions for remediation.
D. Restart the screening batch job and confirm the daily sanctions list update completed successfully.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Control testing evaluates whether a sanctions control operated as designed during a defined period. Here, the work is quarterly assurance over closed payment-screening alerts, and there is no active alert, blocked asset, or system outage. The appropriate response is to test the control by selecting relevant items, comparing the analyst work to policy requirements, documenting exceptions, and feeding results into remediation and control improvement. A live alert investigation would be used when a pending transaction or potential match requires a disposition. Regulatory reporting depends on a reportable sanctions event or legal requirement, not merely the existence of testing. Routine system operations address job completion, list loading, and technical processing, not assurance over analyst handling of historical alerts.

Holding a payment and opening a live case fits an unresolved alert, not assurance over already closed alerts.
Regulatory reporting is not triggered by control testing alone without a reportable sanctions event.
Restarting a batch job addresses system operations, while the stated task is to test whether alert-handling controls worked.

The facts describe assurance over a control, so sampling, reperformance, exception documentation, and remediation tracking are the appropriate steps.

Question 70

Topic: Detecting and Investigating Sanctions Evasion Techniques

A bank is reviewing a trade finance request for a customer exporting high-performance navigation modules that can have civilian or military uses. The stated buyer is a newly formed trading company in Country A, which is not comprehensively sanctioned. The shipping instructions route the goods through a free trade zone near Country Z, which is subject to broad sanctions and military end-use restrictions. The end-use certificate says only “commercial resale in the region,” and the buyer refuses to identify ultimate end users. An email from the customer asks the freight forwarder to describe the goods as “electronic accessories” and split the shipment into smaller lots. Screening of the named parties and vessel produced no sanctions list match. What is the best sanctions compliance conclusion?

A. The issue is limited to a customs classification concern, so sanctions review is unnecessary if the exporter provides a commercial invoice.
B. The transaction can proceed because the named parties and vessel did not match a sanctions list.
C. The bank must automatically freeze the goods because any transshipment near a sanctioned country creates a confirmed sanctions match.
D. The facts indicate potential trade-related sanctions evasion through goods misdescription, route diversion, and concealed end use or end user; processing should be paused and escalated for enhanced review.

Best answer: D

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Trade-related sanctions evasion often appears without a direct sanctions list hit. Common indicators include misdescribing controlled or dual-use goods, routing through intermediaries or free trade zones near sanctioned destinations, refusing to identify the ultimate end user, using vague end-use certificates, and splitting shipments to reduce scrutiny. Here, several indicators point in the same direction: the goods have sensitive potential uses, the route increases diversion risk, the end-use statement is non-specific, the buyer will not identify ultimate users, and the customer asked to obscure the goods description. The appropriate response is not automatic clearance or automatic freezing based solely on proximity to a sanctioned country. The bank should pause processing, escalate to sanctions and trade compliance, and obtain verifiable end-use, end-user, routing, licensing, and goods-classification information before deciding whether the activity is permitted.

A no-list-hit result does not resolve trade sanctions risk when documents suggest diversion or concealed end use.
Automatic freezing is not supported solely by a free trade zone route unless a legal blocking requirement or sanctioned interest is established.
Treating the matter only as customs classification ignores sanctions red flags in the route, goods description, and ultimate end-user information.

The generic goods description, vague end-use statement, refusal to identify ultimate users, shipment splitting, and risky transshipment route are combined indicators of possible diversion to a sanctioned or restricted end user.

Question 71

Topic: Sanctions Frameworks and Governance

A sanctions analyst at a global bank is reviewing a payment before release. The bank is not incorporated in the United States, and the customer and supplier are not listed. The bank’s policy requires escalation when a transaction may enter the jurisdiction of a sanctions authority.

Review note:

Ordering customer: UAE trading company.
Beneficiary: Turkish equipment supplier.
Stated destination of goods: Country X, subject to comprehensive US sanctions.
Payment currency and routing: USD, expected to clear through a correspondent bank in New York.
Booking location: Singapore branch.
License or authorization: none provided.

What geographic scope concern does the review note most directly support?

A. Only UAE sanctions scope is relevant because the ordering customer is located in the UAE.
B. A US nexus may exist because the USD payment is expected to clear through New York while the goods are destined for a comprehensively sanctioned country.
C. Only Singapore sanctions scope is relevant because the booking branch is located in Singapore.
D. No geographic scope concern exists because neither the customer nor the supplier is incorporated in the sanctioned country.

Best answer: B

What this tests: Sanctions Frameworks and Governance

Explanation: Geographic scope is not determined only by where the customer, supplier, or booking branch is located. A transaction can create a sanctions nexus with a jurisdiction through payment clearing, correspondent banking, currency use, goods destination, parties, ownership, or facilitation by persons subject to that jurisdiction. Here, the stated destination is a comprehensively sanctioned country, and the USD payment is expected to clear through New York. That combination supports escalation for possible US sanctions applicability even though the bank, customer, and supplier are non-US and not listed. The absence of a license or authorization also makes release inappropriate without further review.

Local booking location is relevant, but it does not exclude sanctions obligations triggered by a correspondent bank or clearing jurisdiction.
Customer location may inform risk, but it does not control the full geographic scope when routing and destination create another nexus.
Non-listed status and foreign incorporation do not eliminate concern when the payment route and goods destination point to a sanctions authority’s jurisdiction.

The New York correspondent route can bring a non-US transaction within US sanctions controls, especially with a sanctioned-country destination.

Question 72

Topic: Building a Sanctions Compliance Program

A sanctions compliance manager reviews the following quality assurance notes from customer-screening alert files:

Three analysts reviewed similar close-name alerts involving the same sanctions list entry and customers with incomplete date-of-birth data.
One analyst cleared the alert because the address did not match.
One analyst escalated the alert because the date of birth was missing.
One analyst requested beneficial ownership information before disposition.
The written procedure says only: “Review available information and decide whether the alert is a match.”
No list-update, system-threshold, or data-feed failure was identified.

What procedural response does this exhibit most directly support?

A. Require analysts to clear alerts when at least one customer attribute does not match the listed party.
B. Have the business line certify whether each alerted customer is acceptable before compliance disposition.
C. Revise the procedure to define minimum review steps, disposition criteria, documentation expectations, and escalation triggers for uncertain alerts.
D. Lower the screening threshold so fewer close-name alerts are generated for analyst review.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Consistent sanctions decision making depends on documented procedures that tell analysts how to evaluate evidence, when more information is required, when escalation is mandatory, and how to record the basis for a decision. The QA notes show that analysts faced similar facts but applied different standards. That is a procedural gap: the procedure gives broad discretion without defining minimum review expectations or decision criteria. A better procedure would not remove judgment, but it would structure judgment so similar alerts are handled consistently and can be defended during QA, audit, or regulatory review. The facts do not point to a screening-tool problem, a list-feed issue, or a need to outsource the compliance decision to the business line.

Lowering the screening threshold addresses alert volume or matching sensitivity, not inconsistent analyst reasoning under similar facts.
Clearing whenever one attribute differs is too rigid and could miss true matches when data is incomplete, stale, transliterated, or deliberately varied.
Business-line input may support fact gathering, but sanctions disposition should follow compliance procedures with documented criteria and escalation controls.

The QA notes show inconsistent analyst decisions caused by vague procedures rather than a system or list-management failure.

Question 73

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions investigator is preparing a response to a customer whose account has been frozen after a sanctions screening review. Review the case notes. What conclusion do these notes best support?

Screening result: customer name, registration number, and director details match a newly designated entity.
Status: the account and pending transfers are frozen under the institution’s sanctions procedure.
Approved customer message: “We cannot provide the requested services or release the assets because legal or regulatory sanctions restrictions apply.”
Restricted disclosures: do not reveal alert scores, matching rules, list-entry aliases, internal escalation steps, reporting decisions, affiliates under review, or planned monitoring.
Customer request: “Tell us exactly what triggered the freeze so we can move business through another affiliate before more accounts are affected.”
A. Confirm the internal escalation and reporting plan so the customer understands how the case will proceed.
B. Avoid all contact with the customer because any notice to a designated party is automatically tipping-off.
C. Send only the approved restriction notice and withhold screening, reporting, affiliate-review, and monitoring details.
D. Provide the match criteria and list-entry aliases so the customer can confirm whether the designation applies.

