It’s Not Rocket Science: Taking the Steps Necessary to Avoid Costly Sanctions Violations

The $963 million settlement OFAC recently reached with French banking giant BNP Paribas SA (BNP) was both the largest OFAC settlement to date and represents only a small fraction of the nearly $9 billion in total fines imposed on the bank by state and federal agencies. With figures this high and the additional imposition of a one-year ban that will prevent certain BNP units from clearing transaction in U.S. dollars, it’s obvious why this is big news in the world of international trade and finance. But for SME exporters (and internationally-oriented businesses of all sizes for that matter), the story should simply serve as a front page reminder that taking the necessary steps to ensure your company’s actions do not violate OFAC’s sanctions should be a no-brainer. Implementing a sanctions compliance program is relatively straightforward while the peace of mind you’ll enjoy knowing your company is protected against potentially crippling government fines is priceless.

The heavy-handed punishment imposed on BNP was the result of the government’s determination that the bank engaged in the “systematic practice of concealing, removing, omitting, or obscuring references to information about U.S.-sanctioned parties” in nearly 4,000 international transactions over the course of seven years and violated U.S. sanctions against Sudan, Iran, and Cuba in the process. The bank’s blatant disregard for U.S. sanctions and active efforts to conceal their illegal behavior no doubt played a large role in raising the amount of fines imposed, which leads us to the first point about sanctions: it’s fairly obvious that wilful sanctions violations (when you are aware what you are doing is illegal, but you do it anyway) are big no-nos, but also keep in mind that ignorance is no excuse. The language “known or should have known” is often used in such regulations to allow for the imposition of substantial punishments on violators that were not aware what they were doing was wrong because they never bothered to check. Here is a list of the key elements every sanctions compliance program should include.  Remember, the list is not in any type of hierarchical order of importance – to be effective your program must include each of these steps:

  • Develop a company sanctions compliance policy and certification and distribute it to all company employees and ask each business partner (including foreign representatives and customers) to review and sign it before going forward with a transaction;
  • Distribute a questionnaire to each business partner and in relation to each transaction designed to determine whether the individual or entity, destination country, and ultimate end-use and end-user falls within the scope of U.S. sanctions;
  • Consult applicable sanctions at the time each specific transaction is being cleared in order to determine if sanctions could potentially apply (because they function as a diplomatic tool, sanctions are constantly in flux as the U.S.’s relationships with other countries develop and change, so it is important to consult current potentially applicable sanctions at the time of the transaction, a general periodical check will not suffice);
  • Run each individual and entity involved in a given transaction against OFAC’s Specially Designated Nationals (SDN) List to make sure they are not prohibited parties;
  • Keep an eye out for red flags including receipt of payments from unrelated third parties, customers that appear curiously uninterested in learning about the product, or requests for shipments of products that are incompatible with the country of destination;
  • Maintain records of the due diligence that you’ve performed as proof of your compliance efforts in the event that an inadvertent violation occurs.