HGC CONSULTING PLUS

The subject of this book has never been more urgent than it is right now. The October 7 surprise attacks on Israel have proven once again that terrorism is a real and present danger, and that sanctions—despite the reality of constantly evolving evasion techniques, as we will discuss in the last chapter—are still a vital tool that nations wield in response to it.

As I was putting this book together, the US and the UK worked together to quickly impose several rounds of sanctions¹ on Hamas leaders and financiers. Currently, Hamas is the target of three OFAC sanctions programs, “resulting in the blocking of any property and interests in property of Hamas that are in the United States or hereafter come within the United States, or that are in or hereafter come within the possession or control of a United States person.”²

Not only that, the US was able to swiftly reach a “quiet understanding”³ with Qatar to prevent Iran from gaining access to $6 billion in assets parked in a Qatar bank as part of a prisoner exchange deal, and that Washington retains the right to completely freeze the account.^*

To understand how the “sanctions” hammer was able to come down so swiftly and decisively, we must look back more than two decades ago to the attack on the World Trade Center. No doubt about it: September 11, 2001, changed our world forever. The images of the hijacked planes crashing into the towers are burned into our collective memory, as are impressions of the patriotism and unity that (briefly) followed. And, for better or worse, the aftermath of that deadly day manifested in costly wars, expanded executive powers, and sweeping changes in how national security issues are perceived and handled.

One such issue is anti-terrorist financing. Quite simply, before 9/11, it wasn’t the compliance priority that it is now. At that time, money laundering controls were focused primarily on drug trafficking and financial fraud on a grand scale. The government and banking and financial institution control systems weren’t set up to notice or disrupt the small, (relatively) routine transactions made by the hijackers: flight training, housing payments, food purchases, and so forth. It’s been determined that the entire 9/11 operation may have cost al Qaeda⁵ less than $500,000, and only $300,000 of that passed through US bank accounts. Given these factors, it’s not surprising that intelligence reporting was sporadic and inefficient.

Of course, hindsight is always 20/20. After the events of that terrible day in September, US and global anti-terrorist financing have changed. The US domestic and international intelligence community now has a far better understanding of how terrorists raise funds and move (and hide) money…and it has gotten increasingly aggressive about acting on that knowledge.

How does this impact you? As a result of increased post-9/11 scrutiny—and the passage of the USA PATRIOT Act—there’s a significant chance that your organization could inadvertently do business with an individual or entity on the Office of Foreign Assets Control (OFAC)’s Specially Designated Nationals (SDN) List. You could extend credit to, manage investments for, or provide other goods or services to an entity or someone who (unbeknownst to you) has prohibited ties to a sanctioned country—or to a client or partner with prohibited ties to such an individual or entity.

For various reasons, which will be explained in detail in this book, every company—whether located in the United States or outside, engaged in banking and finance or not, large or small—is at risk to fall under the scope of OFAC sanctions regulations. Whether US sanctions are an effective tool or not, the reality is that they exist and—at least from what I can tell—are here to stay. This is (or at least should be) a sobering thought. I wrote this book to help you 1) to determine whether your organization is subject to OFAC sanctions law, and 2) if so, how to comply with OFAC sanctions regulations and build a robust OFAC sanctions compliance program that satisfies regulatory expectations.

The fight against terrorism is a complex one. Yet while it’s a multifaceted effort between domestic and international intelligence agencies, regulators, countries, and others, US domestic and international financial institutions play a key role. In this book, we will examine how you can do your part in the global fight against terrorism by building a robust sanctions compliance program that will help to detect criminal activities early on…or at least provide your pieces of the puzzle to intelligence agencies as part of a broader investigation.

We’ll do a deeper dive into what sanctions are, why so many organizations are at risk (including those that may not even realize they’re considered “financial institutions” or an entity of “primary money laundering concern”), and how you can avoid violating OFAC sanctions. We’ll also discuss the consequences of running afoul of these sanctions, including a few real-world cautionary tales of financial institutions that were hit with billion-dollar fines.

We’ll provide you with useful guidelines and a road map for developing and implementing a sanctions governance and internal control framework to manage your institution’s sanction risks.

You will learn how to assess the sanctions risk exposures of your business as well as deal with your customers and/or transactions. With powerful best practices in dealing with risk exposures, you will be able to develop and implement the critical controls—policies and procedures, training, customer due diligence (CDD), sanctions screening, etc.—necessary to effectively mitigate your institution’s sanctions risks. You will also learn how to establish effective oversight of sanctions control procedures by developing an effective sanctions governance framework.

We’ll also cover the basics of internal and external communication, including internal escalation and reporting, dealing with the media, and the intricacies of individual and corporate liability.

Finally, we’ll close with special focus areas that include recent sanctions against Russia and China, common evasion techniques, and applying for an OFAC license.

The bottom line is this: In an age of increasingly complex global dynamics and rising tensions, companies must take the subject of sanctions seriously. If you are a bank or financial institution, you are under the regulatory obligation to develop a robust OFAC sanctions program. For other types of organizations, having an OFAC sanctions program is not a requirement; however, if you happen to transact with someone on the SDN List or enter into a prohibited transaction, you are subject to fines and other consequences. Thus, all companies, regardless of type, size, or location on the map, need to assess their risk and determine what action to take in response.

Not only will creating a solid sanctions compliance program help you avoid making a costly misstep, it also demonstrates a “good faith” effort that may make you less likely to be fined if you do accidentally commit a violation. By occupying yourself with this topic, you can potentially avoid multimillion-dollar fines, multiyear investigations, and reputational damage that has ongoing negative consequences.

It is my hope that Building and Maintaining a Global OFAC Sanctions Program makes a complicated topic easier to understand—and, most important, that it will keep you and your company safely in compliance and thriving in our ever-changing business world. 

____

^* Part of the previous prisoner exchange deal had been for the US to issue a waiver allowing international banks to move that $6 billion from South Korea to Qatar without fear of invoking US sanctions.⁴