In the spring of 2019, the US government agencies that enforce civil and criminal violations of US economic sanctions published guidelines for industry to follow when creating and updating compliance programmes: ‘A Framework for OFAC Compliance Commitments’ issued by the US Department of Treasury, Office of Foreign Assets Control (OFAC), and ‘Evaluation of Corporate Compliance Programs’ issued by the US Department of Justice, Criminal Division.

These two documents are essential reading for anyone charged with international trade compliance, and for those who advise others on this topic, however OFAC has also been speaking loudly to industry through a spike in published enforcement cases over the last six months. The failure to analyse these cases and understand how they fit into the sanctions risk conversation could lead to compliance gaps and unnecessary risk.

Others have written about these matters in detail, and one should continue to read the official agency settlement and charging documents and third-party legal commentary as it comes out. This article will apply an in-house counsel lens and take a fresh look at the key takeaways and warnings through four questions that matter most to business.

Does the company have the inputs it needs to manufacture its goods or provide its services?

In January and February 2019, OFAC issued two cases that raise supply chain concerns: e.l.f. Cosmetics Inc. and ZAG IP, LLC. While companies often house sanctions compliance teams on the export side of the compliance function and let their import teams focus on the intricacies of duty minimisation and customs compliance, these two cases reinforce the need to ensure that import compliance and supply chain functions are trained to identify and manage sanctions risk, especially when operating in or near countries that are subject to US import restrictions, such as Iran and North Korea.

In ELF, OFAC sanctioned a US cosmetics company because two of its Chinese suppliers sourced 80 percent of the inputs for false eyelash kits that were imported into the US from North Korea. Although ELF self-identified the issue and filed a voluntary disclosure, OFAC stated that, “ELF’s OFAC compliance program was either non-existent or inadequate”. While ELF audited its suppliers, these reviews focused on quality assurance rather than ensuring the inputs were sourced from acceptable countries.

When drawing conclusions from this case, one might push back against OFAC and ask how far up the supply chain companies must go to verify country of origin and note that certain middle suppliers may be unwilling to divulge the original source of their products for fear of being cut out of the supply chain. Nevertheless, OFAC highlighted ELF’s implementation of country-of-origin audits and requiring suppliers to sign certificates of compliance with US laws as mitigating factors.

In the second case, ZAG had a supply contract to source cement clinker from an Indian company for delivery to a customer in Tanzania. Due to production issues, the Indian company informed ZAG that it would not be able to supply enough product in time, and ZAG attempted to cover by buying clinker from a company in the United Arab Emirates (UAE). Although ZAG’s employees knew that the alternative clinker was Iranian-origin, ZAG mistakenly relied on representatives from the UAE supplier that the Iranian clinker was not subject to US economic sanctions against Iran. OFAC viewed the lack of an effective compliance programme and ZAG’s senior management’s awareness that the company was dealing in Iranian-origin goods as aggravating factors.

Can the company sell its products and services to this customer?

Screening against the applicable US and non-US restricted party lists should form the core of every sanctions compliance programme. But the November 2018 OFAC settlement with Cobham Holdings, Inc. highlights the need to ensure that a company’s screening tools are sufficiently robust, especially when it comes to understanding ownership under the 50 percent rule, which states that companies owned 50 percent or more by a specially designated national (SDN) are automatically blocked, even if not separately listed on the SDN list.

Cobham’s US subsidiary Aeroflex/Metelics Inc. sold telecommunications products to Almaz Antey Telecommunications LLC (AAT) through a Russian distributor, although AAT was owned 51 percent by a Russian Specially Designated National (SDN) – JSC Almaz-Antey. Cobham’s screening programme flagged Russia as a country of concern, but it did not identify a potential match on AAT, despite the name ‘Almaz Antey’ being common to both entities.

In the settlement agreement, OFAC highlighted that Cobham’s screening software “used an all word match criteria that would only return matches containing all of the searched words, even though Cobham had set the search criteria to ‘fuzzy’ to detect partial matches”. To remedy this issue, Cobham purchased new screening software and implemented a new business intelligence tool capable of identifying and flagging entities owned by parties on the SDN list. Cobham reported to OFAC that it uses this tool on any transaction involving a US entity and Russia or Ukraine. Companies should test their screening tools to determine whether they are operating within an acceptable risk tolerance.

Will the company receive payment for this sale or can the company pay its suppliers?

The April 2019 OFAC case against Haverly System, Inc. underscores the need to monitor transactions with parties on the sectoral sanctions identification (SSI) list to ensure that a sale that may be legal under initial payment terms does not become illegal later if payment is delayed in such a way that a company extends new debt in excess of the applicable time limit.

In this case, a US company licensed software to JSC Rosneft, a Russian SSI entity. Although US companies can deal with Rosneft, at the time, US sanctions prohibited dealing in new debt of greater than 90 days maturity of Rosneft. Haverly issued an invoice due in 70 days, but around day 70, Rosneft notified Haverly that it required corrected tax documentation from Haverly to make the payment, which Haverly only provided months later. After several attempts by Rosneft to pay, Haverly finally re-issued its invoice well after the 90-day period had ended and received payment from Rosneft in violation of US sanctions.

Will this transaction subject a non-US company to US sanctions jurisdiction?

Finally, the December 2018 OFAC case against Zoltek Companies, Inc. highlights an important nuance in US sanctions laws, which base jurisdiction on a nexus to the US. While certain sanctions regimes, such as the US sanctions against Cuba and Iran, apply directly to entities owned or controlled by US persons, the so-called ‘list-based’ sanctions regimes generally apply only to non-US subsidiaries of US companies if the transaction takes place in the US, uses US dollars or a US person is involved.

In Zoltek, OFAC determined that a US company approved the purchase of a chemical input by a Hungarian subsidiary from a Belarussian SDN, JSC Naftan. Due to the nature of the Belarus Sanctions Regulations, and the fact that they do not apply directly to non-US subsidiaries of US companies, without other factors not present here, the purchase by Zoltek’s Hungarian subsidiary from Naftan did not become subject to US sanctions against Belarus until Zoltek US became involved.

In the web notice of the settlement, OFAC stated that, “[T]his case highlights the need for US parent companies to take care to segregate certain business operations of their overseas subsidiaries so that the US parent and its employees do not violate US sanctions regulations by facilitating the actions of its subsidiaries”.

Bryce Bittner, Director of Global Trade Compliance, Textron Inc.

Jul-Sep 2019 Issue

Textron Inc.