On Tuesday, April 12, 2022, a new beverage filling line was commissioned at Ramseier Suisse AG in Sursee. According to the company, the total cost of this line was 19 million Swiss francs. As part of the official commissioning, the new product RAMSEIER's Huus-Tee Swiss Fruits was bottled. With this new PET wide-neck filling line, the nationally renowned beverage producer is now able to respond to customer needs in an even more flexible and agile manner, according to the company. The investment is an important part of Ramseier Suisse AG's commitment to sustainability. "The reduced pre- and post-run during filling further reduces product losses per batch and thus food waste," explains Managing Director Christoph Richli. The plant to be replaced had been in operation for 19 years.

The bottling hall at the Sursee site was extended in advance to make room for the new line. The new line will be used to bottle still, non-carbonated beverages. The development of this product segment has been very positive in recent years, as evidenced by the popularity of RAMSEIER's Huus tea. For this reason, the company has decided to invest in a line on which only beverages in PET wide-neck bottles are filled. The line has a filling capacity of 12,000 PET bottles per hour. In addition to the new beverage filling line, the Sursee site also operates a PET filling line for narrow-neck bottles, a glass filling line, two lines for soft packs, and a bag-in-box filling line.

www.ramseier.ch

The ESPRIX Swiss Award for Excellence has been held since 1999. It offers outstanding organizations the opportunity to measure themselves against others and learn from each other. This year, the time has come again: In March, the ESPRIX assessors visited the applicants to identify strengths and potential for improvement and to assess the maturity of the organization. Based on their findings, the ESPRIX jury has now decided on the award. Who is a finalist for the ESPRIX Swiss Award for Excellence, or even who will win, remains a well-kept secret. It will be revealed at the ESPRIX Forum 2022 on June 17, 2022 at the Bürgenstock Resort.

ESPRIX Forum 2022: Keynote by Stefan Brunnhuber

But not only that: Keynote speaker Prof. Dr. Dr. Stefan Brunnhuber will speak on the topic of "The Art of Transformation." His message: We will only be able to live together sustainably if we begin to acknowledge the psychological realities that constantly drive and surround us all. Stefan Brunnhuber is a medical doctor, economic sociologist, psychiatrist and economist. A student of Dahrendorf and a member of the Austrian Chapter of the Club of Rome, Brunnhuber's interests are diverse and include considerations of resource wars and peacekeeping, post-growth and environmental sustainability.

The ESPRIX Forum 2022 will start at 5 pm on June 17, 2022 in the foyer of the Bürgenstock Resort Lake Lucerne for an aperitif. The official program starts at 6 p.m. in the ballroom. Phil Dankner will lead through the program, other guests are the tambour troupe "Stickstoff" from Basel and the singer ELLE. From 10 p.m. there will be an after-show party with the jazz formation Defrank. The cost of the evening is CHF 425, and members of ESPRIX Excellence Suisse will receive a price reduction of CHF 50 per person. Included are the lecture, food and drinks, the entertainment program and the after-show party.

Registration and further information

Workshop: How can companies convincingly implement the circular economy?

In the run-up to the ESPRIX Forum 2022, the ESPRIX Excellence Suisse Foundation, öbu, the association for sustainable business, and Circular Economy Switzerland invite you to an expert workshop. What potentials do the business models "use instead of own" and "use used instead of buying new" offer? What factual and psychological challenges are associated with the implementation of these business models? And how can they be overcome? After exciting keynote speeches by Mobility and revendo AG, we will discuss these and other questions in groups. The event will be rounded off with closing remarks by Prof. Dr. Stefan Brunnhuber and networking.

Registration and further information is available here.

In 2020/21, a team of over 50 dedicated students from ETH Zurich, in the association Academic Space Initiative Switzerland (ARIS), realized the 4th research rocket generation to participate in the European Rocketery Challenge (EuRoC) in Portugal. The students had set themselves the goal of winning in the highest category "Rocket with self-developed propulsion and flight altitude 10,000 meters". The functionality of the self-developed hybrid propulsion system was proven by the successful EuRoC launch. The new monitoring system for measuring the load on the research rocket's aerostructure was also decisive for this. 

