Are Some Companies Running OFAC Compliance Like AML Compliance?
Even in this day and age of $619 million dollar penalties for violations of economic sanctions regulations administered by the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC), some companies, particularly money service businesses are not properly handing OFAC compliance. In many cases, these parties are treating OFAC compliance in the same manner they would treat Anti-Money Laundering (AML) compliance. One might be surprised that even some fairly well known U.S. financial institutions which have been around for some time have failed to establish proper OFAC compliance programs, instead opting for allowing OFAC violations to occur and then reporting batches of violations at a time.
The major difference between OFAC compliance and AML compliance is that OFAC compliance occurs in real time. As such, transactions should be screened for violations as they occur, so that assets can be blocked and/or transactions can be rejected. This is born out of the “strict liability in a risk based environment” regime that OFAC imposes for violations of its sanctions programs. AML compliance, on the other hand utilizes periodic reviews, commonly referred to as look backs, to determine the extent of violations during that period and to conduct anti money laundering risk assessments on specific transactions and then file suspicious activity reports (SARs) in regards to those transactions of concern.
The question was recently raised as to whether or not it’s better to run an OFAC compliance program like an AML compliance program. The person posing the question raised the concern that since OFAC compliance is done in real time it puts a consistent burden on a financial institution’s compliance department. That person questioned whether it wouldn’t be better to not incur the expense of day to day OFAC compliance monitoring and to just deal with any violations by batching together OFAC violations in periodic voluntary self-disclosures covering periods of transactions and taking a hit on the penalty for not maintaining a traditional real time OFAC compliance program. I personally would not advise this path. The first thing I would point to is the increasing size of OFAC enforcement decisions to show that OFAC is very serious about compliance. Moreover, most OFAC sanctions programs seek to block the assets of certain parties. Allowing transactions to flow freely through U.S. financial institutions which legally require blocking would seriously harm the integrity of U.S. economic sanctions and undermine OFAC’s entire mission. Finally, by maintaining a compliance program in such a manner, a financial institution would rack up a history of OFAC violations pretty fast. Such a history would be used against that financial institutions and would accordingly increase their penalties for OFAC violations. In short, if you don’t want to draw the ire of OFAC, its probably best to just stick to the way OFAC compliance is normally handled.
The author of this blog is Erich Ferrari, an attorney specializing in OFAC matters. If you have any questions please contact him at 202-280-6370 or ferrari@ferrari-legal.com.