Best answer: C

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Target notification is not the same as tipping-off. A sanctions program may permit or require an approved, limited notice that services are restricted or assets are frozen because sanctions restrictions apply. That communication should be factual, controlled, and consistent with legal and policy requirements. Tipping-off risk arises when the institution reveals information that could help a target or related party evade restrictions, alter behavior, move funds, or undermine an investigation. Here, the customer specifically asks for triggering details to route business through an affiliate. The appropriate response is the approved restriction notice only, without disclosing matching logic, aliases, reporting decisions, affiliates under review, or planned monitoring.

Refusing all contact overstates the boundary; limited approved notification may be permitted or required.
Sharing match criteria or aliases could help the customer adjust names, counterparties, or routing to evade controls.
Discussing escalation, reporting, or monitoring reveals internal handling that is not needed for a restricted-asset notice.

The notes permit limited notification of the restriction while prohibiting internal details that could aid evasion or compromise the review.

Question 74

Topic: Sanctions Frameworks and Governance

A bank is reviewing a payment that a corporate customer wants processed under a sanctions authorization issued by the customer’s home authority. The authorization states that the customer may pay North Port Shipyard up to €300,000 for emergency safety repairs under invoice NPS-884 before October 31, provided no funds are made available to any listed person or any entity owned or controlled by a listed person.

The requested payment is €250,000 to Baltic Repairs Ltd. for replacement components for the same vessel. The customer says Baltic Repairs is an affiliate of North Port Shipyard and that the payment is commercially related to the authorized repair work. Screening and ownership review show that Baltic Repairs is 60% owned by a listed person.

What is the best sanctions compliance conclusion?

A. The bank may process the payment because the amount is below the authorized cap and the work relates to the same vessel.
B. The bank may process the payment if the customer confirms that Baltic Repairs is an affiliate of the authorized shipyard.
C. The bank should not rely on the authorization and should escalate for legal or sanctions review before any processing.
D. The bank should treat the authorization as covering all payments connected to the repair project until the expiration date.

Best answer: C

What this tests: Sanctions Frameworks and Governance

Explanation: A sanctions license or authorization must be applied according to its specific scope and conditions. Relevant limits can include the issuing authority, named parties, ownership or control restrictions, permitted purpose, invoice or contract reference, amount, dates, reporting requirements, and any prohibition on onward benefit to sanctioned parties. Here, the requested payment is not to the named payee and is not tied to the specified invoice. More importantly, the authorization expressly prohibits funds being made available to an entity owned or controlled by a listed person, and the payee is 60% owned by a listed person. The appropriate response is to stop processing under that authorization and escalate for sanctions or legal review, which may include seeking clarification or an amended authorization from the competent authority.

A payment cap and valid date do not cure a mismatch in payee, invoice, or ownership-control conditions.
A customer’s commercial explanation or affiliate relationship cannot expand the legal scope of an authorization.
A project connection is not enough when the authorization is limited to specific parties and conditions.

The payment falls outside the named payee and invoice terms, and the authorization expressly excludes making funds available to an entity owned by a listed person.

Question 75

Topic: Sanctions Frameworks and Governance

A financial institution receives a notice from its sanctions authority. The measure applies to named companies in a foreign energy sector and their owned or controlled entities. It does not impose an asset freeze or a comprehensive country embargo. It prohibits the institution from providing new long-term financing and specified capital-market services to those parties, while other activity may be allowed if no separate restriction applies.

Which control response best matches this sanctions type?

A. Configure screening and transaction controls to identify the listed sectoral parties, review ownership/control, and block only the prohibited financing and capital-market activity.
B. Freeze all assets and reject all transactions involving any customer located in the foreign country.
C. Treat the notice as a secondary sanctions warning only and continue processing unless a party appears on a blocking list.
D. Suspend all trade finance for the entire energy industry worldwide until the authority issues a general license.

Best answer: A

What this tests: Sanctions Frameworks and Governance

Explanation: Sectoral sanctions restrict particular kinds of activity with specified parties, sectors, or instruments. They usually require precise controls that combine sanctions screening, ownership/control review, product and transaction logic, and escalation for activity that may fall within the restriction. Here, the decisive facts are that the measure targets named energy-sector companies and owned or controlled entities, prohibits new long-term financing and specified capital-market services, and does not impose a full asset freeze or country embargo. The appropriate response is to configure controls to stop the prohibited activity while allowing properly reviewed activity that is outside the restriction and not otherwise prohibited.

Full asset freezing and country-wide rejection would fit a blocking measure or comprehensive embargo, not the scoped sectoral restriction described.
Suspending worldwide energy trade finance is broader than the stated authority and ignores the named-party and activity-based limits.
Treating the notice only as a secondary sanctions warning misses the direct prohibition on providing specified financing and services.

Sectoral sanctions require targeted controls for the restricted parties and prohibited activity rather than automatic full blocking of every relationship.

Questions 76-100

Question 76

Topic: Building a Sanctions Compliance Program

A bank rates a wholesale electronics importer as low sanctions risk. Its current controls screen the customer and recorded beneficial owners at onboarding, rescreen them when sanctions lists update, and screen wire messages for named originators, beneficiaries, and banks. The customer now submits its first shipment-related payment.

Case notes:

Product: dual-use industrial sensors.
Trade documents: invoice names a reseller, end user, and freight forwarder in a jurisdiction newly subject to sectoral sanctions.
Payment message: names only the reseller, with abbreviated party names that differ from the invoice.
Ownership: a new 35% indirect owner was added after onboarding.
Results so far: no exact list hit on the payment message; trade-document parties and the new owner have not been screened.

What should sanctions compliance recommend before releasing the payment?

A. Treat the activity as higher sanctions risk, conduct event-driven screening of the new owner and all payment and trade-document parties using appropriate fuzzy matching, and escalate unresolved results for sanctions review.
B. Release the payment because the wire-screening result had no exact hit, and screen the new owner at the next scheduled ownership review.
C. Keep the same customer-screening coverage but increase batch rescreening frequency for the customer name only.
D. Block the payment solely because one jurisdiction is subject to sectoral sanctions, without additional screening or licensing or legal review.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Risk-based screening should change when the customer’s sanctions risk profile changes materially. New ownership, dual-use goods, sectoral sanctions exposure, unscreened trade-document parties, and name variations between the payment and invoice all show that payment-message screening alone is not enough. The proportionate response is to pause release, expand coverage to the new owner and relevant trade and payment parties, use matching logic that can handle abbreviations or aliases, and escalate unresolved matches or restrictions for sanctions review. This is stronger than waiting for the next periodic review, but it also avoids automatically treating a sectoral-sanctions jurisdiction as a blanket prohibition without analysis.

A clean exact-match result on the wire message does not resolve risk when relevant trade parties and ownership changes were not screened.
Sectoral sanctions may restrict specific parties, activities, financing, or goods, but they require scoped analysis rather than automatic blocking based only on geography.
Increasing frequency for the customer name alone leaves the key coverage gaps: new ownership, reseller, end user, freight forwarder, and trade-document name variations.

The changed ownership, trade parties, sectoral exposure, and payment-document mismatch create a material risk change requiring expanded screening and escalation before release.

Question 77

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions analyst reviews a trade finance request for a customer exporting corrosion-resistant industrial pumps and valves. The exporter and named distributor have no sanctions list matches. Country A is not subject to comprehensive sanctions; Country B is subject to restrictions on certain energy-sector activity.