Reliable measurement results for real occurring loads

The structure of such a rocket is subjected to considerable loads in flight, which can only be partially determined in simulations. For example, influencing factors such as the wind or the shock load when the parachute opens cannot be determined exactly in analyses. However, reliable data for all load-relevant factors are required to realize an aerostructure of the rocket that provides the maximum strength with minimum weight necessary to achieve the goals of the mission. In order to verify and, if necessary, correct the determined loads in flight, a monitoring system for real bending moments and axial forces is required. 

With 4 kilograms at 10,000 m altitude

After the ARIS teams had determined the forces acting on the rocket in flight purely analytically in the past by means of simplified assumptions in simulations, their own monitoring system was used for the first time in the PICCARD mission. Here, the ETH Zurich students relied on strain gauges from Hottinger Brüel & Kjær (HBK), which provide reliable measurement results even under extreme conditions. Accordingly, a complete system was integrated into the rocket. The strain gauges from HBK installed in the system provide essential knowledge about occurring bending moments and axial forces during every phase of the flight. The bending moments and axial forces recorded during the test flight as part of the structural stress analysis subsequently enabled a corresponding weight-optimized design of all load-bearing structural components. The prerequisites for a successful participation in the Spaceport America Cup 2022 in New Mexico could thus be created. Here, the team wants to transport a payload of four kilograms to an altitude of 10,000 meters and bring the research rocket with all its parts safely back to earth.

Ease of integration as a criterion

The fact that strain gages from HBK were chosen for the right measurement technology was on the one hand the result of past positive experience coupled with the international reputation of the company. Another plus point was the ease of integration of the HBK strain gages, which delivered on the promise of "plug and measure" made by the measurement technology experts. 

Source and further information: www.hbkworld.com

More and more companies are turning to safety and assistance systems to protect employees and goods during production. One area where there is a particularly high potential for danger is plant logistics. In order to avoid accidents and collisions with stored goods or rack walls here, the market offers numerous different solutions, whereby the quality of detection can vary greatly, for example in terms of differentiating between people and objects. More precise systems for rear area monitoring are particularly desirable.

Smart driver assistance systems prevent unnecessary braking

In practice, situations often arise that should make it possible to reduce speed automatically, but at the same time the system must work variably enough to be able to adapt to the potential danger of the situation in question. "In these cases, either all-round protection systems for the forklift or reversing protection systems are then suitable," reports Edgar Nassal, long-standing managing director of tbm hightech control GmbH from Aschheim near Munich. "However, 360° all-round protection for the forklift and the associated transponder systems result in the problem that the forklifts were often slowed down unnecessarily." This is where this company's driver assistance systems provide a remedy. In the RAM-107, the rear area is divided into three adaptive protection zones, with their length automatically adjusting to the truck speed. According to the manufacturer, this is intended to ensure trouble-free travel in narrow areas and when maneuvering, when the vehicle is driven slowly, and thus only short monitoring zones are active. Alarms are thus only triggered when a warning is actually required. This brings a high level of acceptance among drivers, the manufacturer promises.

Back room monitoring all around: 3D sensor technology uses time-of-flight measurement

In practice, this looks like this: From the driver's overhead guard, the RAM-107 monitors the rear of the vehicle with an optimum mounting position, almost without blind spots, directly to the rear of the vehicle. For this purpose, the integrated 3D sensor uses the time-of-flight method by means of patented PMD technology. The area to be monitored is illuminated with a modulated, invisible infrared light and the reflected light in turn hits the PMD sensor. Based on the phase shift between the transmitted and received signal, each pixel of the sensor chip now determines the distances between the stacker and the objects. Signal processing is supported by compact electronics with an intelligent evaluation algorithm, ensuring very high precision. "Unlike comparable systems, we can distinguish very accurately between standing people, people in a stooped position, low-lying trailers or shelf walls, and waist-high cartons," Nassal explains. "The system also reliably detects chasms such as ramps." The smart evaluation unit processes 1,024 pixels (data) per second and detects a test object of 30x30x30 cm at a distance of 3 m and reacts with an alarm signal. In other words, the foot of a person is enough to slow down the vehicle. With a stopping distance of e.g. 2.0 - 2.5 m, this is the necessary safety for pedestrians. 

Visual and audible warning signals

From the cockpit, the driver is shown the three adjustable monitoring zones via a five-inch multifunction color monitor. In addition, the distance to the detected object is displayed both visually (green/yellow/red color change) and acoustically (increasingly faster sound signals). The live image and the real-time warning give the driver a full view of the danger zone at all times, which provides additional safety during storage and retrieval, i.e. daily work. 

