Written by Jackson Wood, Director, Industry Solutions, Trade Compliance, Descartes Systems Group 

A global private banking firm recently agreed to settle OFAC compliance violations by paying a US$3.7 million fine. The Swiss based financial services institution incurred multiple sanctions breaches through several of its subsidiaries as far back as 2014. These were related to OFAC’s denied party sanctions, including $29.9 million in transactions processed from Cuba, a sanctioned country.

OFAC’s base-level civil penalty was originally $10.6 million, but the total was reduced since the international financial firm self-disclosed the violation, fully cooperated with the investigation, and implemented comprehensive remedial actions to avoid future violations.

This incident underscores the importance of integrating comprehensive denied party screening software solutions across the organization and within critical processes such as when onboarding new clients. It also emphasizes the need for consistent OFAC screening programs to keep up to date with new sanctions that may apply to existing clients. In this article, we will explore this incident and highlight the lessons it can teach international enterprises.

Key Takeaways

  • A global private financial firm based in Switzerland identified and self-reported OFAC sanction violations, triggering an investigation that resulted in a civil penalty.
  • OFAC ultimately imposed a civil penalty of $3.7 million, which was brought down from $10.6 million due to several important mitigating factors.
  • The inadvertent OFAC compliance violations by the Swiss financial firm shines a light on the importance of conducting thorough denied party screening for new and existing clients to avoid non-compliance.
  • This enforcement action also shows how OFAC sanctions extend beyond U.S. borders necessitating the need for robust OFAC screening programs by foreign based organizations whose transactions involve the U.S. financial systems.
  • OFAC provides a framework to help organizations reduce the risk of violations, and Descartes gives you robust tools and comprehensive sanctions list content to perform accurate OFAC screening.

How A Foreign Based Financial Firm Violated Multiple OFAC Compliance Regulations

According to the enforcement release by the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC), between 2014 and 2018, a private Swiss banking group, recently agreed to pay US$3.7 million in a settlement to resolve its potential civil liability for apparent OFAC sanctions infractions.

The firm has over 40 global subsidiaries, several of which incurred OFAC compliance violations by processing securities transactions on behalf of denied partes and individuals in sanctioned jurisdictions. OFAC outlined the violations stemming from 868 transactions into the following three categories:

  1. Cuba transactions: The Swiss private bank caused U.S. securities firms to process 727 securities-related transactions on behalf of customers in Cuba, totaling $29 million. These transactions occurred at subsidiaries located in multiple countries and enabled Cuban clients to make financial transactions, including the purchase, sale, and redemption of securities positions. This was made possible through the use of omnibus accounts with U.S. custodians. Omnibus accounts allow multiple individuals to pool funds together and trade in the name of the Swiss firm rather than the names of the underlying clients. Since the U.S. has a complete trade and economic embargo against Cuba, these transactions are unlawful.
  2. Specially Designated Narcotics Trafficking Kingpin: Additionally, 141 securities-related transactions totaling $468,615 were processed for an individual who had been blocked under the Kingpin Act. The individual’s account was opened with the firm’s subsidiary in Singapore in 2009, but they were not sanctioned until 2014. Failure to implement continuous rescreening meant the U.S. securities firms that transacted with the omnibus account were unaware that the subaccount belonged to a denied party and as such allowed the sanctioned individual to receive dividends and payments totaling $468,615.
  3. Designated Russian individual: The Swiss global bank inadvertently distributed five dividends to a party that became sanctioned in 2023, totaling $1,200. In this instance, even though the financial firm had identified the blocked party, imposed restrictions on their account and notified their U.S. counterparts, an internal control oversight allowed these payments to still go through. These transactions breached the Russia sanctions program.

The total settlement amount of $3.7 million reflects the financial firm’s voluntary self-disclosure and non-egregious OFAC compliance violations. Remedial measures implemented after the incident have also been significant and played a role in reducing the total fine, which we’ll explore more below.

Major Factors Influencing the Total Settlement Amount

OFAC follows a comprehensive process for arriving at a total settlement amount following sanction violations. The agency weighs major aggravating and mitigating factors when considering the final amount. For the violations in this case, OFAC described several aggravating factors, including:

  • Failure to take due caution or care by not screening customers and prospects for denied parties, as required under OFAC compliance rules.
  • The financial services company knew or had reason to believe that it held securities on behalf of blocked persons.
  • Over four years, the Swiss banking group processed 727 transactions involving individuals in Cuba, benefiting a comprehensively sanctioned jurisdiction, and increasing the value of blocked persons’ assets by not stopping transactions in the United States.