Trade review notes:

Invoice: consignee is Al Noor Trading FZE in a Country A free zone.
Goods: high-pressure pumps and corrosion-resistant valves usable in water treatment or refinery operations.
End-use certificate: states “municipal water treatment,” but the project name and final end-user fields are blank.
Shipping instruction: transshipment is allowed, with delivery to the distributor’s warehouse near the Country B border.
Customer email: “Do not include final buyer details in bank documents because their refinery sanctions issues caused problems last year.”

Based on these notes, what sanctions compliance conclusion is best supported?

A. Block the transaction as a confirmed dealing with a sanctioned party and begin frozen-asset reporting.
B. Treat the matter only as a routine documentation deficiency because the certificate states municipal water treatment.
C. Escalate the transaction and obtain additional verification of the actual end user and end use before proceeding.
D. Approve the transaction because the screened parties have no list matches and Country A is not comprehensively sanctioned.

Best answer: C

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Trade-related sanctions evasion often involves concealing the real end user, final destination, or restricted end use behind an intermediary in a lower-risk jurisdiction. A clean name-screening result does not resolve red flags in trade documents. Here, the stated water-treatment purpose is weakened by blank final end-user details, goods that can support refinery activity, transshipment through a free zone, delivery near a restricted jurisdiction, and an instruction to omit final buyer information because of prior sanctions issues. These facts do not by themselves prove a blocked party or require automatic asset freezing, but they do support escalation, documentary corroboration, and independent verification before the institution processes or finances the trade.

Approval based only on list screening misses the end-use and end-user concealment indicators in the trade file.
Blocking and frozen-asset reporting would be premature without a confirmed sanctioned party, prohibited interest, or applicable legal trigger.
Relying on the stated municipal water-treatment purpose ignores contradictory evidence and incomplete end-user information.

The blank end-user information, inconsistent end-use indicators, transshipment route, and request to conceal the final buyer create sanctions evasion red flags requiring escalation and verification.

Question 78

Topic: Building a Sanctions Compliance Program

A bank’s real-time payment filter stops an outbound wire for review. The beneficiary name is Sergei Ivanov; the payment message also includes date of birth 12 May 1980 and passport number 51 1234567. The sanctions-list record that generated the alert is for Sergey Ivanov, with the same date of birth and passport number. The customer says the beneficiary lives in Cyprus and is “not the listed person” because the spelling and address are different. What is the best next step?

A. Ask the customer to resend the payment without the date of birth and passport number to avoid a future filter hit.
B. Keep the payment on hold and escalate the alert as a likely true match supported by unique identifiers.
C. Release the payment after obtaining the customer’s written statement that the beneficiary is not sanctioned.
D. Clear the alert because the beneficiary’s name spelling and current address differ from the list record.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions alert disposition should be based on reliable identifiers, not only on name spelling or a customer assertion. A minor transliteration difference such as Sergei versus Sergey is common in sanctions screening, and a different current address does not overcome an exact match on strong identifiers such as date of birth and passport number. The payment should remain on hold while the case is escalated under the institution’s sanctions procedures for confirmed or likely matches. Clearing would require evidence that distinguishes the beneficiary from the listed person, such as different verified identity numbers, dates of birth, or other reliable independent records.

Clearing based on spelling and address treats weak differences as stronger than exact identity data.
A customer statement can support inquiry, but it does not replace independent match analysis.
Removing identifiers from a payment message would weaken controls and may indicate evasion rather than proper alert handling.

The matching date of birth and passport number are strong identifiers, so spelling and address differences are not enough to clear the alert.

Question 79

Topic: Building a Sanctions Compliance Program

A global payments firm is considering a screening control design for a new instant payout service. Review the change note:

Product: low-value instant cross-border payouts to merchants and freelancers.
Corridors: includes jurisdictions the firm rates as elevated sanctions risk.
Available before release: sender, beneficiary, beneficiary bank, jurisdiction, and payment narrative.
Operations proposal: screen merchants at onboarding and monthly thereafter; do not screen individual payouts before release; suppress fuzzy-name alerts because false positives delay payments.
Governance record: no documented sanctions risk assessment update, threshold testing, compliance approval, or escalation criteria for elevated-risk corridors.

What sanctions compliance conclusion does the note best support?

A. Contractual sanctions attestations from merchants would be an adequate substitute for payout-level screening.
B. The change should not be approved until screening scope, thresholds, and escalation rules are documented, tested, and approved based on the service’s sanctions risk.
C. Fuzzy matching should be permanently disabled because false positives indicate the tool is over-screening.
D. Monthly merchant rescreening is sufficient because the payouts are low value and the service is designed for speed.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: Risk-based sanctions screening does not mean reducing controls whenever they slow operations. It means tailoring screening to the risk presented by products, jurisdictions, counterparties, data availability, and transaction timing, with documented governance. Here, the firm has elevated-risk corridors and enough pre-release data to screen relevant parties and payment information before funds move. Suppressing fuzzy alerts and omitting payout screening may be possible only if supported by a documented risk assessment, tested tuning, approved escalation rules, and compensating controls. Low-value instant payments can still create sanctions exposure, especially when they are cross-border and rapid. Governance should require compliance approval, evidence of threshold testing, and ongoing monitoring before the control change is implemented.

Low value and speed do not remove sanctions risk, especially for cross-border payments involving elevated-risk corridors.
High false positives call for tuning, data-quality review, and validation, not permanent suppression of fuzzy matching without analysis.
Merchant attestations may support due diligence, but they do not replace screening and escalation controls for available payout data.

Elevated corridors and available pre-release data require governed, risk-based screening decisions rather than an undocumented operational shortcut.

Question 80

Topic: Building a Sanctions Compliance Program

A global bank completes a sanctions control review of its trade finance process. Testing shows that customer and counterparty names were screened accurately against current sanctions lists. However, 9 of 50 files involving dual-use goods and high-risk transshipment routes did not receive enhanced sanctions review because the procedure required escalation only when the name-screening tool produced a potential match. Two files contained unresolved diversion red flags, but no listed party match. What is the most appropriate control improvement?

A. Accept customer sanctions certifications as the control for dual-use goods files without additional document review.
B. Revise the procedure to require documented trade due diligence and escalation for defined sanctions red flags, even when name screening has no match.
C. Lower the name-screening match threshold so more trade finance files produce potential sanctions alerts.
D. Prohibit all trade finance activity involving dual-use goods or transshipment routes.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: A control improvement should address the actual root cause identified by testing. Here, list screening was accurate, but the program relied too heavily on name matches and failed to require trade due diligence when goods, routing, or diversion indicators created sanctions risk. The appropriate improvement is to update the trade finance procedure so defined red flags trigger documented review, escalation, and follow-up regardless of whether a party appears on a sanctions list. This aligns the control with sanctions evasion risk, where parties may use intermediaries, transshipment, or incomplete documentation to avoid detection. The improvement should be risk-based and evidence-supported rather than simply increasing alert volume or relying on customer statements.

Lowering the match threshold addresses screening sensitivity, not the missing trade due diligence trigger.
Customer certifications can support due diligence, but they do not replace document review and escalation for sanctions red flags.
A blanket prohibition is not risk-based and goes beyond the finding, which calls for better review of higher-risk trade activity.

The finding shows a process-design gap: trade sanctions risk was not escalated when non-name red flags indicated possible diversion.

Question 81

Topic: Building a Sanctions Compliance Program

A bank’s trade operations team is reviewing a letter of credit for an exporter that ships laboratory equipment. The documents describe “high-speed centrifuge rotors” and “vacuum pumps” for a medical research institute. The invoice uses a generic HS code, the buyer asks that the end user be omitted from the shipping documents, and the goods will be routed through a trading company in a jurisdiction known by the bank to present elevated diversion risk. No party is an exact match to a sanctions list.

What is the best next step before processing the transaction?

