- The U.S. Department of the Treasury’s Office of Foreign Assets Controls (OFAC) recently published guidance that describes the framework for an effective Sanctions Compliance Program (SCP). In its guidance, OFAC makes clear that an effective SCP can, in situations where OFAC determines a civil penalty will be assessed, mitigate the penalty assessed.
- OFAC’s compliance framework, as set forth in its recent guidance, distills five “essential components of compliance” that should form the basis of all SCPs.
- Does your OFAC SCP measure up? We encourage you to try our two-minute self-assessment tool1 to find out.
The U.S. Department of the Treasury’s Office of Foreign Assets Controls (OFAC) recently published guidance that describes the framework for an effective Sanctions Compliance Program (SCP). In its guidance, OFAC makes clear that an effective SCP can, in situations where OFAC determines a civil penalty will be assessed, mitigate the penalty assessed.
The issuance of this new guidance provides companies with an opportunity to evaluate their SCPs in light of OFAC’s expectations and highlight areas where enhancements to existing SCPs could help further mitigate sanctions-related risks. In addition to providing guidance on what should now be considered essential elements of SCPs, the guidance is also instructive for companies assessing whether their own SCPs comply with covenants in their financing agreements, requiring them to institute and maintain compliance policies and procedures reasonably designed to ensure compliance with sanctions.
Akin Gump has created a simple interactive tool to help you understand whether your compliance program addresses the key elements described in OFAC’s new guidance. We encourage you to try our two-minute self-assessment tool to see how your compliance program measures up.Read on to learn more about OFAC’s recent guidance, the root causes associated with apparent violations and the OFAC’s alignment with recent Department of Justice (DOJ) guidance.
Summary of OFAC Guidance
Essential Components of Compliance
OFAC’s compliance framework, as set forth in its recent guidance, distills five “essential components of compliance” that should form the basis of all SCPs.
While OFAC continues to emphasize that companies should implement and maintain a risk-based SCP based on a number of factors, “including the company’s size and sophistication, products and services, customers and counterparties, and geographic locations,” the guidance document provides concrete examples of terms that should be considered for inclusion to achieve an effective SCP.
Root Causes of Apparent Violations
In the guidance, OFAC provides a list of “root causes” associated with apparent violations of sanctions in an effort to alert persons subject to U.S. jurisdiction of the common scenarios in past enforcement actions, as well as to assist in designing, updating, and amending SCPs. OFAC notes that this list of deficiencies is non-exhaustive, and we recommend that companies review past OFAC enforcement actions in detail when considering specific issues that may arise.
OFAC broadly outlines the following root causes as the most common ones for breaches of U.S. sanctions.
OFAC and DOJ Compliance Aligned and Focused on Effectiveness
The new OFAC guidance is generally aligned with recent guidance published by the DOJ Criminal Division on corporate compliance programs. The DOJ guidance is formulated around three inquires:
- Is the compliance program well designed?
- Is the compliance program being implemented effectively?
- Does the compliance program work in practice?
As suggested by the inquiries above, the DOJ guidance contains an explicit focus on “effective” implementation of the compliance program, suggesting an intent to look behind paper policies and procedures.
OFAC similarly focuses on effectiveness, noting that whether parties have an “effective” SCP may be considered both in its determination of whether a violation of sanctions is egregious or non-egregious, a determination which significantly impacts the potential size of a penalty, and in its consideration of aggravating and mitigating factors which result in an upward or downward adjustment of the penalty. In other words, if a violation occurs, the existence of an effective SCP may lower both the applicable base penalty, because OFAC considers the existence of an SCP when determining whether a case is “egregious” or “non-egregious,” and the actual penalty assessed because OFAC may consider an effective SCP to be a mitigating factor that would support a downward deviation from the base penalty once the “egregious”/“non-egregious” determination is made.
Click here to view the OFAC Base Penalty.
So, What Should I Do?
- Review your SCP – If you have one, update it, and ensure it includes all of the elements included in the Guidance; if you don’t have one, now is the time to create one.
- Make sure your SCP is:
- Risk-based – Consider whether your sanctions compliance policies and procedures are tailored to your risk profile. If you are not sure of your sanctions risk profile, conduct a risk assessment.
- Implemented – Consider the resources dedicated to this important function; review operational procedures and work instructions that describe the nuts and bolts of how to comply; consider an audit of your SCP.
- Responsive – Consider whether your SCP is nimble and responsive to changes in regulations and guidance.
1 The self-assessment tool is for informational purposes only and does not constitute legal advice. Your results are not determinative of whether you have had violations of U.S. sanctions laws and regulations. It is understood that the use of this self-assessment and/or the submission of your contact information, shall not establish an attorney-client relationship between you and Akin Gump. Your results are not determinative of whether you have had violations of U.S. sanctions laws and regulations.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.