The Importance of a Sanctions Compliance Program

A Review of the Top 5 Mitigating Measures Highlighted by OFAC in 2023

📅 January 11, 2024

The U.S. Treasury’s Office of Foreign Assets Control (OFAC) in 2023 reached settlements with 17 companies, including well-known companies such as Microsoft, collecting more than $1.5 billion in penalties. Mitigating factors can help reduce the severity of penalties imposed by OFAC for sanctions violations and often involve significant remedial measures and enhancements to a company’s sanctions compliance program. The five most common mitigating factors of 2023, in order of prevalence, were:

The company had no penalty notices or Findings of Violation in the five years preceding the date of the earliest Apparent Violation;
The company cooperated with OFAC during its investigations of Apparent Violations;
The company undertook remedial measures;
The company improved its compliance measures and strengthened its compliance program;
The company voluntarily self-disclosed its Apparent Violations to OFAC.

Often, merely having a sanctions compliance program in place can spare companies significant penalties. For example, OFAC in May 2023 announced a settlement with online trading and settlement platform Poloniex, LLC, which agreed to pay nearly $7.6 million to settle its potential civil liability for tens of thousands of apparent violations of multiple sanctions programs. Poloniex did not have a sanctions compliance program when it first began operations in early 2014 and implemented one 16 months later without taking retroactive measures to ensure existing customers were not in violations of sanctions. OFAC determined that the lack of a sanctions compliance program for more than a year constituted an aggravating factor when it determined the company’s settlement amount.

OFAC considers various mitigating factors, and some mitigating factors have saved companies hundreds of thousands, if not millions, of dollars. In April 2023, Microsoft was given a nearly $3 million civil monetary penalty by OFAC due to Microsoft’s violations of multiple sanctions programs. OFAC determined that Microsoft had a robust sanctions compliance program in place at the time of the Apparent Violations, voluntarily self-disclosed the violations, and undertook significant remedial measures after a self-initiated lookback and comprehensive investigation into the causes of the violations. These mitigating factors decreased the penalty to less than one percent of the maximum penalty of over $400 million.

Mitigating factors played an even greater role in less severe penalties in 2023. OFAC in November 2023 issued a $206,213 penalty to financial services and payments firm DaVinci Payments for violating multiple sanctions programs. Mitigating factors decreased the fine from a maximum penalty of nearly $4.4 billion.

DaVinci Payments:

Had not been issued a penalty notice or Finding of Violation in the five years preceding the earliest transaction leading to the Apparent Violations;
Cooperated with OFAC during its investigation;
Undertook significant remedial measures;

DaVinci Payments also voluntarily self-disclosed its Apparent Violations.

Although Binance, the world’s largest cryptocurrency exchange, was fined a record $968 million for egregious conduct that was not voluntarily self-disclosed, Binance undertook significant remedial measures and provided substantial cooperation to OFAC to reduce its maximum $592 billion statutory penalty, including agreeing to certain compliance commitments.

The mitigating factors highlighted in 2023 demonstrate a commitment to compliance with U.S. sanctions laws. OFAC encourages all businesses that operate within the United States and/or with U.S. persons or entities to employ and maintain a sanctions compliance program. According to OFAC’s Guidance, a sanctions compliance program should maintain five key elements:

Management commitment;
Risk assessment;
Internal controls;
Testing and auditing;
And training.

OFAC will review a company’s sanctions compliance program when investigating apparent violations, and although there is no legal requirement for a company to have a formal compliance program, OFAC will favorably consider the existence of an effective and updated sanctions compliance program when determining possible penalties.

Organizations should take a risk-based approach when developing and implementing a sanctions compliance program, ensuring that it is tailored to the risk presented by the organization’s operations. A current and accurate risk assessment can help identify potential vulnerabilities, which will allow the organization to tailor its compliance program accordingly. Risk assessments should occur with frequency that properly accounts for significant developments and regulatory changes and should be used to develop and revise an organization’s sanctions compliance program, including its internal controls and scope, as well as employee training.

For more information on implementing an effective sanctions compliance program, visit the DOLFIN Library.