Further information on the Internet at: www.tbm.biz

An attack on the IT supply chain aims to manipulate the production process of a third-party software from development to updating, so that malicious code is pushed out instead of an update. This IT supply chain is vulnerable and cyber criminals are increasingly attacking it. This is because such a supply chain attack is efficient for them: when they attack software packages and platforms of software and information systems providers, they reach multiple victims in one fell swoop. It makes little sense for the hacker to attack one company at a time with a complex attack when there may be tens of thousands of companies and organizations using a widely deployed application or service that is efficiently within their reach. The December 2020 attack on Solarwinds' supply chain affected close to 18,000 of Solarwinds' 300,000 customers worldwide. In addition to a mass attack, however, highly targeted attacks via the supply chain are just as possible.

Supply chain attack locations

A compromised supply chain is difficult for affected customers to detect. Therefore, cyber criminals have enough time to cause damage - such as data exfiltration, attacks on systems or disrupting processes. These attacks are different from previous attacks targeting individual customers and pose a challenge even for experts. It is not for nothing that the European Union Agency for Cybersecurity estimates, ENISAThe risk is high even for companies whose IT defenses are actually quite well established.

An attack can be launched at multiple stages of the supply chain for developing, deploying or updating software. Compromising supplier IT does not constitute a supply chain attack. It involves modifying code sources and writing scripts. Depending on which link in the supply chain the hacker starts at, the skills required of him or the possibilities for the defense to recognize a manipulation are all the more different. The following phases in the supply chain can be distinguished as starting points for an attack:

• Phase One - Programming: These attacks are relatively easy to detect. They start via targeted mails, exploits and malicious websites to gain access to the programming code. It is relatively easy for a hacker to change the code at that point. But what they have changed is visible in the logs.
• Phase Two - Versioning: Attackers can drive an attack via a remote desktop protocol (RDP) with little effort. Weak passwords and exploits of an application help them to do so. They can also have modified versions rolled out in a reduced or delayed scope, because they have direct access to source code and logs and leave few traces. But the modified code proves the manipulation.
• Phase Three - Implementation (Build): This is where it gets more challenging for the hackers, but unfortunately also for the defenses. The means are the old ones and attackers use RDP attacks, weak passwords and exploits in the application. But they need a good understanding of scripts. This is because the necessary modifications to individual builds take a lot of time and are complex. The modified code can be hidden. The defense would also have to check the successive script versions individually to detect manipulations.
• Phase Four - Signing the components: If the attacker gets involved now, he does not have to manipulate code. He simply replaces the actual code with malicious code. But a validation in the supply chain concept will reject this fake update. Hackers must therefore meet some minimum criteria for legal updates in their fake programs.
• Phase Five - Delivery: Here, too, an attacker only has to exchange the components. But the malicious components then have no signature and can be recognized by it.

How can SMEs protect themselves?

Although the attacks take place in the update supplier's supply chain, the attacks also affect smaller and medium-sized companies. To arm themselves against the damage of a supposedly legal update, they should follow these measures:

1. A Implement comprehensive cybersecuritywhich includes Endpoint Detection and Response (EDR), but which, thanks to Threat Intelligence, also sees and reports suspicious data connections. After all, a common symptom of a successful supply chain attack is communication with a malicious command-and-control server. Companies with limited IT resources in particular should also consider a managed detection and response (MDR) service, and with it the expertise and time of IT security analysts. Only by combining EDR and MDR can managers see anomalies as they occur.
2. Equally important is Educating employees about phishing, to prevent the hijacking of an identity in the supply chain process.
3. It is central to Know and continuously review a company's supply chain processes. Does an IT manager even know which software or service updates it obtains from whom and when? What hardware does it acquire and how is it protected from receiving malware through this? Every security manager should ask the following questions of his IT supplier:
   - Is the vendor's software/hardware development process documented, traceable, and verifiable?
   - Is fixing known vulnerabilities factored into product design and architecture, runtime protection, and code review?
   - How does the vendor keep a customer informed of emerging vulnerabilities?
   - What options does the vendor have to address "zero-day" vulnerabilities - those vulnerabilities that are designed into software from the beginning and are discovered later?
   - How does the supplier manage and monitor the production processes of a software and update?
   - What does the vendor do to protect its updates from tampering and malware?
   - What type of employee background check is conducted at the provider and how frequently?
   - How secure is the update rollout?

