Welcome to the second in our blog series on the challenges of sanctions screening, which seeks to highlight issues with and solutions to common, costly pitfalls in screening processes.
In last week’s blog, we examined the principles of sanctions screening, and discussed how robust sanctions risk governance must be incorporated into every organisation’s screening process.
This week, we outline the expectations on businesses to be continually informed of and mitigate their sanction risks, as well as detailing the penalties that are incurred when an organisation commits a breach of sanction.
The importance of sanctions risk due diligence to ensure compliance
While there are globally defined standards for performing sanctions screening and due diligence, every company implements variations according to their business strategy and risk appetite.
Sanctions risk management must be case specific with a structured approach. What’s more, due diligence is a continuing obligation demanding a robust, methodological approach to ensure compliance, even when regulations or individuals change.
In the UK, the view of the Office of Financial Sanctions Implementation (OFSI) is that:
“Financial sanctions are generally widely publicised and that businesses, particularly those operating internationally, will have reasonable cause to suspect that sanctions might be relevant to them. Therefore, they won’t be able to avoid liability simply by failing to consider their sanctions risks.”
OFSI expects all businesses who engage in activities where financial sanctions apply to stay up to date with the sanctions regimes in force, and to not only consider the likely sanctions exposure risk, but to take appropriate steps to mitigate those risks.
To add to the complexity, in any single scenario there may be several layers of sanctions. This is because sanctions may be created by multiple bodies, including those from the UN, EU, UK, US, Canada and Australia.
The cost of sanctions breaches
While specific compliance requirements vary globally, compliance is mandatory for all affected individuals and legal entities. Breaches are a criminal offence and can lead to fines and even imprisonment.
In the UK, the OFSI’s latest guidance, Monetary Penalties for Breaches of Financial Sanctions is a significant change; it signals the regulator’s strengthening determination to use its full powers to ensure compliance.
Breaches of financial sanctions can lead to the following penalties (UK):
- Deferred Prosecution Agreements (DPAs): Court-approved agreements between an organisation and a prosecutor who is considering prosecuting the organisation for an offence.
- Serious Crime Prevention Orders (SCPOs): Imposed by a court on the civil standard of proof. Designed to prevent an individual or organisation from further engaging in serious crime.
- Custodial sentences: Offences relating to UK financial sanctions carry a maximum of seven years’ imprisonment on indictment (applying to all the UK) and, on summary conviction, a maximum of six months’ imprisonment in England and Wales, 12 months in Scotland and six months in Northern Ireland.
Sanctions breaches and monetary penalties
Under the powers in the Policing and Crime Act 2017, the value of a monetary penalty may range from up to £1 million, to the greater of £1 million or 50% of the estimated value of the funds or resources. The final penalty depends on breach or failure. In the US, sanctions violation can lead to civil and criminal penalties that exceed several million dollars.
Below see OFAC fines between 2009 and 2020.
The aggregate number of fines varies widely each year with no established or reliable trend. Notably, the value of the fines is also expansive, with the smallest fine being $5,000 (2020) and the largest a staggering $963,619,900 (2014).
Sanctions screening: how to reduce false positives in client and transaction screening
We have explored in today’s blog the precedent for due diligence for organisations when it comes to recognising and mitigating sanction risks. Compliance with sanctions is mandatory for all affected individuals and organisations, and the consequences of noncompliance can be detrimental as well as incredibly costly.
Over the next instalments of this blog series, we will discuss the challenges organisations face regarding sanctions risk management and how the latest technology, like that of Napier, can minimise error in the screening process and protect from costly penalties.
This article is the second in a series of a larger paper authored by Napier.
If you would like to read the full paper, you can download it here.