A. Hold the transaction and escalate for export-control classification, end-use, end-user, and diversion-risk review.
B. Ask the exporter to certify that the goods are for medical use, then release the documents without further review.
C. Reject the transaction automatically because laboratory equipment is always prohibited in cross-border trade.
D. Process the transaction because no party is an exact sanctions-list match.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Dual-use concern arises when goods with legitimate civilian uses may also support restricted military, proliferation, or other prohibited end uses. Here, high-speed centrifuge components and vacuum pumps can be sensitive depending on technical specifications and end use. The generic product coding, request to omit the end user, and routing through a higher-risk trading company add diversion indicators. A sanctions compliance response should not stop at list screening. The bank should pause processing and escalate for export-control classification, end-use and end-user verification, party and vessel screening as applicable, and license or prohibition analysis under relevant authorities.

A clean name-screening result does not resolve dual-use, export-control, or diversion risk.
An exporter certification can support due diligence, but it does not replace technical classification and end-use/end-user review when red flags are present.
Laboratory equipment is not automatically prohibited; the concern depends on specifications, parties, destination, routing, end use, and applicable controls.

The goods and routing facts indicate possible dual-use and diversion concerns that require export-control due diligence before processing.

Question 82

Topic: Detecting and Investigating Sanctions Evasion Techniques

A virtual asset service provider receives a cryptocurrency deposit from a customer. Blockchain analytics shows the funds came through a mixer and a cross-chain bridge shortly before the deposit, with earlier exposure to a wallet attributed to a sanctioned cyber actor. The customer says the transfer is “anonymous crypto” and cannot be connected to sanctions. The deposit cannot be credited until the alert is resolved. Which step best fits the facts?

A. Escalate the deposit for enhanced sanctions review with documented blockchain tracing, obfuscation indicators, and customer/source-of-funds information.
B. Close the alert because mixer and bridge use makes blockchain evidence unusable for sanctions analysis.
C. Clear the deposit because the sanctioned wallet was not the direct sender to the customer’s address.
D. Rely on the customer’s statement and perform no further review unless the customer’s name appears on a sanctions list.

Best answer: A

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Virtual assets can be traceable because many blockchains maintain public transaction histories that allow investigators to follow movements among addresses. That traceability does not automatically identify the real-world owner, source, or purpose of funds. Sanctions evaders exploit that gap through mixers, chain hopping, self-hosted wallets, nested services, privacy-enhancing tools, and misleading customer explanations. A sound sanctions response combines on-chain analysis with off-chain due diligence, documentation, and escalation when exposure to a sanctioned actor and obfuscation indicators appear. The alert should not be cleared solely because the exposure is indirect, and it should not be dismissed as impossible to investigate simply because crypto was used.

Clearing based only on no direct sender match ignores indirect exposure and deliberate obfuscation indicators.
Treating mixer and bridge use as making analysis impossible overlooks the value of blockchain tracing and analytics.
Relying only on the customer’s name screening misses wallet exposure, source-of-funds concerns, and sanctions evasion red flags.

The step uses the ledger’s traceability while addressing mixer and bridge activity that may conceal source, ownership, or destination.

Question 83

Topic: Detecting and Investigating Sanctions Evasion Techniques

A bank’s sanctions operations team is reviewing an outgoing payment that produced a close match to a newly listed company. The payment is on hold while ownership and control checks are still underway. The relationship manager says the customer is calling repeatedly and proposes saying: “The payment hit a sanctions list, and we need to know whether your supplier is connected to the listed party before we freeze or report it.”

No sanctions/legal-approved customer communication has been issued. What response best fits the situation?

A. Tell the customer the exact list entry and ask for immediate proof that the supplier is not connected to the listed party.
B. Decline to disclose the sanctions hit or possible control action, and route any customer response through sanctions/legal using an approved neutral message.
C. Release the payment temporarily while asking the customer for more documents, because disclosure risk is lower if funds are not blocked.
D. Advise the customer to reroute the payment through a different correspondent until the bank finishes its internal review.

Best answer: B

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Sanctions investigations and control actions can be compromised if a customer, counterparty, or target is told that a sanctions match, freeze, blocking decision, or report is under review. Such communication may allow assets to be moved, records to be altered, counterparties to be warned, or evasion steps to be taken. When the investigation is not complete and no approved communication exists, the safer response is controlled escalation. Any external message should be limited, neutral, documented, and approved by sanctions, legal, or the designated escalation function. The relationship manager should not disclose the sanctions hit, the potential freeze, or reporting considerations.

Giving the exact list entry may help gather facts, but it also directly alerts the customer to the sanctions concern.
Releasing the payment undermines the hold and may allow restricted funds to move before the review is complete.
Suggesting rerouting creates evasion risk and could help the customer avoid the control action.

This preserves the investigation and payment hold while reducing the risk of target notification or tipping-off.

Question 84

Topic: Building a Sanctions Compliance Program

A bank is reviewing a new trade finance customer. The relevant sanctions program and the bank’s policy require treating an entity as restricted if listed persons, in aggregate, own 50% or more directly or indirectly, or if a listed person controls the entity. The customer is not named on a sanctions list, and name screening did not produce a direct match.

Ownership facts:

Listed Person A owns 30% of the customer directly.
Listed Person B owns 100% of Delta Holdings.
Delta Holdings owns 25% of the customer.
Non-listed investors own the remaining 45%.
No separate veto rights or board control rights were identified.

What is the best sanctions compliance conclusion?

A. Clear the customer because no single listed person owns 50% or more of it.
B. Clear the customer because the customer itself is not named on a sanctions list.
C. Treat the customer as restricted because listed persons own 55% in aggregate when direct and indirect ownership are included.
D. Treat only Delta Holdings as restricted because Listed Person B does not own the customer directly.

Best answer: C

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions ownership analysis is not limited to exact name matches against sanctions lists. Where the applicable authority or policy requires it, a firm must evaluate direct ownership, indirect ownership through intermediaries, and aggregation of listed persons’ interests. Here, Listed Person A owns 30% directly, and Listed Person B indirectly owns 25% through Delta Holdings. Together, listed persons own 55% of the customer. Because the stated threshold is 50% or more in aggregate, the customer should be treated as restricted even though it is not separately listed and no additional control rights were found.

A single-owner test ignores the stated aggregation requirement for listed persons’ interests.
Relying only on the customer’s name-screening result misses ownership-based restrictions.
Looking only at Delta Holdings ignores indirect ownership flowing through that entity to the customer.

The direct 30% interest and indirect 25% interest are aggregated, reaching the stated 50% ownership threshold.

Question 85

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions analyst reviews a held cross-border payment after automated screening produced no exact list match. What investigation focus is best supported by the payment record?

Payment route: Dubai trading company to German industrial parts supplier, payable in USD through a correspondent bank.
Purpose field: Invoice 8842 - replacement pump seals and pressure valves.
Free-text instruction: Final customer in Bandar Abbas; ship via Jebel Ali freight forwarder.
Internal note attached by remitting bank: Buyer requested docs not reference IR destination due bank screening delays.
Prior activity: same Dubai trading company sent three recent payments for similar goods to different European suppliers using different freight forwarders.
A. Possible structuring to avoid cash transaction reporting thresholds.
B. Potential concealment of an Iranian end user and transshipment route.
C. A frozen-asset management issue requiring immediate release of blocked funds.
D. A likely false positive caused by name similarity to a listed person.

Best answer: B

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Payment-message content can provide stronger investigative direction than the absence of an exact list match. Here, the key facts are the final customer in Bandar Abbas, the routing through Jebel Ali, repeated payments for similar industrial parts, and a request to remove the Iran destination reference from documents. Those facts support a sanctions evasion inquiry focused on concealed end user, destination, and transshipment activity. The investigation should examine the parties, goods, end use, freight forwarders, trade documents, and any applicable licenses or prohibitions before deciding whether the payment may proceed, must be rejected, blocked, escalated, or reported under the institution’s obligations.

Name similarity is not the strongest issue because the facts do not identify a close match to a listed person.
Structuring is not supported because the pattern involves trade payments and destination concealment, not cash threshold avoidance.
Frozen-asset handling is premature because the facts show a held payment under review, not confirmed blocked property eligible for release.

The destination reference, request to omit the country reference, and use of a third-country intermediary support investigating sanctions evasion through concealed end use and routing.