Anyone who receives a software update must be sure that they are not receiving malicious malware: At the end of the day, he has to suffer the consequences of a successful supply chain attack himself. Caution and a well-considered selection of suppliers, combined with comprehensive IT security, are the best helpers against a type of attack whose risk potential is far from exhausted.

Author:
Jörg von der Heydt is Regional Director DACH at Bitdefender.

For more than 85 years, Ricoh has fostered innovation and established itself as a leading provider of document management solutions, IT services, communication services, commercial and industrial printing services, digital cameras and industrial systems. Recently, the company again received a Gold rating from EcoVadis for its sustainability activities. This puts Ricoh in the top five percent of companies rated in the industry for sustainability performance. Founded in 2007, EcoVadis is a globally recognized provider of corporate sustainability ratings. It focuses on corporate environmental, social and governance (ESG) practices and helps companies improve their environmental and social activities across their global supply chains. More than 90,0000 companies from over 160 countries and 200 different industries are rated by EcoVadis on their corporate policies, initiatives and performance in four areas: environment, labor and human rights, ethics, and green procurement.

Ricoh received the Gold rating for the first time in 2014 and has confirmed it continuously since then. In particular, Ricoh's commitment in the categories "Environment" and "Green Procurement" is clearly honored in the current EcoVadis rating. This confirms Ricoh's proactive approach to environmental management and sustainable procurement in collaboration with suppliers, according to the statement. In 2019, Ricoh became the first Japanese company to participate in the Business for Inclusive Growth (B4IG) initiative, which works to address inequality in the workplace and supply chains. Ricoh is also a member of the Responsible Business Alliance (RBA), which promotes social responsibility in global supply chains.

To create an effective and global framework for its ESG activities, Ricoh has identified seven focus areas. These are aligned with 12 of the 17 Sustainable Development Goals (SDGs) introduced by the UN, which can be used to address specific issues. In doing so, the Ricoh Group aims to contribute to the development of a sustainable society that actively addresses economic, social and global environmental policies. Ricoh will contribute to the achievement of the SDGs by solving social problems throughout the value chain through its business operations, thus helping to realize a more sustainable society.

Source and further information: Ricoh

The Swiss Cyber Security Days 2022 (SCSD 2022), the most important meeting on cyber security in Switzerland, brought together key decision-makers and experts in the field of cyber security at national and international level and around 2,000 visitors on Wednesday, April 6 and Thursday, April 7. The first day focused on key global security issues for Switzerland. At the opening ceremony, National Councilor and SCSD President Doris Fiala and Daniel Berger, president of Cyber Resilience Ltd, which is organizing the event, pointed out that the increase in infrastructures and data transfer volumes is leading to ever greater vulnerabilities. Moreover, these processes have been accelerated by the pandemic. Companies and administrations are confronted with and threatened by cybercrime on a daily basis, he said. Olivier Curty, President of the State Council of the Canton of Fribourg, also welcomed the participants on the first day in a welcoming message and underlined the importance of cyber security for the cantons.

Global security issues on the first day of the Swiss Cyber Security Days 2022

Among the highlights of the first day of the congress was the presentation by Chris Inglis, National Cyber Director and Advisor to the President of the United States Joe Biden. He stressed the importance of good cooperation. Cyberspace knows no national borders, Inglis warned, praising the potential of Swiss innovations. Florian Schütz, the Swiss government's delegate for cybersecurity, looked back at developments in recent years. He said the Swiss government has made a lot of progress and is currently working on the second version of the national cyber risk protection strategy. Div. Alan Vuitel, head of the Armed Forces Cyber Command project, looked at cybersecurity from a military perspective. He spoke about the main challenges we currently face from a national security perspective.

SMEs in focus on the second day

On the second day, the event focused on cybersecurity in SMEs. Gerhard Andrey, entrepreneur and member of the National Council, spoke about how the aviation industry has been dealing with technical defects in complex systems for decades. This is achieved by means of precise, complete information transmission and transparency. He calls for this to become the standard in dealing with cybersecurity as well. In a panel organized by the insurance company Mobiliar, Susanne Maurer, Editor Corporate Communication, Andreas Hölzli, Head of Competence Center Cyber Risk, and Thomas Kühne, CIO, discussed a recent GFS study showing that one in three companies has already been the victim of a cyber attack. The greatest risk is and remains the employees themselves, whose awareness makes an important contribution to prevention.

