It is a regulatory requirement for financial institutions to stay compliant with US Office of Foreign Assets Control (OFAC) when processing all SWIFT messages, including payments, to combat terrorist financing and money laundering. Sanction lists are also provided by many different bodies. Each change – list, rule or configuration – has to be tested prior to implementation to ensure there is no degradation of the filtering engine that could put the bank at risk of breaching the sanction. The issue for our client, the Royal Bank of Scotland, was the amount of time and resources taken to check all SWIFT messages.
- More than 1,000 business scenarios automated
- 200% reduction in length of UAT test cycles
- 2 days for continuous delivery into production
Delivering for the Client
The team used RBS’ existing test automation tool to deliver an automated test solution. This allows a high volume of SWIFT messages to be generated and run through the filter.
The completed solution incorporated:
- Full suite of SWIFT test messages to ensure full coverage of the sanctions lists as stipulated by the OFAC
- One-off data creation
- An automated audit-compliant test report on the filtering of messages
- Ongoing ownership and management of the solution by the payments team, enabling them to become self-sufficient
The solution gave the bank the ability to run repeatable tests through the sanction filter across multiple scenarios, thus improving both the turnaround time and the comprehensiveness of the testing.
The bank can now validate payments compliance with the OFAC on a daily basis within minutes, removing the risk of reputational loss and heavy fines.
This project was achieved through the collaboration of Sandhata’s Green Hat and middleware experts and the bank’s payment technology team. Sandhata’s team was able to use its extensive knowledge and experience of service virtualization and test automation to provide the right advice and hands-on technical expertise to our client.