A framework for compliance with U.S. economic and trade sanctions programs that emphasizes a risk-based approach to formal compliance programs – along with a look at “root causes” of compliance breakdowns, which can draw hefty fines to offenders – was published Thursday by Treasury’s Office of Foreign Assets Control (OFAC).
The framework, titled A Framework for OFAC Compliance Commitments, advocates a risk-based approach to establishing a formal sanctions compliance program (SCP) and is intended for organizations subject to U.S. jurisdiction and foreign entities that conduct business in or within the U.S. or U.S. persons or that use U.S.-origin goods and services.
“As the United States continues to enhance our sanctions programs, ensuring that the private sector implements strong and effective compliance programs that protect the U.S. financial system from abuse is a key part of our strategy,” said Sigal P. Mandelker, Under Secretary for Terrorism and Financial Intelligence, in a statement included with Thursday’s announcement of the framework.
OFAC, in its framework document, notes that each risk-based SCP will vary depending on a variety of factors – among them, the company’s size and sophistication, products and services, customers and counterparties, and geographic locations – and states that each program should be predicated on and incorporate at least five essential components of compliance: (1) management commitment; (2) risk assessment; (3) internal controls; (4) testing and auditing; and (5) training.
Violations of sanctions can result in civil money penalties (CMPs), but OFAC suggests that having a formal SCP in place can help mitigate the severity of such fines.
“When applying the Guidelines to a given factual situation, OFAC will consider favorably subject persons that had effective SCPs at the time of an apparent violation,” the document states. “For example, under General Factor E (compliance program), OFAC may consider the existence, nature, and adequacy of an SCP, and when appropriate, may mitigate a CMP on that basis. Subject persons that have implemented effective SCPs that are predicated on the five essential components of compliance may also benefit from further mitigation of a CMP pursuant to General Factor F (remedial response) when the SCP results in remedial steps being taken.”
The framework document also contains an appendix outlining several of the root causes that have led to apparent violations of the sanctions programs that OFAC administers. “OFAC recommends all organizations subject to U.S. jurisdiction review the settlements published by OFAC to reassess and enhance their respective SCPs, when and as appropriate,” the document states.