Are you compliant with sanctions laws? We have tips on how to stay up-to-date with financial sanctions and avoid any hefty fines for your company.
Sanctions may be imposed on individuals, terrorist groups (such as ISIS), business sectors and countries. There are currently over 27 UN, EU and domestic financial sanctions in place covering 1,900 individuals, groups and countries.
Under powers introduced by the UK Policing and Crime Act, the Office of Financial Sanctions Implementation in the UK (OFSI) can impose civil penalties of up to £1 million for breaches relating to financial funds, or 50% of the estimated value of those funds (whichever is highest).
There have been some headline grabbing fines, but the key lesson is whatever the size of the fine, it is going to hurt big time, so make sure your tools and controls are up to scratch, that everyone is adequately trained and that you foster a culture where compliance is a good thing.
Financial sanctions fines are not the full picture
Fines for sanctions violations keep returning. Are the fines actually working? Even though the fines can run into billions of dollars, they don’t seem to deter the industry.
This blog was initially intended to look at the larger sanctions violations related fines, until it became clear that the largest ‘fines’ are really settlements, and that the real cost of a violation is not really the fine.
Usually the headlines are dominated by US imposed fines in relation to breach of OFAC Sanctions, with the most famous headline BNP being fined nearly $9bn in 2014 for sanctions breaches relating to Cuba, Sudan and Iran. However, this is not actually true. BNP agreed a settlement to forfeit $8.83bn of revenues and put on a 5 year probation. The fine imposed was US$140m.
The HSBC ‘fine’ in 2012 also wasn’t US$1.9bn, although the bank paid some US$600m in penalties. The rest was a settlement to forfeit revenues. This was a mix of AML and Sanctions violations in relation to dealings with a Mexican drugs cartel. HSBC was fined by both the US and the UK regulator. Estimates at HSBC are that the total cost of the 2012 scandal hovers around the US$6bn by now.
Only last year JP Morgan settled allegations of sanctions breaches with a US$5.3m payment for breaches with a combined value of just over US$46K. This year Standard Chartered was ordered to pay the US some US$947m in respect of sanctions violations totaling US$438K. They were also fined an additional £102m by the UK regulator, but that mainly had an AML focus.
Hot on the heels of StanChart was Unicredit who was fined US$450m for sanctions violations and who agreed an additional settlement of over US$800m to clean up past wrongdoing.
Early 2019 the UK's Office of Financial Sanctions Implementation (OFSI) came into play with imposing its first monetary penalty for a breach of financial sanctions using its civil enforcement powers. And the financial crime industry laughed. A £5,000 fine for breaching a sanction imposed on an Egyptian entity, was surely worth more than £5,000?
Raphael’s Bank was fined £5,000 after handling funds belonging to an Egyptian financial sanctions target. Is £5,000 a joke or does it warrant compliance professionals to sit up? It is important to look behind the fine. The funds in question mounted to £200, so the fine represents 2,500% of the value of the funds in question. And the bank has the FCA’s undivided attention for some time to come.
Based on this calculation a fair fine for HSBC would have been US$20bn and the fine for BNP would have been US$220bn.
It is important to note that fines and settlements are different things, but equally important is to draw lessons from smaller fines such as the one imposed by OPSI. And just when we thought that OFSI would impose significant fines based on the value of a breach they reduced the fine for the sanctions breach by Telia (which was imposed in July this year) to £146,000 upon review even though the value of the breach has been estimated at £234k.
There is a key lesson in all of this. The size of the fine is really not that important. It brings headlines and some reputational pain, but the real penalty relates to the work that needs to be done after a fine. This will undoubtedly involve intrusive regulatory scrutiny on a daily basis and expensive temporary resources, consultants and monitors crawling all over the firm for a long time, followed by lots of remedial activity.
Top tips to ensure compliance with sanctions laws
- Provide information and training - Your staff need to be clear about the rules and know what they must do to comply. You can do this by making it compulsory for your employees to complete an e-learning training course on Economic Sanctions.
- Conduct adequate due diligence - To ensure that you don't do business with designated persons (i.e. individuals and entities subject to sanctions).
- Don't conduct any business that you know or suspect will breach sanctions.
- Check the specifics - Sanctions don't just apply to financial transactions and the freezing of assets. There may also be restrictions on the supply of services (such as giving advice) and trade (such as the supply of arms, diamonds, etc).
- Don't do anything to circumvent company controls or assist clients to evade sanctions - Make sure all payment processing is transparent. UNDER NO CIRCUMSTANCES should you remove material information from payment instructions (wire stripping), or arrange payment or supply through third parties.
- Promptly report any matches to the Sanctions compliance team - For further action, even if you think they may be false positives.
- If you've made a mistake or suspect a breach has occurred, report it quickly - Credit may be given for voluntary disclosures.
- Don't be complacent - Ignorance of the law is no excuse! Companies who are fined will be publicly named by OFSI.
Want to learn more about Financial Crime?
If you'd like to stay up to date with financial crime best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news, subscribe to the Skillcast Compliance Bulletin.
To help you navigate the compliance landscape we have collated searchable glossaries of key terms and definitions across complex topics including GDPR, Equality, Financial Crime and SMCR. We also regularly report key learnings from recent FCA fines.
You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.
And if you're looking for a compliance training solution, why not visit our Compliance Essentials Course Library?.
Last but not least, we have 60+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!
If you've any questions or concerns about compliance or e-learning, please get in touch.
We are happy to help!