Question 86

Topic: Sanctions Frameworks and Governance

A sanctions compliance team is reviewing whether an offshore payment flow may continue.

The paying entity and beneficiary are both outside Country A.
The payment would be in local currency, with no Country A persons, banks, goods, or systems involved.
Country A has stated that foreign financial institutions may lose access to Country A’s financial system if they knowingly facilitate significant transactions for a named sanctioned company.
Legal instructs the team to restrict the activity and escalate any proposed continuation, even without a direct Country A nexus.

Which sanctions concept do these facts most directly support?

A. Secondary sanctions
B. Blocking regulation
C. Primary sanctions
D. General license

Best answer: A

What this tests: Sanctions Frameworks and Governance

Explanation: The facts point to secondary sanctions because the restriction applies to foreign parties outside the sanctioning country’s ordinary jurisdictional reach. The key feature is not that the offshore transaction is directly prohibited through a local person, bank, currency, or system. Instead, Country A threatens consequences, such as loss of access to its financial system, if foreign financial institutions knowingly facilitate significant transactions for a specified sanctioned company. That creates a practical compliance restriction even where the transaction lacks a direct Country A nexus. A sanctions team would typically escalate and control this risk through legal review, policy restrictions, enhanced due diligence, and transaction controls.

Primary sanctions usually apply through a direct jurisdictional nexus, such as a local person, local currency clearing, local goods, or conduct within the sanctioning country.
A blocking regulation is designed to restrict or prohibit compliance with certain foreign sanctions, which is not the issue described here.
A general license authorizes otherwise prohibited activity within stated conditions; the facts describe a risk-based restriction, not an authorization.

Secondary sanctions can create consequences for non-jurisdictional parties that engage in specified dealings with sanctioned targets, even without a direct primary-sanctions nexus.

Question 87

Topic: Building a Sanctions Compliance Program

A sanctions compliance team is updating product risk ratings for a global bank. Review the excerpt below. What sanctions risk does the excerpt most strongly support?

Product: correspondent account with USD and EUR payment clearing for a foreign respondent bank.
The respondent permits regional exchange houses and payment service providers to send payments through its account.
Payment messages often name the respondent as the ordering institution but do not identify the downstream firms’ customers.
Recent payment traffic includes remittances and trade payments involving jurisdictions near comprehensively sanctioned territories.
The business proposes relying only on the respondent’s annual sanctions certification.
A. A nested correspondent banking risk in which downstream customers and payment providers may obscure sanctioned parties or jurisdictions.
B. A trade finance documentation risk limited to misdescribed goods in letters of credit.
C. A retail deposit risk limited to screening the respondent bank’s employees and account signatories.
D. A securities custody risk involving the receipt of dividends or corporate actions for sanctioned issuers.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Correspondent banking and payment clearing can create sanctions risk when a financial institution processes activity for parties it does not directly know. The excerpt points to nested activity: exchange houses and payment service providers are using the respondent’s account, while payment messages do not clearly identify the underlying customers. That limits the bank’s ability to screen true originators, beneficiaries, intermediaries, and jurisdictional connections. The proximity to comprehensively sanctioned territories further increases the need for risk-based due diligence, payment transparency, screening, escalation, and controls beyond a general annual certification. Certifications can support due diligence, but they do not replace understanding how the product is used and who may be indirectly accessing the service.

Securities custody risk is not supported because the facts do not involve securities, dividends, issuers, or corporate actions.
Retail deposit risk is too narrow because the exposure comes from payments processed for downstream parties, not only the respondent’s direct personnel.
Trade finance documentation risk is not the strongest conclusion because the excerpt describes payment clearing transparency, not letter-of-credit documents or goods descriptions.

The excerpt shows indirect payment activity through a respondent bank with limited transparency into underlying originators, beneficiaries, and jurisdictional exposure.

Question 88

Topic: Sanctions Frameworks and Governance

An EU subsidiary of a global manufacturer is asked to ship industrial pumps from Germany to a distributor in Country Z. No party is listed under EU or German sanctions, and payment is in euros through EU banks. The end customer appears on a foreign sanctions list issued by a country outside the EU; that program states it may penalize non-domestic companies that support Country Z’s energy sector. The EU subsidiary’s jurisdiction also has a blocking statute covering some foreign extraterritorial sanctions. The goods may require trade-control classification before export. What is the best next step?

A. Reject the order because a foreign sanctions list match must be followed by every group entity worldwide.
B. Release the order because euro payment and no local-list match eliminate sanctions scope concerns.
C. Hold the order and escalate for sanctions legal review of extraterritorial reach, blocking-statute conflict, and trade controls.
D. Obtain a customer certification and ship if the distributor confirms it is not a sanctioned party.

Best answer: C

What this tests: Sanctions Frameworks and Governance

Explanation: Geographic scope analysis is not limited to the location of the booking entity or payment currency. A foreign sanctions program may assert extraterritorial or secondary-sanctions consequences for non-domestic parties, while a local blocking statute may restrict how the company responds to that foreign measure. The shipment also has a possible trade-control issue because the goods may need classification before export. The proper response is to pause the transaction and escalate through sanctions and legal channels so the company can assess applicable prohibitions, permitted activity, blocking-statute risk, licensing or authorization needs, and documentation requirements. A business unit should not unilaterally reject, process, or rely on a certification when conflicting jurisdictional rules may apply.

Automatic rejection ignores the potential blocking-statute issue and assumes the foreign list applies globally without analysis.
Automatic release ignores possible extraterritorial sanctions exposure and the unresolved trade-control classification.
A customer certification may support due diligence, but it does not resolve sanctions scope, blocking-statute, or export-control questions.

The facts present overlapping geographic-scope issues that require a controlled legal and sanctions review before approving, rejecting, or communicating a decision.

Question 89

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions analyst reviews a held outbound wire from a manufacturing customer to a newly formed trading company in Country B. Country B is not sanctioned. Country C is comprehensively sanctioned under the bank’s applicable sanctions regimes. The named parties do not match a sanctions list, but the file contains these facts:

The customer was previously told that direct payments to a supplier in Country C could not be processed.
The payment narrative says, “consulting fee per invoice 914; do not reference Country C port in bank documents.”
An attached email says the Country B beneficiary will “receive funds and arrange final delivery to Rahim Energy in Country C.”

Which investigation focus is best supported by these facts?

A. Potential use of a third-country intermediary to conceal a prohibited Country C jurisdiction or end-user nexus
B. A routine name-screening false positive because no named party matches a sanctions list
C. A currency-control issue because the wire is outbound and the beneficiary is in a different country
D. A standard invoice-fraud issue because the beneficiary was recently formed

Best answer: A

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: The strongest sanctions focus is possible evasion through a third-country intermediary. A clean name-screening result does not resolve sanctions risk when payment messages and supporting communications point to a sanctioned jurisdiction or prohibited end user. Here, the customer had prior notice that direct payments to Country C could not be processed, the payment narrative asks that the Country C port not be referenced, and the email identifies final delivery to an entity in Country C. Those facts support escalation and investigation of the Country C nexus, the role of the Country B beneficiary, related invoices and communications, and whether the transaction is prohibited or requires licensing or rejection under the bank’s procedures.

No list hit is not enough to close the matter when the payment evidence suggests concealment of a sanctioned jurisdiction.
Currency movement between countries is not the key issue; the decisive facts involve Country C and the intended end user.
Recent incorporation may support concern, but invoice fraud alone does not address the sanctions nexus shown in the payment record.

The payment message, email, and timing support investigating whether the Country B beneficiary is being used to route funds or services to Country C despite the sanctions restriction.

Question 90

Topic: Detecting and Investigating Sanctions Evasion Techniques

A global bank is reviewing a trade-finance request from Meridian Commodities. The bank’s applicable sanctions prohibit facilitating trade with Sanctioned Country X and require escalation when a listed person may own or control property involved in a transaction.

