| [31765] | |
| May 16, 2019 | |
| TO: | ICI Members ICI Global Members AML Compliance Working Group Chief Compliance Officer Committee ICI Global Investing Subcommittee ICI Global Regulated Funds Committee SEC Rules Committee |
| SUBJECTS: | Anti-Money Laundering Compliance International/Global Litigation & Enforcement |
| RE: | OFAC Issues a Framework for Compliance Commitments |
On May 2, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) published “A Framework for OFAC Compliance Commitments” (Framework), which outlines what OFAC considers to be essential elements of an effective sanctions compliance program (SCP).[1] Using its most forceful language to date, in the Framework OFAC “strongly encourages” not only organizations subject to US jurisdiction, but also foreign entities that conduct business in or with the United States, US persons or using US-origin goods or services, to employ a risk-based approach to sanctions compliance by developing, implementing, and routinely updating a SCP. OFAC specifies that each such SCP should contain at least the following five essential elements of compliance and describes generally what should be included in an SCP with respect to each of these elements: (1) management commitment, (2) risk assessment, (3) internal controls, (4) testing and auditing, and (5) training.
The Framework also contains an appendix outlining several of the root causes that have led to apparent violations of the sanctions programs that OFAC administers, intended to assist persons with designing effective SCPs. The root causes include:
- lack of a formal OFAC SCP;
- misinterpreting, or failing to understand the applicability of, OFAC’s regulations;
- facilitating transactions by non-US persons (including through or by overseas subsidiaries or affiliates);
- exporting or re-exporting US-origin goods, technology, or services to OFAC-sanctioned persons or countries;
- utilizing the US financial system, or processing payments to or through US financial institutions, for commercial transactions involving OFAC-sanctioned persons or countries;
- sanctions screening software or filter faults;
- improper due diligence on customer/clients;
- de-centralized compliance functions and inconsistent application of an SCP; and
- utilizing non-standard payment or commercial practices.
Importantly, OFAC notes that, when evaluating the SCP of a person subject to an enforcement case, OFAC will consider favorably subject persons that had an effective SCP at the time of an apparent violation. Additionally, OFAC may, in certain cases, consider the existence of an effective SCP at the time of an apparent violation as a factor in its analysis as to whether a case is deemed “egregious” (which impacts the penalty calculation).
Eva M. Mykolenko
Associate Chief Counsel - Securities Regulation/p>