On May 2, 2019, the U.S. Department of the Treasury's Office of Foreign Assets Control released "A Framework for OFAC Compliance Commitments", providing general guidance on the elements OFAC considers to compose an effective sanctions compliance program.
Broadly, the framework endorses a risk-based approach to compliance (recognizing that no two compliance programs will be identical) and the need for a formal SCP that includes five essential components: management commitment, risk assessment, internal controls, testing and auditing, and training. The Framework is not a regulatory requirement, nor does it prescribe specific controls; rather, it indicates the elements that OFAC will look for in evaluating a company's compliance efforts in the context of any enforcement action.
The Framework also sets out prescriptive compliance commitments OFAC will seek in future enforcement actions, largely codifying commitments seen in recent settlements.
This memorandum summarizes the Framework and recent OFAC enforcement actions imposing compliance commitments.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.