Recommended Blogs

Fake News vs. Real News – The Importance of Media in Due Diligence

May 6, 2024

We exist in an age when mass media outlets are criticized for bias and manipulation, and when foreign disinformation efforts further erode trust in traditional journalism. Confidence in media reports not just as a compliance tool, but also as reliable news sources is likely at near record lows as well. However, adverse media reports are a critical compliance tool that can serve as a springboard for more extensive due diligence research and can help identify potential indicators of sanctions evasion and other financial crimes.

Counterproliferation Finance Detection and Deterrence – What Can Financial Institutions Do?

April 23, 2024

The U.S. Treasury recently identified proliferation networks operating on behalf of Russia, North Korea, China, Iran, Syria, and Pakistan as threats to U.S. national security. These networks exploited the U.S. financial system to finance the proliferation of weapons of mass destruction (WMD), including financing to procure WMD components and raising revenues to support efforts by these state actors to advance their WMD activities.

2024 National Proliferation Financing Risk Assessment

April 19, 2024

The U.S. Department of the Treasury published the 2024 National Proliferation Financing Risk Assessment in February 2024 providing an in-depth analysis of the threats and vulnerabilities related to proliferation financing (PF) and highlighting key countries and non-state actors working to gain access to weapons of mass destruction (WMDs) and their components and to conventional restricted weapons and technologies.

Liberating Limits: OFAC Licenses

April 8, 2024

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) safeguards national security and helps advance U.S. foreign policy objectives by administering the U.S. sanctions regime. OFAC’s general and specific licenses serve as key mechanisms for authorizing and regulating certain transactions that would otherwise be prohibited under sanctions programs. The exceptions provided by licenses help businesses and individuals navigate international transactions without violating U.S. sanctions policies.

Stuck and Seized – Consequences of Forced Labor

March 26, 2024

Global economies are more interconnected than ever, and human rights abuses can have a profound impact on supply chains and disrupt the flow of goods. Recent deliveries of certain luxury vehicles, such as Porsches, Audis, and Bentleys have been delayed because a small component that links those vehicles with computer networks was produced by a Chinese company linked to forced labor and surveillance of Uyghur populations in China.

Russia Sanctions Evasion Case Study: Viktor Labin

March 18, 2024

When conducting customer due diligence and enhanced due diligence, simple screening for names that may be on sanctions lists is no longer sufficient given the increasing complexity of Russia’s sanctions evasion efforts and the volatile regulatory environment because of Moscow’s aggression against Ukraine. Extra research is necessary to ensure compliance with sanctions laws and adherence with your company’s own risk policies. This research, however, can be complex, and structured analytic techniques and tools are necessary for effective due diligence.

Binging Griselda? Let’s Talk Drug Trafficking Sanctions

March 7, 2024

Netflix’s new series Griselda tells the story of Griselda Blanco. Known as the “Godmother of Cocaine,” Blanco trafficked cocaine from Colombia to Miami from the 1970s to the early 2000s. Despite her criminal activities, Blanco managed to evade law enforcement for many years. There were no sanctions against Blanco at the time, since the Kingpin Act, a U.S. law aimed at combating international drug trafficking and organized crime, was enacted in 1999 after Blanco’s sentencing.

Risky Russia – Government Agencies Warn Businesses of Possible Trouble

March 5, 2024

The US Departments of State, Treasury, Commerce, and Labor in late February issued a business advisory warning firms and financial institutions about the serious legal, financial, and reputational risks of doing business in Russia. According to the State Department’s assessment, Russia’s kleptocratic environment undermines fair competition and the rule of law, exposing businesses to the risk of extortion, appropriation of assets, and US law enforcement action.

Thanks to Russia, Cross-Border Sanctions Collaboration at All-Time High

February 28, 2024

Russia's unprovoked invasion and continued aggression in Ukraine has led to an unprecedented level of collaboration by sanctions stakeholders across jurisdictions, agencies, and sectors. IFI is publishing a series of blogs to highlight this increased collaboration. In this first blog, we take a look at cooperation across borders and most notably by the REPO Task Force and Price Cap Coalition.