Sanctions Enforcement

Subscribe to Sanctions Enforcement

It would be an understatement to describe the difference in fines levied by the US Office of Foreign Assets Control (“OFAC”) and the UK Office of Financial Sanctions Implementation (“OFSI”) as a gulf.  Prior to 31 March 2020, OFSI had concluded a total of three enforcement actions, the most significant of which resulted in a fine of just over £146,000.

By comparison, OFAC has levied nearly $9 million in fines in the first few months of 2020 and during the previous year levied nearly $1.3 billion in total.  The largest of these was a fine of $657 million that was handed down to Standard Chartered Bank (“Standard Chartered”) for violations of numerous sanctions regulations.  The majority of the OFAC settlement was part of a global settlement that included numerous US federal and state regulators, as well as the UK’s Financial Conduct Authority (which handed out a £102 million fine for anti-money laundering breaches).


Continue Reading Standard Chartered fined £20.47 million; OFSI finally showing its teeth?

Click here to read the full Client Advisory by Steptoe.

In December 2019, the US Department of Justice (DOJ) announced a revised policy regarding voluntary disclosure of export control and sanctions violations by business organizations (VSD Policy). The VSD Policy encourages business organizations – which now include financial institutions – to self-disclose “all

On December 31, 2019, the US District Court for the Northern District of Texas threw out a $2 million fine issued in 2017 by the Treasury Department’s Office of Foreign Assets Control (OFAC) under the Ukraine-Related Sanctions Regulations (URSR), 31 C.F.R. § 589.  The much-awaited opinion held that OFAC did not provide “fair notice” that the URSR prohibited dealing in contracts signed by a sanctioned individual on behalf of a non-sanctioned company, prior to the issuance of the penalty.

In reaching its decision, the Court concluded that the language of the URSR did not “’fairly address’ whether a US entity receives a service from [a Specially Designated National (SDN)] when that SDN performs a service enabling the US person to contract with a non-blocked entity.” Moreover, public statements made by relevant US government officials in 2014—some of which could be read to conflict—did not “create ascertainable certainty” of OFAC’s intention with respect to the URSR’s application. (The Court also held that contemporaneous reports by media outlets were not probative of OFAC’s regulatory intent.)


Continue Reading District Court Throws Out OFAC Penalty, Citing Due Process, Unclear Regulations

On September 17, 2019, OFAC released a settlement with UK-based British Arab Commercial Bank (BACB) in a case regarding offshore use of the dollar, demonstrating how challenging and complex it can be to assess whether offshore transactions in US dollars (USD) that involve US sanctions targets are in all respects outside of OFAC’s enforcement jurisdiction.

On May 9, 2019, the US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) published long-awaited guidance addressing how FinCEN regulations apply to what the agency calls “convertible virtual currency” (CVC), which covers most types of cryptocurrencies and crypto-tokens. The guidance focuses on:

  • Platforms engaged in exchange transactions involving securities, commodities, or futures contracts and fiat currency, CVC, or other value that substitute for currency;
  • Natural persons providing CVC money transmission as person-to-person (P2P) exchangers;
  • CVC wallets (differentiating among hosted, unhosted, and multiple signature wallet providers);
  • CVC provided through electronic terminals, kiosks, or automated teller machines;
  • CVC services provided through decentralized (software) applications (DApps), including anonymizing services;
  • Payment processing services;
  • Internet casinos;
  • Initial Coin Offerings (ICOs) and the status of creators of CVC;
  • DApp developers, users conducting financial activities, and DApps conducting CVC transactions; and
  • Mining pools and cloud miners.


Continue Reading FinCEN Issues New Advisory on BSA/AML Obligations Related to Virtual Currency

On April 25, 2019, OFAC announced that Haverly Systems, Inc. (“Haverly”), a New Jersey software company, had agreed to pay $75,375 to settle apparent violations from 2014 related to Haverly’s collection of payments from JSC Rosneft (“Rosneft”), a Russian oil major on OFAC’s Sectoral Sanctions Identifications (“SSI”) list. The key issue was OFAC’s finding that Haverly accepted the payments from Rosneft outside of the then-applicable 90-day window and thereby dealt in the restricted “new debt” of Rosneft. This appears to be the first time OFAC has published a settlement involving violations of the SSI list Directives, and underscores the importance for companies subject to US jurisdiction of monitoring invoicing and payments with SSI list entities and their subsidiaries. Non-US companies may also face “secondary sanctions” risk under Section 228 of CAATSA, on which we have previously advised, for certain types of transactions with SSI list designees. See also our previous advisory on OFAC’s SSI list sanctions, along with our previous discussion of the CAATSA-mandated changes to those sanctions.

