It’s safe to say no organization wants the negative publicity that comes with an OFAC enforcement press release; however, two foreign based companies were recently propelled into the limelight following the regulatory agency’s rulings against them for sanctions violations.
These cases demonstrate how OFAC compliance regulations extend beyond the U.S. border, particularly when foreign organizations conduct transactions involving financial systems in the United States.
Both an Australian freight forwarding company and a Hong Kong-based offshore trading business had to pay OFAC sanctions totaling $6 million and $5 million, respectively, for poor sanctions screening and compliance violations.
Let’s explore what went wrong, why OFAC fined them, and what we can learn and adopt to protect our organizations from similar events.
Australian Freight Company Penalized for Compliance Infractions
Between 2013 and 2019, an Australian freight company handling cross-border shipments accidentally worked with entities on the OFAC Specially Designated Nationals (SDN) and Blocked Persons list, including Iran and Syria, triggering OFAC Compliance infringements.
Because the transactions involved the U.S. financial system, OFAC issued 2,958 violations, highlighting that even companies outside the United States must follow sanctions screening best practices if their commercial activities involve U.S. entities.
What Happened?
In the years preceding the OFAC sanctions, the company had acquired various local freight forwarding businesses and expanded its operations overseas quickly without strengthening critical compliance processes like denied party screening. The resulting deluge of invoices and payment applications generated from its various global branches became challenging to manage manually, considering how arduous and resource consuming it was to perform OFAC sanctions search without automation. The lack of strategic focus on reinforcing their compliance functions to match their expanding operations meant that the business neglected implementing appropriate sanctions screening controls and policies with disastrous results.
In one incident from 2015, a U.S. bank the company worked with noticed transactions involving Syria. Aware that this business relationship was prohibitive given that the country was on an OFAC sanctions list, the bank notified the Australian firm and even threatened to cut business ties if it did not improve its compliance with U.S. sanctions. But the Australian company did not take sufficient action with the immediacy required.
It was not until 2017 that the business finally halted shipments to sanctioned countries and hired a third-party accounting firm to assist in evaluating the legality of its transactions. However, most OFAC compliance violations had already occurred by this time.
How Did the Organization Respond to Its Sanctions Screening Lapses?
For its “reckless disregard for U.S. economic sanctions laws,” as cited by OFAC, the Australian company was issued a significant fine of $6 million. The business responded promptly by cooperating with OFAC and disclosing the details of its violation. It also implemented more robust remedial actions:
- Risk-mapping practices
- A formal compliance audit
- New controls to implement
- Sanctions compliance training for employees
- New sanctions screening protocols, particularly for the OFAC SDN list
- Holding its partnered companies to the same compliance standards
What’s the Takeaway?
As companies expand internationally, their transactions and activities naturally become more complicated as new acquisitions occur. However, they must continue to watch for trade and export compliance risks, nonetheless. And any companies you work with—whether affiliates, subsidiaries, or any other third parties—are invested in your success as well, since compliance violations can impact your partnerships.
In the case of the Australian freight organization, its denied party screening policies failed to implement sufficient controls in time, opting for staff reminders in lieu of concrete changes. Despite being a foreign organization, it was still under OFAC jurisdiction and obligated to follow U.S. sanctions laws since it operated within U.S. financial systems.
Employees Acting Contrary to Internal Policy Cost a Hong Kong Business $5 million in Fines
When a Hong Kong offshore trading and financing company made payments through U.S. financial institutions for goods originating in Iran, it faced a $5 million civil liability penalty for violating the OFAC Iranian Transactions and Sanctions Regulations (ITSR).
What Happened?
In direct infringement of their U.S. sanctions obligations, employees within the organization intentionally concealed information that would have prevented the forbidden transactions from passing through the company’s sanctions screening system. Over a two-year period, the noncompliant employees disregarded business policy and attempted to hide their actions from compliance staff by omitting references to Iran in the documentation, prioritizing short-term profit over long-term risk management.
How Did the Organization Respond to Its Sanctions Screening Lapses?
The Hong Kong business voluntarily self-disclosed the apparent violations to OFAC, it also investigated the root cause of the OFAC compliance breaches and terminated the employees involved. It then effected more robust compliance screening measures, including hiring, and empowering its compliance personnel, and improving their sanctions screening processes by mandating compliance screening for all business counterparts.
What’s the Takeaway?
Internal controls and audits need to be properly designed with a risk-based approach built into business procedures. Even with compliance programs and sanctions screening policies, organizations are still susceptible to compliance risks. Rogue employees, for instance, are a testament to how vital strong internal controls are for preventing violations of U.S. sanctions. Stronger methods of auditing financial activities would have likely saved this Hong Kong firm $5 million.
What We Can Learn from These Rulings
The United States has multiple regulations regarding international trade, export compliance, and denied party screening from various agencies. While these laws apply mostly to domestic companies, foreign organizations are still under the jurisdiction of U.S. sanctions if their commercial activities involve U.S. persons or entity. OFAC affirms this notion in its compliance framework, recommending “a risk-based approach to sanctions compliance.”
We can also learn that compliance operates in a dynamic environment. Every organization has its own risk profile, and sanctions lists change frequently. The OFAC SDN list adds new individuals and businesses regularly.
Achieving compliance in the face of increasingly complex operations and trade regulation calls for a replacement of manual screening practices and inefficient compliance systems. Innovative software solutions today can accelerate sanctions screening tasks through automation and consistent training of compliance personnel can minimize the impact of human error on permitting prohibitive transactions.
How Descartes Visual Compliance Can Help with Sanctions Screening
Descartes Visual Compliance is a leading provider of sanctions screening solutions including automated and dynamic denied party screening, export compliance, and other third-party risk management solutions.
The suite of solutions is designed to fit seamlessly into existing business processes. You can pick and choose the components that meet your immediate needs and enjoy the benefits of quickly adding sanctions screening functionalities into your day-to-day operations. With geopolitical change creating more complicated global sanctions, there’s never been a better time to use Descartes Visual Compliance.