Are you compliant with sanctions laws? We have tips on how to stay up-to-date with financial sanctions and avoid any hefty fines for your company.
Sanctions may be imposed on individuals, terrorist groups (such as ISIS), business sectors and countries. There are currently over 27 UN, EU and domestic financial sanctions covering 1,900 individuals, groups and countries.
Under powers introduced by the UK Policing and Crime Act, the Office of Financial Sanctions Implementation in the UK (OFSI) can impose civil penalties of up to £1 million for breaches relating to monetary funds, or 50% of the estimated value of those funds (whichever is highest).
Financial sanctions prohibit a company or country from carrying out any financial transaction with individuals, governments or entities (the target). These sanctions are an important part of foreign policy, and governments impose them to support national security.
The measures enforced typically prohibit the provision of financing, restrict the target country or entity from raising new equity or debt capital, and ban the provision of specific financial services.
Financial sanctions can apply to individuals, governments and entities. In general, financial sanctions are imposed to:
It is a criminal offence not to comply with financial sanctions.
Financial sanctions can be imposed on any individual, government and entity. The United Nations (UN), United States (US), European Union (EU) and the United Kingdom (UK) most frequently impose sanctions.
Countries that are members of the UN automatically impose financial sanctions that the UN creates.
It is important to note that fines and settlements are different things, but equally important is to draw lessons from smaller fines such as the one imposed by OFSI. Just when we thought that OFSI would impose significant fines based on the value of a breach, they reduced the sanction breach's fine by Telia to £146,000 upon review even though the value of the breach was estimated at £234k.
The size of the fine is really not that important. It brings headlines and reputational pain, but the real penalty relates to the work that needs to be done after a fine. This will undoubtedly involve intrusive regulatory scrutiny on a daily basis and expensive temporary resources, consultants and monitors crawling all over the firm for a long time, followed by lots of remedial activity.
The key lesson is that whatever the size of the fine, it will hurt big time, so make sure your tools and controls are up to scratch, that everyone is adequately trained, and that you foster a culture where compliance is a good thing.
Your staff need to be clear about the rules and know what they must do to comply. The best way to do this is via compulsory training for your employees, for example, a mandatory sanctions e-learning course.
Check your supply chain and customer list to ensure that you are not doing business with designated persons (i.e. individuals or entities subject to sanctions). Don't conduct business that you know or suspect will breach sanctions
Sanctions don't just apply to financial transactions and the freezing of assets. There may also be restrictions on the supply of services (such as giving advice) and trade (such as the supply of arms, diamonds, etc.).
Make sure all payment processing is transparent. UNDER NO CIRCUMSTANCES should you remove material information from payment instructions (wire stripping) or arrange payment or supply through third parties.
Don't take any risks, even if you think they may be false positives. By doing so, you can mitigate the penalty your company receives, as other credit may be given for voluntary disclosures.
Ignorance of the law is no excuse! And remember that the OFSI will publicly name fined companies, meaning a blow to reputation.
Fines for sanctions violations keep returning. Are the fines actually working? Even though the fines can run into billions of dollars, they don't seem to deter the behaviour. However, the more significant penalty imposed on those breaching sanctions is the settlement agreed rather than the fine.
Usually, the headlines are dominated by US-imposed fines concerning breach of OFAC Sanctions, with the most famous headline BNP being fined nearly $9bn in 2014 for sanctions breaches relating to Cuba, Sudan and Iran. However, this is not actually true. BNP agreed to a settlement to forfeit $8.83bn of revenues and put on a 5-year probation. The fine imposed was US$140m.
The HSBC 'fine' in 2012 also wasn't US$1.9bn, although the bank paid some US$600m in penalties. The rest was a settlement to forfeit revenues. This was a mix of AML and Sanctions violations relating to dealings with a Mexican drugs cartel. HSBC was fined by both the US and the UK regulators. Estimates at HSBC are that the total cost of the 2012 scandal hovers around US$6bn by now.
JPMorgan settled allegations of sanctions breaches with a US$5.3m payment for breaches with a combined value of just over US$46K. Standard Chartered was ordered to pay the US some US$947m in respect of sanctions violations totalling US$438K. The UK regulator also fined them an additional £102m, but that mainly had an AML focus.
Hot on the heels of StanChart was Unicredit, who was fined US$450m for sanctions violations and agreed to an additional settlement of over US$800m to clean up past wrongdoing.
In the UK, OFSI has the authority to impose monetary penalties of up to £1 million or 50% of the value of the breach (whichever is higher). This is imposed on the basis of a civil standard of proof. To date, OFSI has imposed monetary penalties in six cases.
The UK's OFSI imposed its first monetary penalty for a breach of financial sanctions in early 2019 using its civil enforcement powers. And the financial crime industry laughed. A £5,000 fine for breaching a sanction imposed on an Egyptian entity was surely worth more than £5,000?
Raphael's Bank was fined £5,000 after handling funds belonging to an Egyptian financial sanctions target. Is £5,000 a joke, or does it warrant compliance professionals to sit up? It is important to look behind the fine. The funds in question mounted to £200, so the fine represents 2,500% of the value of the funds in question. And the bank will have the FCA's undivided attention for some time to come.
Based on this calculation, an appropriate fine for HSBC would have been US$20bn, and the fine for BNP would have been US$220bn.
We've created a comprehensive AML roadmap to help you navigate the compliance landscape, supported by several financial crime prevention courses in our Essentials Library.
We also have 100+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!
Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, priority access to our free online learning portal and other exclusive benefits.