Key facts include:

Meridian is not on a sanctions list, but its registry filing from last month shows a new holding company owns 51% of Meridian. The holding company’s voting rights are exercised by a trust protector who is a listed person.
The invoice describes “agricultural water pumps,” while the packing list shows high-pressure pump models commonly used in restricted industrial applications.
The buyer changed the end user from a municipal utility to a reseller in a free-trade zone bordering Sanctioned Country X.
Payment instructions split the invoice across two unrelated intermediaries, with one payment reference changed to “consulting fee.”
A requested commission payment would be made to a virtual-asset wallet that blockchain analytics links to a mixer and a wallet cluster previously associated with the listed person’s network.

What is the best recommendation?

A. Decline only the virtual-asset commission and proceed with the invoice payments because the fiat trade transaction is separately documented.
B. Place the activity on hold and escalate for sanctions investigation, ownership/control analysis, trade due diligence, and any required freeze or reporting decision.
C. Process the trade-finance request but file a general AML report because the unusual payment pattern is unrelated to sanctions risk.
D. Approve the transaction because Meridian, the buyer, and the intermediaries did not produce exact sanctions screening matches.

Best answer: B

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Sanctions evasion often appears as a pattern across several evidence sources rather than as a single exact list match. Here, the ownership structure points to possible control by a listed person, the trade documents conflict on the goods and end user, the routing suggests possible diversion toward Sanctioned Country X, the payment flow uses unrelated intermediaries and altered references, and the virtual-asset wallet has exposure to a mixer and a listed person’s network. Together, these facts support escalation before any processing continues. A sanctions team would normally preserve the activity on hold, analyze ownership and control, perform enhanced trade due diligence, review the virtual-asset exposure, and determine whether freezing, rejection, reporting, or licensing analysis is required under the applicable rules.

A lack of exact screening matches does not resolve ownership/control concerns, transliteration issues, shell-company risk, or trade-diversion indicators.
Treating the matter as only a generic AML issue misses the sanctions nexus created by the listed person, restricted jurisdiction, and trade documentation concerns.
Isolating the virtual-asset commission ignores the broader scheme indicated by ownership changes, invoice splitting, altered payment references, and possible end-use concealment.

The combined payment, trade, ownership, and virtual-asset indicators support a potential sanctions evasion scheme involving a listed person and Sanctioned Country X.

Question 91

Topic: Detecting and Investigating Sanctions Evasion Techniques

A bank is reviewing a customer’s request to divest securities issued by an entity that became blocked after being 55% owned by a newly listed person. The customer is not sanctioned and held the securities before the listing. The applicable authority issued a general authorization that:

permits only divestment of pre-existing holdings by non-sanctioned holders;
requires both trade execution and settlement before 5:00 p.m. on September 30;
prohibits any proceeds or fees from benefiting the blocked issuer or listed owner; and
requires a transaction report within 10 business days.

On September 29, the customer asks the bank to execute a sale to an unrelated buyer with settlement expected on October 2, stating that the activity is permitted because the trade will be booked before the deadline. What is the best recommendation?

A. Reject all divestment activity permanently because the issuer is blocked by ownership.
B. Do not treat the transaction as permitted as proposed; escalate for authorization or revised settlement timing, maintain controls over the position, and document any reporting obligations.
C. Execute the trade before September 30 and file the required report after settlement on October 2.
D. Process the sale because the customer is not sanctioned and the securities were held before the listing.

Best answer: B

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Permitted activity is not a broad exception to sanctions controls. It must be tested against the authority that permits it and the exact scope, timing, restrictions, and reporting conditions attached to that authority. Here, the authorization covers a narrow category: divestment of pre-existing holdings by non-sanctioned holders. The customer and activity may fit that scope, and the buyer appears unrelated, but the timing condition requires both execution and settlement before the deadline. A settlement after the deadline would fall outside the authorization. The bank should not rely on the customer’s general assertion that the transaction is permitted. It should escalate, seek a compliant settlement or additional authorization, maintain appropriate restrictions, and preserve any required reporting and documentation.

Pre-existing ownership and non-sanctioned customer status help with scope, but they do not override settlement timing.
Booking the trade before the deadline is insufficient when the authorization also requires settlement before the deadline.
A blocked issuer does not automatically bar every divestment when a valid authorization allows a narrow, controlled exit.

The proposed settlement falls outside the authorization’s timing condition, so the activity cannot be treated as permitted without further authority or a compliant revision.

Question 92

Topic: Building a Sanctions Compliance Program

A global financial institution is redesigning sanctions due diligence. Retail banking mainly onboards individual customers and screens account activity. Trade finance reviews import/export documents, goods descriptions, vessels, ports, and counterparties. Payment operations processes messages that may involve non-customer originators, beneficiaries, and intermediary banks. Commercial lending reviews borrower ownership and use of proceeds. Management proposes one enterprise questionnaire focused on customer name screening at onboarding. What is the best recommendation?

A. Use the same onboarding questionnaire for every business line to ensure consistent treatment across the institution.
B. Tailor due diligence by line of business, mapping how each line creates, receives, or processes sanctions exposure and assigning controls to those exposure points.
C. Rely on the central screening system because automated name screening covers sanctions risk across all products.
D. Apply the trade finance due diligence standard to all lines because it is the most detailed review process.

Best answer: B

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions exposure arises differently across business lines. Retail banking may focus on customer identity, ownership, and account activity. Trade finance must examine trade parties, goods, vessels, ports, routes, and document inconsistencies. Payment operations may face risk from non-customer parties embedded in payment messages. Lending may require ownership/control review and scrutiny of use of proceeds. A sound sanctions compliance program uses a consistent enterprise framework, but the actual due diligence steps must be tailored to how each business line creates, receives, or processes exposure. A single onboarding checklist can miss trade, payment, or product-specific risks, while a universal maximum-control approach may be inefficient and poorly targeted.

A single onboarding questionnaire misses sanctions risks that appear after onboarding or outside the direct customer relationship.
Automated name screening is important, but it does not replace line-specific review of trade documents, payment data, ownership, and product use.
Applying the most detailed trade finance process everywhere may over-control some areas while still failing to address their distinct risk points.

Sanctions due diligence must match the specific exposure channels of each business line, not only the customer onboarding process.

Question 93

Topic: Detecting and Investigating Sanctions Evasion Techniques

A sanctions investigator reviews a closed payment alert after a control failure.

Payment: €42,000 wire released two days ago to Baltic Tech LLC.
Screening evidence: On the payment date, Baltic Tech LLC was already a designated party, and the payment name and address matched the sanctions list entry.
Cause: The daily list update failed to load into the payment interdiction system, so no alert stopped the wire.
License status: Legal confirmed no license, exemption, or permitted-activity basis applied.
Customer conduct: No evidence shows the customer concealed the beneficiary or structured the payment.
Current status: The funds cannot be recalled, and the customer has not been contacted.

What reporting action is best supported by these facts?

A. File a suspicious activity report based solely on the customer’s sanctions evasion conduct.
B. Notify the customer that the bank missed a sanctions match and request that the customer recover the funds.
C. Close the case with only internal case notes because no customer concealment was identified.
D. Prepare a sanctions breach report or voluntary disclosure through legal/compliance to the relevant sanctions authority.

Best answer: D

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Breach reporting addresses a confirmed sanctions violation or control failure, such as processing a prohibited payment involving a designated party without a license or exemption. Suspicious activity reporting is different: it is used when facts support suspicion of criminal conduct, money laundering, terrorist financing, sanctions evasion, or similar activity. Here, the evidence shows an actual prohibited transaction caused by a failed list update, but it does not show that the customer tried to evade sanctions. Internal case notes and management reporting are important records, but they do not substitute for required external breach reporting. Customer communication should be controlled and coordinated because it can affect investigation integrity, legal strategy, and regulatory obligations.

Suspicious activity reporting may still be considered if additional facts show evasion, but the listed facts primarily show a confirmed sanctions breach.
Internal case notes document the investigation, but they do not resolve an externally reportable prohibited transaction.
Customer notification is not the immediate reporting response and should not disclose sensitive investigation or control-failure details without authorization.

