OFAC’s New Framework for an Effective Sanctions Compliance Program Provides Important Risk Mitigation Advice

May 30, 2019

Reading Time : 5 min

Key Points:

  • The U.S. Department of the Treasury’s Office of Foreign Assets Controls (OFAC) recently published guidance that describes the framework for an effective Sanctions Compliance Program (SCP). In its guidance, OFAC makes clear that an effective SCP can, in situations where OFAC determines a civil penalty will be assessed, mitigate the penalty assessed.
  • OFAC’s compliance framework, as set forth in its recent guidance, distills five “essential components of compliance” that should form the basis of all SCPs.
  • Does your OFAC SCP measure up? We encourage you to try our two-minute self-assessment tool1 to find out.

The U.S. Department of the Treasury’s Office of Foreign Assets Controls (OFAC) recently published guidance that describes the framework for an effective Sanctions Compliance Program (SCP). In its guidance, OFAC makes clear that an effective SCP can, in situations where OFAC determines a civil penalty will be assessed, mitigate the penalty assessed.

The issuance of this new guidance provides companies with an opportunity to evaluate their SCPs in light of OFAC’s expectations and highlight areas where enhancements to existing SCPs could help further mitigate sanctions-related risks. In addition to providing guidance on what should now be considered essential elements of SCPs, the guidance is also instructive for companies assessing whether their own SCPs comply with covenants in their financing agreements, requiring them to institute and maintain compliance policies and procedures reasonably designed to ensure compliance with sanctions.

Akin Gump has created a simple interactive tool to help you understand whether your compliance program addresses the key elements described in OFAC’s new guidance. We encourage you to try our two-minute self-assessment tool to see how your compliance program measures up.Read on to learn more about OFAC’s recent guidance, the root causes associated with apparent violations and the OFAC’s alignment with recent Department of Justice (DOJ) guidance.

Summary of OFAC Guidance

Essential Components of Compliance

OFAC’s compliance framework, as set forth in its recent guidance, distills five “essential components of compliance” that should form the basis of all SCPs.

While OFAC continues to emphasize that companies should implement and maintain a risk-based SCP based on a number of factors, “including the company’s size and sophistication, products and services, customers and counterparties, and geographic locations,” the guidance document provides concrete examples of terms that should be considered for inclusion to achieve an effective SCP.

Root Causes of Apparent Violations

In the guidance, OFAC provides a list of “root causes” associated with apparent violations of sanctions in an effort to alert persons subject to U.S. jurisdiction of the common scenarios in past enforcement actions, as well as to assist in designing, updating, and amending SCPs. OFAC notes that this list of deficiencies is non-exhaustive, and we recommend that companies review past OFAC enforcement actions in detail when considering specific issues that may arise.

OFAC broadly outlines the following root causes as the most common ones for breaches of U.S. sanctions.

OFAC and DOJ Compliance Aligned and Focused on Effectiveness

The new OFAC guidance is generally aligned with recent guidance published by the DOJ Criminal Division on corporate compliance programs. The DOJ guidance is formulated around three inquires:

  • Is the compliance program well designed?
  • Is the compliance program being implemented effectively?
  • Does the compliance program work in practice?

As suggested by the inquiries above, the DOJ guidance contains an explicit focus on “effective” implementation of the compliance program, suggesting an intent to look behind paper policies and procedures.

OFAC similarly focuses on effectiveness, noting that whether parties have an “effective” SCP may be considered both in its determination of whether a violation of sanctions is egregious or non-egregious, a determination which significantly impacts the potential size of a penalty, and in its consideration of aggravating and mitigating factors which result in an upward or downward adjustment of the penalty. In other words, if a violation occurs, the existence of an effective SCP may lower both the applicable base penalty, because OFAC considers the existence of an SCP when determining whether a case is “egregious” or “non-egregious,” and the actual penalty assessed because OFAC may consider an effective SCP to be a mitigating factor that would support a downward deviation from the base penalty once the “egregious”/“non-egregious” determination is made.

Click here to view the OFAC Base Penalty.

So, What Should I Do?

  • Review your SCP – If you have one, update it, and ensure it includes all of the elements included in the Guidance; if you don’t have one, now is the time to create one.
  • Make sure your SCP is:
    • Risk-based – Consider whether your sanctions compliance policies and procedures are tailored to your risk profile. If you are not sure of your sanctions risk profile, conduct a risk assessment.
    • Implemented – Consider the resources dedicated to this important function; review operational procedures and work instructions that describe the nuts and bolts of how to comply; consider an audit of your SCP.
    • Responsive – Consider whether your SCP is nimble and responsive to changes in regulations and guidance.

Contact Information

If you have any questions concerning this alert, please contact:

Kimberly Myers
Email
Washington, D.C.
+1 202.887.4423

Shiva Aminian
Email
Los Angeles
+1 310.552.6476

Mahmoud Baki Fadlallah
Email
Dubai
+971 4.317.3030

Nnedinma Ifudu Nweke
Email
Washington, D.C.
+1 202.887.4013

Tom McCarthy
Email
Washington, D.C.
+1 202.887.4047

Wynn H. Segall
Email
Washington, D.C.
+1 202.887.4573

Melissa J. Schwartz
Email
Washington, D.C.
+1 202.887.4539

Dallas Woodrum
Email
Washington, D.C.
+1 202.887.4591


1 The self-assessment tool is for informational purposes only and does not constitute legal advice. Your results are not determinative of whether you have had violations of U.S. sanctions laws and regulations. It is understood that the use of this self-assessment and/or the submission of your contact information, shall not establish an attorney-client relationship between you and Akin Gump. Your results are not determinative of whether you have had violations of U.S. sanctions laws and regulations.

Share This Insight

© 2024 Akin Gump Strauss Hauer & Feld LLP. All rights reserved. Attorney advertising. This document is distributed for informational use only; it does not constitute legal advice and should not be used as such. Prior results do not guarantee a similar outcome. Akin is the practicing name of Akin Gump LLP, a New York limited liability partnership authorized and regulated by the Solicitors Regulation Authority under number 267321. A list of the partners is available for inspection at Eighth Floor, Ten Bishops Square, London E1 6EG. For more information about Akin Gump LLP, Akin Gump Strauss Hauer & Feld LLP and other associated entities under which the Akin Gump network operates worldwide, please see our Legal Notices page.