Nicolas Mayencourt, CEO and founder of Dreamlab Technologies, and Prof. Dr. Marc K. Peter, Head of Centre for Digital Transformation at FHNW, presented the annual edition of the State of Swiss Cyberspace. The study conducted a full scan of Switzerland's public attack surface and presented vulnerabilities by sector for the first time. The study found that the three sectors of education, healthcare and government have the most vulnerabilities.

Presentation of the SCION project of ETH

ETH's SCION project was presented to the public for the first time at the SCSD. The secure Internet architecture SCION offers increased security, availability and performance. The SCI-ED project enables secure and highly available communication between institutions of the ETH Domain and partners. The project was presented by Adrian Perrig, ETH / SCION, Martin Bosshardt, Anapaya, Florian Schütz, NCSC, August Benz, SBA, Urs Fischer, HIN, Stefan Berg, Swisscom, and Robert Wigger, Sunrise Impulse.

Swiss Cyber Security Days 2022: 130 conferences, panels, expert discussions

After last year's edition was held entirely online due to the pandemic, they were even more pleased that Cyber Security Days could be held on-site again this year. Béat Kunz, CEO of SCSD, says: "Although we were very satisfied with the virtual edition, it doesn't replace the personal contacts that are made, especially in the exhibition area." More than 100 exhibitors had gathered at Forum Fribourg. During the two days, more than 130 conferences, panels, expert discussions, best practices and round tables took place. In addition to the key-notes, the Expert Tracks offered many interesting technical presentations and innovations on both days and the two Best Practices Tracks were also a great success. This year, for the first time, admission to the exhibition and the Best Practice Tracks (comprising 20 presentations per day) was free of charge. The Swiss Cyber Security Days 2023 will take place on March 29 and 30.

www.swisscybersecuritydays.ch

Together with the Fraunhofer Institute for Production Technology IPT in Aachen, the Machine Tool Laboratory WZL of RWTH Aachen University has launched a new industry working group for "Predictive Quality". The aim is to significantly reduce joint testing efforts on a pre-competitive basis and to realize higher productivity by eliminating physical testing processes, as well as to continue to achieve higher quality through a reduction in scrap, end-to-end quality monitoring and knowledge generation from the models, and increased sustainability through more resource-efficient production.

Predictive quality reduces testing efforts

Modern quality management has more and more data at its disposal faster and faster. At the same time, advanced algorithms enable ever more detailed images and models of production. These data and models form the basis for the field of predictive quality. Predictive quality describes the data-based prediction of quality characteristics. Using a learned relationship between process parameters and quality characteristics, time-consuming physical inspection processes, which are often only carried out in random samples, can be replaced by low-effort model-based 100% inspection. Predictive quality has already been successfully implemented in industry-related research projects in which testing efforts were significantly reduced and productivity increased.
has been increased. At the same time, more and more data-based quality management tools are being developed and deployed by manufacturing companies in digitization and Industrie 4.0 projects, software companies are providing advanced infrastructures for data acquisition and storage, and start-ups are forming business models via the provision of corresponding algorithms for data evaluation.

Faster dissemination of research results

The two Aachen institutes support companies from the manufacturing sector (e.g. automotive, metal processing, chemicals, pharmaceuticals, medical technology) as well as software companies specializing in the extraction, storage and processing of data (e.g. CAQ, MES, sensor manufacturers, cloud providers) in the working group with their many years of experience. The industry working group is financed by an annual membership fee and serves new members to
rapid dissemination and utilization of research results and networking and is based on three pillars. Two community meetings a year are intended to facilitate exchange between the members of the working group. In addition, current findings and results from industry and research are to be presented at the meetings. On a topic-specific basis, one study per year is conducted within the working group to gain insights into the current state of the art in the companies, challenges and new approaches. The topics are chosen by a majority vote of the working group members. In one demonstrator project per year, new ideas and approaches are specifically tested by the Machine Tool Laboratory WZL and Fraunhofer IPT. For example, different algorithms for quality prediction or preprocessing can be implemented and compared. The demonstrators can either come from the halls of the Machine Tool Laboratory WZL and Fraunhofer IPT or be provided by a company. Joint project results are available to the partners without restriction.