Pursuant to Directive 2 under Executive Order 13662 and § 589.201 of OFAC’s Ukraine-Related Sanctions Regulations, US persons are prohibited from transacting or otherwise dealing in “new debt” of longer than certain stated maturity periods of SSI list designees or any entities of which they own 50% or more. At the time of this apparent violation, the relevant maturity period was 90 days.[1] “Debt” is defined broadly to include any “extensions of credit.” OFAC has stated in FAQ guidance that open payment terms, such as the time permitted to pay commercial invoices, also fall within the scope of “new debt.”
Continue Reading New Jersey Software Company Settles with OFAC for Accepting Late Payments from Rosneft

On February 7, 2019, OFAC fined a Virginia-based company, Kollmorgen Corporation, for business that its recently-acquired Turkish subsidiary allegedly conducted in Iran after determining that Kollmorgen had undertaken “extensive preventative and remedial conduct” both before and after the acquisition in an effort to ensure the subsidiary complied with US sanctions.  OFAC also found that Kollmorgen had “conduct[ed] an effective and extensive internal investigation and submit[ed] a comprehensive voluntary self-disclosure to OFAC.”  Why, then, would OFAC fine this company, if it sounds like they did everything right?  The answer is strict liability.  OFAC’s civil enforcement authority applies on a strict liability basis, meaning if the prohibited conduct occurs, the agency can impose civil penalties, even if there is no negligence, intent, or other finding of fault.  Attorneys often advise their clients that as a technical matter OFAC penalties can apply even if the company does everything that’s feasible to comply with the law, underscoring the potential risk in dealing with sanctioned countries or sanctioned parties.  But OFAC frequently declines to penalize companies under such circumstances, and instead often closes out such cases with a “warning letter”.  While the amount of the fine here was very small ($13,381, quite a downward departure from the statutory maximum of $1,500,000) due to the mitigating conduct of the US parent, other costs of the enforcement process and a finding of violation can still be significant.

The individual at the foreign subsidiary who was found to be culpable for this conduct was added to OFAC’s Foreign Sanctions Evaders (FSE) list under Executive Order 13608, which imposes a broad restriction similar to the Specially Designated Nationals (SDN) list.  This is an interesting approach to sanction an individual employee of a foreign subsidiary of a US company while providing a high degree of leniency to the cooperating US company.  Very likely Kollmorgen provided significant information about this individual’s conduct to OFAC as part of its voluntary disclosure.  OFAC provided some detail about the individual’s role in “directing” the Iran-related violations and attempting to “conceal” that activity, with a senior Treasury official remarking “This action is a clear warning that anyone in supervisory or managerial positions who directs staff to provide services, falsify records, commit fraud, or obstruct an investigation into sanctions violations exposes themselves to serious personal risk.”   OFAC remarked that this coupling of an FSE designation with a civil enforcement action was “unprecedented.”
Continue Reading Foreign subsidiary trading with Iran? OFAC really means STRICT liability

On January 31, 2019, OFAC announced a $996,080 settlement with e.l.f. Cosmetics, Inc. (“ELF”) for violations of the North Korea Sanctions Regulations arising from the importation of 156 shipments of false eyelash kits that contained materials that were sourced from North Korea and that were purchased from suppliers in China.

In January 2017, ELF discovered that approximately 80% of its false eyelash kits contained materials from North Korea, and ELF voluntarily disclosed the violation to OFAC. Among other aggravating factors, OFAC alleged that funds for the materials came under the control of the North Korean government and that ELF was a large and commercially sophisticated company engaged in a substantial volume of international trade with a “non-existent or inadequate” sanctions compliance program.

Ultimately, OFAC found that the violations were non-egregious and provided substantial mitigation against the $2,213,510 base penalty level. OFAC credited a number of specific steps that ELF undertook to prevent the risk of future violations:
Continue Reading OFAC Enforcement Action Highlights Sanctions Risk in Supply Chain

Steptoe partners Meredith Rathbone and Brian Egan authored an article on US secondary sanctions published in WorldECR’s special report, “The Global Agenda.” The article discusses how US secondary sanctions seek to target and restrict the activities of non-US persons and explains how best to deal with those sanctions.

More information is available here.

On August 10, 2017, the Department of Treasury’s Office of Foreign Assets Control (“OFAC”) announced a settlement with IPSA International Services, Inc. (“IPSA”) to resolve apparent violations of the Iranian Transactions and Sanctions Regulations (“ITSR”).   The apparent violations include importation of Iranian-origin services in violation of § 560.201 and engagement in transactions or dealings related to Iranian-origin services in violation of § 560.206 and § 560.208.  IPSA is a “risk mitigation” firm that specializes in providing regulatory-related due diligence services, among other offerings.  IPSA agreed to pay $259,200 to resolve the matter.

According to OFAC, the apparent violations stem from two contracts entered into by IPSA and one of its subsidiaries. IPSA (the US parent) entered into the first contract (“contract one”) with a third country, presumably a government agency or entity, regarding its “citizenship by investment program,” which may be a program similar to the EB-5 Immigrant Investor Visa Program in the US.  IPSA’s Canadian subsidiary entered into the second contract (“contract two”), which involved a similar immigration-related investment program, with a government-owned financial institution based in a different third country.

Some of the applicants to both of these programs were Iranian nationals whose personal information could not be appropriately vetted by sources outside Iran. In an effort to verify information about these applicants, IPSA’s Canadian subsidiary and IPSA’s subsidiary in the UAE hired subcontractors to conduct due diligence, and those subcontractors then hired third parties to obtain and validate information within Iran. 
Continue Reading Settlement Points to Potentially Expansive View of Importation of Iranian Services by OFAC