A prohibited payment to a designated party was processed because of a control failure, which supports breach reporting rather than only internal documentation or suspicion-based reporting.

Question 94

Topic: Sanctions Frameworks and Governance

An EU-incorporated manufacturing subsidiary of a U.S.-headquartered group receives an order from a Turkish distributor for non-U.S.-origin industrial pumps to be shipped from Germany to an end buyer in a country subject to broad U.S. trade sanctions and secondary-sanctions risk. The goods are not restricted under the EU sanctions list available to the business, and payment would be in euros through EU banks. The U.S. parent wants the EU subsidiary to reject the order solely because of U.S. sanctions policy, while the EU subsidiary notes that a local blocking statute may restrict compliance with certain extraterritorial foreign sanctions. What is the best sanctions compliance recommendation?

A. Process the order if screening shows no listed parties, because destination-based trade restrictions do not matter without a name match.
B. Proceed with the order because euro payment through EU banks and non-U.S.-origin goods remove U.S. sanctions concerns.
C. Reject the order because U.S. sanctions automatically apply worldwide to every affiliate of a U.S.-headquartered group.
D. Escalate for a jurisdiction-by-jurisdiction sanctions and legal review covering U.S. nexus, secondary-sanctions exposure, EU trade restrictions, and the blocking statute before accepting or rejecting the order.

Best answer: D

What this tests: Sanctions Frameworks and Governance

Explanation: Sanctions geographic scope depends on the authorities that apply to the parties, activity, goods, payment route, ownership structure, and location of conduct. A non-U.S. subsidiary may face U.S. nexus issues through parent involvement, U.S. persons, U.S.-origin content, U.S. financial systems, or secondary-sanctions exposure, even when the transaction is outside the United States. At the same time, a local blocking statute may limit compliance with certain extraterritorial foreign sanctions, creating a conflict that should not be resolved by an operational team acting on a simple parent instruction. The appropriate response is controlled escalation and documented analysis before deciding whether the order is prohibited, permitted, licensable, or too risky under policy.

Automatic worldwide application overstates U.S. sanctions scope and ignores the blocking-statute concern.
Euro payment and non-U.S.-origin goods reduce some nexus factors but do not eliminate secondary-sanctions, parent-involvement, or trade-restriction risk.
Screening alone is incomplete because country, goods, end use, end user, routing, and legal authority can create sanctions exposure even without a listed-party match.

The facts create conflicting geographic-scope issues that require analysis of applicable authorities, extraterritorial reach, trade restrictions, and blocking-statute risk.

Question 95

Topic: Building a Sanctions Compliance Program

A bank is replacing its sanctions screening platform. The new system will be used for customer onboarding and real-time screening of cross-border payment messages. The implementation team proposes go-live based on the following validation file:

Vendor attestation states that the matching algorithm is used by other banks.
Test cases included exact Latin-character matches to listed names in the customer-name field only.
No test cases covered aliases, non-Latin transliteration, date-of-birth weighting, list-update ingestion, or payment message fields for originator, beneficiary, and intermediary banks.
The match threshold was set high to reduce false positives, but false negative testing was not documented.

What is the best sanctions compliance recommendation?

A. Do not rely on the system yet; validate it against representative customer and payment-screening scenarios, including data fields, list updates, aliases, transliteration, and threshold performance.
B. Approve go-live because vendor attestation and exact-name tests demonstrate that the matching algorithm can identify sanctioned parties.
C. Approve go-live because the higher threshold reduces false positives and improves sanctions alert workflow efficiency.
D. Approve go-live if investigators receive additional escalation training, because the remaining gaps concern review judgment rather than system reliability.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions screening technology should be validated for its intended use, not just for general algorithm capability. Here, the intended use includes customer onboarding and real-time payment screening, but the testing covered only exact Latin-character customer-name matches. It did not test key risks such as aliases, transliteration, date-of-birth weighting, list-update ingestion, payment-message fields, or false negatives at the selected threshold. A high threshold may reduce workload, but it can also suppress true matches if not tested. Vendor attestations can support due diligence, but they do not replace institution-specific validation against the bank’s products, data, jurisdictions, and risk profile.

Vendor attestation and exact-name testing are insufficient because they do not prove performance across the bank’s intended screening uses.
Lower false positives are not enough; threshold changes must be assessed for missed true matches.
Investigator training cannot compensate for untested system inputs, list ingestion, matching behavior, or false negative risk.

The validation evidence does not show that the screening technology is reliable for its intended customer and payment-screening uses.

Question 96

Topic: Detecting and Investigating Sanctions Evasion Techniques

A global bank froze a securities account after the account owner was added to an applicable sanctions list. The asset freeze prohibits making funds or economic resources available to the listed person and requires ongoing records and reporting. Six months later, the sanctions authority issues a specific license permitting the bank to sell the listed securities by a stated date solely to reduce custody risk, provided the net proceeds remain in the frozen account and no value is released to the customer or third parties. The relationship manager asks whether the bank may complete the sale and also send the proceeds to the customer’s non-sanctioned relative.

What is the best recommendation?

A. Transfer the proceeds to the non-sanctioned relative because the relative is not listed and the payment avoids direct release to the sanctioned customer.
B. Treat the sale proceeds as unfrozen because the license authorizes divestment of the securities.
C. Sell the securities only within the license conditions, keep the proceeds frozen, complete required records and reporting, and do not transfer funds to the relative without separate authority.
D. Decline the sale because frozen assets may not be managed, sold, or changed in form under any circumstances.

Best answer: C

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: A specific license should be applied only within its stated scope and conditions. Here, the permitted activity is a divestment: selling the frozen securities to reduce custody risk. That is different from unfreezing the account or allowing ordinary customer-directed activity. The proceeds remain frozen because the license expressly requires them to stay in the frozen account and prohibits release of value to the customer or third parties. Asset management may be allowed when authorized and controlled, but it must be documented, monitored, and reported as required. A payment to a non-sanctioned relative would still make value available for or on behalf of the sanctioned person unless separately authorized.

Refusing all activity ignores that a valid license can permit limited asset management or divestment.
Treating the proceeds as unfrozen confuses sale authorization with release authorization.
Paying the relative is not ordinary account activity; it would move value out of the frozen position without authority.

The license permits a scoped divestment but does not unfreeze the proceeds or authorize ordinary account activity or third-party payment.

Question 97

Topic: Detecting and Investigating Sanctions Evasion Techniques

A payments team completes a lookback after a list-update failure in its sanctions screening system. The review confirms that, three days earlier, the firm processed a payment to an entity that was already on the applicable sanctions list. There is no license, exemption, or permitted-activity basis for the payment. The investigation found no evidence that the customer tried to conceal the counterparty or otherwise evade sanctions. Local rules require confirmed sanctions breaches by the firm to be reported promptly to the competent sanctions authority. Which step best fits these facts?

A. File only a suspicious activity report because the payment involved a sanctioned counterparty.
B. Tell the customer that the payment caused a sanctions breach and ask for an explanation before reporting.
C. Submit a sanctions breach report to the competent sanctions authority and preserve the supporting case record.
D. Close the matter with case notes and include the issue in the next management information report.

Best answer: C

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Breach reporting addresses the firm’s confirmed violation or apparent violation of sanctions requirements, such as processing a prohibited payment without a license or exemption. Suspicious activity reporting is different: it is used when facts indicate possible illicit conduct, evasion, money laundering, or other reportable suspicion, and it may be required in addition to breach reporting when the facts support it. Here, the facts establish a confirmed sanctions breach by the firm and expressly state that the competent sanctions authority must be notified promptly. Case notes and management reporting are important internal controls, but they do not replace required external breach reporting. Customer communication should also be controlled because it can affect confidentiality, investigation integrity, and regulatory handling.