Source and further information: www.wzl.rwth-aachen.de

With the creation of an IT security consulting team at management level, Swiss Infosec AG is reorganizing its IT security division. With the establishment of the new competence center for IT security, the company is responding to current security needs, e.g. in connection with ransomware attacks, penetration tests or working in a home office, and continues to position itself as an established partner for comprehensive services in the broad field of integral security.

In this context, Niklaus Manser has taken over the function of Head of IT Security Consulting as of April 1, 2022. Manser previously headed the IT Security specialist team, an area that has long been one of the company's core competencies alongside information security and data protection. In addition to his new role, he will also become a member of the management team. He acquired his technical skills in various IT jobs and with a degree from the Lucerne University of Applied Sciences and Arts. At Swiss Infosec AG, as a certified ISO 27001 Lead Auditor, he has been supporting customers since 2017 as part of consulting projects, training or mandates as an external IT Security Officer. At the same time, he has helped to establish and expand the company's IT Security business unit, which he will now further strengthen in his new role.

Swiss Infosec AG, headquartered in Sursee, is one of Switzerland's leading independent consulting and training companies in the areas of information security, data protection and IT security. The company was founded in 1989 and, together with its sister company Swiss GRC AG, employs over 65 people. In the area of Integral Security, the company has supported over 2500 projects for small and large customers from all industries. 

Further information

After almost thirty years in the position as head of the Federal Pipeline Inspectorate (ERI), Ruedi Wendelspiess will retire at the end of March 2022. His extensive know-how will be available to the ERI until further notice, thanks to project-related support. His successor is Roger Bächtiger, who has already been working for the Federal Pipeline Inspectorate since 2019. In his new function, he is also a member of the SVTI Executive Board.

Roger Bächtiger holds a degree in Mechanical Engineering, an M.Sc. in Industrial Technologies and an Executive MBA in General Management as well as further education in materials technology, among others. He brings both management and industrial experience from various areas, including his previous positions at a well-known Swiss manufacturer of rail vehicles and a listed mechanical engineering company in northeastern Switzerland. At the latter, as project manager and process engineer for large-scale industrial and process plants.

The Federal Pipeline Inspectorate (ERI) supervises the design, construction and operation of pipeline facilities for the transport of liquid or gaseous fuels in Switzerland and the Principality of Liechtenstein, provided that these facilities are subject to the Pipelines Act. As an independent body - the ERI is not subordinate to the Federal Office of Energy - it is integrated in the SVTI, the Swiss Association for Technical Inspections. The purpose of the SVTI is the prevention of accidents, malfunctions and damage and the elimination of hazards in the manufacture and operation of technical installations of all kinds. 

Source and further information

Due to the war in Ukraine, sanctions are on everyone's lips and a topic in private conversations and in the press or news. The world has joined forces not to counter violence with violence, but to impose sanctions on Russia across the board. People have realized that this is a way to exert enormous pressure. The central weapon in 2022 is thus the control of financial flows. Anti-terror and boycott lists now include oligarchs, politicians such as Putin, his foreign minister Lavrov and those close to them, as well as over 100 Duma deputies. In general, supporters and co-decision-makers appear on the lists. The sanctions list check thus moves into the focus of all companies that have business relations with Russia.

Sanctions lists instead of embargoes

While other countries immediately imposed sanctions, Switzerland initially held back - probably in the belief that, as a financial center, it would not have to impose sanctions against Russia so soon. But after strong protests, it now followed the EU's line.

Sanctions lists were originally a reaction to the terrorist attacks of September 11, 2001, and UN Security Council Resolution 1373/2001 obliged all United Nations countries to implement them. This prohibits the provision of any economic resources, i.e., assets, services, goods or certificates, to terrorist organizations and individuals at home and abroad. These sanctions lists replace total embargoes on states and target companies, corporate networks and individuals. The U.S. issues sanctions lists through the Bureau of Industry and Security (BIS) and the Office of Foreign Assets Control (OFAC). In addition, there are lists from the EU, the UN and worldwide from countries such as Canada, Japan and Switzerland.

Business possible - but not without sanctions list check

Now, the sanctions have not ruled out business with Russia per se, but they have made it significantly more difficult, and in some cases no longer practicable. Companies are faced with the choice of doing without Russian business or accepting risks and resistance. Since parcel services no longer deliver to Russia, exporting goods has become much more difficult. The restrictions on payment transactions are even more serious, as many Russian banks are on the sanctions lists. For business partners abroad, payment or receipt of money has thus become impossible. Without Swift and IBAN, trading partners can no longer access their money. Retail chains are going out of business in Russia because commercial transactions are no longer possible without a payment infrastructure. 

