Are you compliant with sanctions laws? We have tips on how to stay up-to-date with financial sanctions and avoid any hefty fines for your company.
Sanctions may be imposed on individuals, terrorist groups (such as ISIS), business sectors and countries. There are currently over 27 UN, EU and domestic financial sanctions covering 1,900 individuals, groups and countries.
Under powers introduced by the UK Policing and Crime Act, the Office of Financial Sanctions Implementation in the UK (OFSI) can impose civil penalties of up to £1 million for breaches relating to financial funds, or 50% of the estimated value of those funds (whichever is highest).
There have been some headline-grabbing fines, but the key lesson is whatever the size of the fine, it is going to hurt big time, so make sure your tools and controls are up to scratch, that everyone is adequately trained and that you foster a culture where compliance is a good thing.
Financial sanctions settlements count more...
Fines for sanctions violations keep returning. Are the fines actually working? Even though the fines can run into billions of dollars, they don’t seem to deter the industry.
However, the more significant penalty imposed on those breaching sanctions is the settlement agreed rather than the fine.
BNP - $140m fine / $8.8bn settlement
Usually, the headlines are dominated by US-imposed fines concerning breach of OFAC Sanctions, with the most famous headline BNP being fined nearly $9bn in 2014 for sanctions breaches relating to Cuba, Sudan and Iran. However, this is not actually true. BNP agreed to a settlement to forfeit $8.83bn of revenues and put on a 5-year probation. The fine imposed was US$140m.
HSBC - $600m fine / $6bn settlement
The HSBC ‘fine’ in 2012 also wasn’t US$1.9bn, although the bank paid some US$600m in penalties. The rest was a settlement to forfeit revenues. This was a mix of AML and Sanctions violations relating to dealings with a Mexican drugs cartel. HSBC was fined by both the US and the UK regulators. Estimates at HSBC are that the total cost of the 2012 scandal hovers around US$6bn by now.
Other notable settlement examples
Only last year, JPMorgan settled allegations of sanctions breaches with a US$5.3m payment for breaches with a combined value of just over US$46K. This year Standard Chartered was ordered to pay the US some US$947m in respect of sanctions violations totalling US$438K. The UK regulator also fined them an additional £102m, but that mainly had an AML focus.
Hot on the heels of StanChart was Unicredit, who was fined US$450m for sanctions violations and agreed to an additional settlement of over US$800m to clean up past wrongdoing.
Office of Financial Sanctions Implementation (OFSI)
In early 2019 the UK's OFSI came into play with imposing its first monetary penalty for a breach of financial sanctions using its civil enforcement powers. And the financial crime industry laughed. A £5,000 fine for breaching a sanction imposed on an Egyptian entity was surely worth more than £5,000?
Raphael’s Bank was fined £5,000 after handling funds belonging to an Egyptian financial sanctions target. Is £5,000 a joke, or does it warrant compliance professionals to sit up? It is important to look behind the fine. The funds in question mounted to £200, so the fine represents 2,500% of the value of the funds in question. And the bank has the FCA’s undivided attention for some time to come.
Based on this calculation, a fair fine for HSBC would have been US$20bn, and the fine for BNP would have been US$220bn.
What can we learn from these penalties?
It is important to note that fines and settlements are different things, but equally important is to draw lessons from smaller fines such as the one imposed by OPSI. And just when we thought that OFSI would impose significant fines based on the value of a breach, they reduced the fine for the sanctions breach by Telia (which was imposed in July this year) to £146,000 upon review even though the value of the breach has been estimated at £234k.
There is a key lesson in all of this. The size of the fine is really not that important. It brings headlines and reputational pain, but the real penalty relates to the work that needs to be done after a fine. This will undoubtedly involve intrusive regulatory scrutiny on a daily basis and expensive temporary resources, consultants and monitors crawling all over the firm for a long time, followed by lots of remedial activity.
Top tips to ensure compliance with sanctions laws
- Provide information and training - Your staff need to be clear about the rules and know what they must do to comply. You can do this by making it compulsory for your employees to complete an e-learning training course on Economic Sanctions.
- Conduct adequate due diligence - To ensure that you don't do business with designated persons (i.e. individuals and entities subject to sanctions).
- Don't conduct any business that you know or suspect will breach sanctions.
- Check the specifics - Sanctions don't just apply to financial transactions and the freezing of assets. There may also be restrictions on the supply of services (such as giving advice) and trade (such as the supply of arms, diamonds, etc.).
- Don't do anything to circumvent company controls or assist clients in evading sanctions - Make sure all payment processing is transparent. UNDER NO CIRCUMSTANCES should you remove material information from payment instructions (wire stripping) or arrange payment or supply through third parties.
- Promptly report any matches to the Sanctions compliance team - For further action, even if you think they may be false positives.
- If you've made a mistake or suspect a breach has occurred, report it quickly - Credit may be given for voluntary disclosures.
- Don't be complacent - Ignorance of the law is no excuse! OFSI will publicly name companies that are fined.
Want to learn more about Financial Crime?
If you'd like to stay up to date with financial crime best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news, subscribe to the Skillcast Compliance Bulletin.
To help you navigate the compliance landscape, we have collated searchable glossaries of key terms and definitions across complex topics, including GDPR, Equality, Financial Crime and SMCR. We also regularly report key learnings from recent FCA fines.
You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.
And if you're looking for a compliance training solution, why not visit our Compliance Essentials Course Library?
Last but not least, we have 70+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!
If you've any questions or concerns about compliance or e-learning, please get in touch.
We are happy to help!