Conversely, there were mitigating factors that contributed to reducing the total fine, which are:

  • The organization did not receive a notice from OFAC; they discovered and self-disclosed the OFAC compliance violations.
  • The Swiss banking group had taken steps to restrict access to the accounts of blocked clients, meaning no party continued to enjoy economic benefit from the U.S. financial system after discovery.
  • The organization applied significant remedial actions in response to its apparent violations, including implementing restrictions and denied party screening processes to avoid inadvertently making the same error in the future.
  • During OFAC’s investigation, the global financial firm was highly cooperative and provided timely responses to any requests.

It’s crucial to highlight that the base civil monetary penalty for the firm’s violations is $10.6 million but was reduced to the final $3.7 million due to the mitigating factors listed above. Without self-disclosure and revising screening procedures, the OFAC penalty would have likely been much closer to the original figure.

Key Learnings From this OFAC Compliance Case

OFAC’s enforcement release explicitly cites this incident as an example of the risks and complexities that financial institutions with a global roster of clientele must navigate. This is especially true for those managing omnibus accounts which by nature obscures the identity of the beneficiaries of underlying sub-accounts.

From this OFAC compliance violation we learn four critical lessons that can help prevent future sanctions breaches:

  1. Understand Your Risk Landscape: Non-U.S. based entities whose business activities connect with U.S. based individuals or services must understand the full structure of their operations and map out the touch points that expose themselves and their U.S. counterparts to sanctions risks. Any business, foreign or domestic, whose activities rely on the U.S. financial systems fall under the jurisdiction of OFAC and as such should have the appropriate measures for compliance. Organizations can leverage the expertise of global compliance firms in appropriately evaluating OFAC sanctions risks and understanding their regulatory obligations.
  2. Conduct Comprehensive OFAC Screening for Denied Parties: U.S. and non-U.S. entities must ensure the implementation of risk-based controls, including tools to identify underlying sub-accounts and prevent potentially unlawful transactions. In its press release, OFAC advised financial institutions to conduct necessary due diligence prior to providing services to a new client and screen all customers against the OFAC SDN List (Specially Designated Nationals and Blocked Persons List).
  3. Establish Strong Internal Controls and Mitigating Policies / Procedures: It is crucial that these controls effectively address all potential risks. For instance, controls aimed at restricting account activity by sanctioned parties should be comprehensive enough to prevent all dubious transactions. As with the violation related to Russia sanction programs, comprehensive internal OFAC compliance controls would include measures to halt activities like interest and dividend payments that have connections to the U.S. market. By ensuring the breadth and depth of these controls, organizations can better safeguard themselves against inadvertent sanctions violations and mitigate associated regulatory and reputational risks. OFAC also provides guidance for how companies should respond to identified sanctioned parties attempting to access U.S. based services.
  4. Perform Dynamic and Continuous Denied Party Screening: Given that OFAC’s sanctions programs and denied party lists are constantly changing, organizations need a schedule for frequent rescreening to proactively stay ahead of compliance risks. This recent OFAC settlement shows instances where rescreening could have helped prevent a sanctions breach. A client may pose no risk at the point of onboarding but may be added to OFAC’s SDN list years later or simply change location to a restricted jurisdiction.

Descartes Denied Party Screening Enables Effective OFAC Compliance

Descartes offers the right compliance tools and strategies that enable organizations to meet regulatory obligations and efficiently navigate the complexities of sanctions risk. Our OFAC compliance solutions empower your organization to:

Descartes Visual Compliance and Descartes MK Denied Party Screening solutions are flexible and modular, allowing organizations to pick the specific and exact functionality and content they need for their particular compliance needs and scale up later as and when necessary.

Do you need to upgrade your OFAC screening processes? Contact us today to speak to an OFAC sanctions compliance specialist and learn more about how our efficient and accurate denied party screening solution can keep you compliant.

Additionally, you can read what our customers are saying about Descartes Denied Party Screening on G2 – an online third- party business software review platform. Or explore this testimonial ebook to see why we are listed among the Top 50 Best Software for Enterprises.