A suspicious activity report alone is not the right fit because no customer evasion is identified and it does not replace breach reporting.
Case notes and management reporting support governance and remediation, but they are internal records rather than the required external notification.
Customer contact before reporting can create confidentiality and investigation risks and is not necessary to establish the confirmed breach.

A confirmed prohibited transaction by the firm triggers breach reporting to the sanctions authority, supported by documented facts and remediation evidence.

Question 98

Topic: Detecting and Investigating Sanctions Evasion Techniques

A bank trade finance analyst reviews a payment request for an export sale. The bank’s procedure requires escalation when trade documents suggest concealment of restricted goods, final destination, or end user.

Goods: five-axis CNC milling center; the bank’s restricted-goods matrix flags this as high risk for military manufacturing.
Commercial invoice: consignee is Blue Harbor Trading in Country A; destination is Country A.
End-user certificate: Blue Harbor states the final buyer is “to be advised after payment clears.”
Freight booking amendment: discharge port changed to Port Selim in Country R, a jurisdiction subject to sanctions restricting supply of high-risk machine tools without a license.
Forwarder email: “Keep the bank set as Country A delivery and remove Port Selim and the final buyer name; customs copy will show the actual route.”
No license or exemption is provided.

What sanctions compliance assessment does the exhibit best support?

A. A commercial dispute over delivery terms that is not a sanctions concern unless payment fails
B. A routine logistics change that can proceed because the screened parties have no list matches
C. Possible trade-related sanctions evasion involving concealed final destination or end user
D. An ordinary documentation gap that can be cleared by obtaining the missing buyer name later

Best answer: C

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Trade-related sanctions evasion is supported when document inconsistencies appear designed to hide the true destination, end user, or restricted nature of the goods. Here, the item is high risk, the shipping route changed to a sanctioned destination for that type of equipment, and the forwarder asked that the actual route and final buyer be removed from the bank-facing documents. Those facts go beyond a normal missing certificate field, carrier rerouting, or contract disagreement. A negative party-screening result does not resolve trade sanctions risk when the transaction documents suggest a concealed sanctioned destination or end use. The appropriate assessment is potential trade-related evasion requiring hold, escalation, and further review under the sanctions compliance program.

Missing final-buyer information alone could be a documentation gap, but the request to hide the actual route and buyer makes the issue more serious.
A logistics change may be routine when transparently documented, but this change routes restricted goods to a sanctioned destination and is paired with concealment.
A commercial dispute would involve contract, delivery, price, or payment disagreement; the decisive facts instead concern destination, end user, and sanctions restrictions.

The restricted goods, sanctioned destination, inconsistent documents, and request to remove the actual route from bank documents support escalation for possible evasion.

Question 99

Topic: Detecting and Investigating Sanctions Evasion Techniques

A bank froze a corporate customer’s securities account after updated sanctions screening matched a 60% indirect owner to a newly designated person under a sanctions regime applicable to the bank. The case file contains this frozen-asset record:

Freeze action: Trading, withdrawals, transfers, dividends, and custody fees placed on manual legal approval.
Customer request: Permit sale of securities and transfer proceeds to a non-sanctioned affiliate to avoid market losses.
Supporting note: Customer states it is restructuring and the designated owner will be removed next month.
License status: No license, exemption, or written authorization is on file.
Operations note: Dividends may be received into a blocked subaccount; no outgoing movement without approval.
Review diary: Ownership update, license status, corporate actions, and sanctions-list changes to be checked weekly.

What does this record best support?

A. The bank may sell the securities and transfer proceeds because the receiving affiliate is not identified as sanctioned.
B. The bank should maintain the freeze, document the legal basis and controls, obtain legal review before any movement, and monitor ownership, licensing, and corporate actions.
C. The bank should stop monitoring the account after the initial freeze because all outgoing activity is already blocked.
D. The bank may release the assets once the customer confirms that the designated indirect owner will be removed next month.

Best answer: B

What this tests: Detecting and Investigating Sanctions Evasion Techniques

Explanation: Frozen assets require more than a one-time block. The institution must prevent unauthorized transfers, sales, withdrawals, use of income, or other dealings unless a license, exemption, or written authorization permits the activity. Legal review is needed because permitted activity is usually conditional and regime-specific. Documentation supports the basis for the freeze, operational restrictions, approvals, reports, and decisions made during the life of the case. Ongoing monitoring is also necessary because ownership can change, licenses can be issued or expire, corporate actions may create new asset movements, and sanctions lists can be updated. A customer statement about a future restructuring does not by itself authorize release or movement of frozen property.

A promised ownership change is not an authorization to unfreeze assets or permit movement.
A non-sanctioned recipient does not make a transfer permissible when the source asset remains frozen.
Receiving income into a blocked subaccount is different from allowing outgoing payments or sales proceeds.
Initial blocking does not end the control obligation; frozen assets need diary reviews, records, approvals, and status monitoring.

The record shows a frozen asset with no authorization for outgoing movement, requiring controlled handling, documentation, legal review, and ongoing monitoring.

Question 100

Topic: Building a Sanctions Compliance Program

A financial institution is updating its sanctions risk assessment for a new regional banking relationship. What conclusion is best supported by the exhibit?

Proposed relationship: maintain a USD correspondent account for a foreign respondent bank and clear its cross-border payments.
Related services: confirm letters of credit for the respondent’s trade customers, collect marine insurance premiums tied to shipments, hold securities for the respondent’s brokerage affiliate, and join a loan facility for one of the respondent’s energy clients.
Control note: the business line proposes screening only the respondent bank at onboarding because the other parties are not direct customers of the institution.
Risk note: prior alerts in the region involved intermediary banks, vessel insurers, sanctioned issuers, and borrowers linked to restricted projects.
A. The relationship creates sanctions exposure across correspondent payments, trade finance, insurance, securities, and lending, so controls should cover relevant underlying parties and activity as well as the respondent bank.
B. The relationship creates no sanctions exposure unless the institution has a direct customer relationship with each underlying importer, issuer, insurer, or borrower.
C. The relationship creates sanctions exposure only to the respondent bank, so onboarding screening is sufficient if the respondent is not listed.
D. The relationship creates sanctions exposure only in trade finance, so payment, securities, insurance, and lending activity can be excluded from sanctions controls.

Best answer: A

What this tests: Building a Sanctions Compliance Program

Explanation: Sanctions risk in financial services is not limited to the name of the direct customer. A correspondent account can expose the institution to the respondent’s payment flows, intermediary banks, originators, beneficiaries, and jurisdictions. Trade finance can add exposure through goods, vessels, ports, insurers, applicants, beneficiaries, and documentary parties. Securities services may involve sanctioned issuers or restricted instruments, and lending may involve sanctioned borrowers, collateral, projects, or use of proceeds. A risk assessment should therefore consider the institution’s role in each service and identify what data, screening, escalation, and documentation are needed. Screening only the respondent bank at onboarding would miss the activity-based exposure described in the exhibit.

Limiting review to the respondent bank ignores sanctions exposure created by payments moving through the correspondent account.
Treating trade finance as the only relevant service misses securities, insurance, and lending risks specifically identified in the exhibit.
Requiring a direct customer relationship with every underlying party is too narrow; sanctions controls often apply to activity and counterparties connected to a service.

Sanctions exposure can arise through the institution’s product and service roles even when the underlying parties are not direct customers.

Exam snapshot

Item	Detail
Issuer	ACAMS
Exam route	CGSS
Official exam name	ACAMS Certified Global Sanctions Specialist (CGSS)
Full-length set on this page	100 questions
Exam time	175 minutes
Topic areas represented	3

Full-length exam mix

Topic	Approximate official weight	Questions used
Sanctions Frameworks and Governance	20%	20
Building a Sanctions Compliance Program	50%	50
Detecting and Investigating Sanctions Evasion Techniques	30%	30

Continue in the web app

Use Finance Prep for interactive CGSS practice with mixed sets, timed mock exams, topic drills, explanations, and progress tracking.

Focused topic pages

Practice next step

Use the full Finance Prep practice page above for the latest review links and practice page.

Quick Review