In addition, there are embargoes on items that may not be supplied as part of export controls. This means that even Russian companies not on sanctions lists are barred from items related to gas and oil production and machinery. This also applies to restrictions on the supply of luxury goods to Russia.

All companies have a duty

All companies are affected by the sanctions list screening obligation - regardless of size, national or international business. They are obliged to carry out sanctions list screening for every business contact, regardless of the country in which the customer, supplier or trading partner is based. Swiss companies must screen their business partners and employees against their own Swiss list, but it also makes sense to consider the most important US lists.

No company today can afford to ignore the sanctions list check. Anyone who does so may be targeted by the U.S. authorities and will then have to negotiate penalties. If they fail to reach an agreement, they run the risk of being listed themselves. Companies thus damage their reputation, lose business partners and even risk insolvency. This is because the penalties are draconian: up to 10 years' imprisonment for a deliberate violation and fines of up to 500,000 euros for a negligent violation. The U.S. also threatens extraterritorial criminal prosecution - due to lack of access to the management, the entire company is then placed on a U.S. list. 

Compliance is generally checked as part of audits or by customs. However, stricter controls are not to be expected despite the current war.

Sanctions list screening needs software

Companies have always had to pay attention to the sanctions lists. Even before the war, the number of records, lists and updates was steadily increasing: in 2019, there were 30 lists and more than 110,000 records worldwide. In 2020, there were more than 600 updates. Since the start of the war, the number of updates on various lists has grown enormously once again - and with it the demand on the quality of the sanctions list check. At the latest, it is no longer possible to check randomly or manually. 

The Kempen-based company Sapper is a leader in compliance software with its domino® tool. They have reacted to the new circumstances: Previously, all available lists worldwide were maintained on a daily basis for business partner screening - based on publications by the US authorities, the EU and other countries with their own lists. Now, Sapper transmits the current status of the sanctions lists to its customers several times a day, because today it can no longer afford a greater frequency. This customer service is unique, Sapper can provide the infrastructure for this tighter cycle of list updates.

At Sapper, we also notice that existing customers who previously considered only a few lists necessary have increased their range and booked new lists. Sapper makes this possible within 24 hours. German companies with Russian subsidiaries have also woken up: The subsidiaries were often not adequately equipped - these processes are now being put to the test.

Permanent screening necessary

The sanctions list check is a challenge even without current conflicts. This is because a one-time comparison at the beginning of a collaboration is not enough. Companies must be able to prove throughout the entire business relationship that their partners are not on lists. Sapper's tool therefore automatically triggers new checks when updates are made. This also applies to applications that are fully integrated with SAP. Companies can thus be sure that they will know if business partners have ended up on a new list over the duration of the business relationship. For all business transactions that are mapped in the ERP, screening already takes place at the start of the workflow. CRM systems can also be connected to an early warning system. 

Ad-hoc checks ensure that business relationships with partners on sanctions lists are not initiated in the first place. Business transactions outside the ERP, such as management activities like consulting contracts, LOIs, rentals and leases, asset sales, and services can also be checked individually. The following applies to all: The audit must always be verifiable via reporting.

In view of the large number of checks required, it is important to keep the error rate as low as possible. This is because business processes are blocked in the event of hits. The error rate of the domino® tool is 0.1 to 0.3 per mille. This low rate in combination with speed and accuracy represent the USP. The tool checks over 84 million transactions worldwide every day. The algorithm scans each word and letter individually and can thus compensate for hearing and spelling errors such as misspellings. Even if the quality of the lists is poor, it finds hits.

Conclusion: Take sanctions list review seriously

Sanctions and the review of international sanctions lists have become more prominent in the minds of companies with the Ukraine war. They need to ensure that they do not have business relationships with listed individuals and organizations in order to avoid draconian penalties. This is only possible with modern software. Sapper's tool offers updating of the lists several times a day - so companies are on the safe side.

Author:
Marie-Helene Wessel is the managing director with power of representation of SAPPER INSTITUT GmbH in Kempten (Germany), manufacturer of the domino® software mentioned in the article. www.sapper.de