July 7, 2018
In recent times, the implementation of economic sanctions has been the go-to method for governments to put pressure on those countries that do not adhere to international standards. The implementation of economic sanctions as a leveraging tool has grown exponentially in the last decade and, as a result, given rise to a myriad of new rules and regulations that compliance suites must follow or suffer the consequences.
Nevertheless, despite this influx of new sanctions-based requirements, many compliance suites still continue to embedsanctions into their overall Anti-Money Laundering (AML)programs.
While it is true that sanctions and AML regimes have similar objectives and characteristics, such as the use of judgment; the importance of CDD/KYC;and the adoption of a risk-based approach, there are a number of significant differences between sanctions and AML that warrant treating them as distinct compliance genres.
- Different Legal Basis
|Legal Basis||More numerous legal instruments, and country specific regimes||In the U.S., the main regulatory requirements are in the Bank Secrecy Act|
Sanctions and AML regulations are based on differing legal bases.
In the U.S., AML regulatory requirements mostly derive from the Bank Secrecy Act (BSA) (1970), and its provisions. Additional legal requirements derive from, among others, the Money Laundering Control Act (1986), Annunzio-Wylie Anti-Money Laundering Act (1992), and the Money Laundering Suppression Act (1004).
The Bank Secrecy Act and its regulations are not “country-based”.
As such, the suspicious activity reporting regime and AML program measures that a financial institution in the U.S. must taketo prevent and detect money laundering byan Italian organized crime group would be the same as those taken to prevent and detect money laundering by a Russian organized crime group.
This is different for sanctions. Because each program is based on different foreign policy and national security goals, prohibitions may vary between programs.
The core statutory basis for most of OFAC’s country-based sanctions regimes is the International Emergency Economic Powers Act (IEEPA). This federal law, included in Title 50 (War and National Defense), Chapter 35, of the U.S. Code, provides continuing authority for the President—after a declaration of national emergency with respect to a particular threat—to regulate, in order to deal with that threat, among other things, transactions involving the property of foreign persons that is subject to U.S. jurisdiction.
Another important piece of legislation is the Trading With the Enemy Act, which was amended in 1941, grants to the president, during times of war or national emergency, the authority to prohibit or regulate trade, investments, remittances, travel, and virtually any economic transactions with any designated country or its nationals, wherever located.
The President exercises this authority simply by officially declaring what they believe to be a ‘national emergency’ and exercises this power by:
- issuing executive orders (EOs), which declare or reaffirm a previous declaration of national emergency, and which may block the property of certain entities, prohibit certain transactions;
- order the heads of departments, in particular the Secretary of the Treasury, to issue regulations restricting certain activities.
The majority of country-based sanctions programs are regulations promulgated by the Secretary of the Treasury, pursuant to those executive orders, which enumerate prohibitions related to the country in question.
Examples of regulations issued under IEEPA:
31 CFR Part 510 – NORTH KOREA SANCTIONS REGULATIONS
31 CFR Part 535 – IRANIAN ASSETS CONTROL REGULATIONS
31 CFR Part 537 – BURMESE SANCTIONS REGULATIONS
31 CFR Part 538 – SUDANESE SANCTIONS REGULATIONS
31 CFR Part 541 – ZIMBABWE SANCTIONS REGULATIONS
31 CFR Part 542 – SYRIAN SANCTIONS REGULATIONS
31 CFR Part 543 – CÔTE D’IVOIRE SANCTIONS REGULATIONS
31 CFR Part 546 – DARFUR SANCTIONS REGULATIONS
31 CFR Part 547 – DEMOCRATIC REPUBLIC OF THE CONGO SANCTIONS REGULATIONS
31 CFR Part 548 – BELARUS SANCTIONS REGULATIONS
31 CFR Part 549 – LEBANON SANCTIONS REGULATIONS
31 CFR Part 551 – SOMALIA SANCTIONS REGULATIONS
31 CFR Part 560 – IRANIAN TRANSACTIONS AND SANCTIONS REGULATIONS
31 CFR Part 561 – IRANIAN FINANCIAL SANCTIONS REGULATIONS
31 CFR Part 562 – IRANIAN HUMAN RIGHTS ABUSES SANCTIONS REGULATIONS
31 CFR Part 570 – LIBYAN SANCTIONS REGULATIONS
31 CFR Part 576 – IRAQ STABILIZATION AND INSURGENCY SANCTIONS REGULATIONS
31 CFR Part 588 – WESTERN BALKANS STABILIZATION REGULATIONS
In contrast to AML, sanctions laws and regulations are different depending on the country, or group, that is targeted. Compliance suites will have to know these differences and make their decisions accordingly.
- Fast-Changing Rules
|Fast-Changing Rules||Can be enacted by Congress, but often is quickly imposed by Presidential Executive Order||Laws enacted by Congress, regulations by FinCEN,only from time to time|
In general, AML laws are less dynamic than sanctions laws.
Relatively speaking, AML requirements are only changed in a material way from time to time. One example is the USA PATRIOT Act of 2001, which changed the BSA in more than 50 instances and triggered many new BSA regulations. More recently, in 2016, FinCEN issued strengthened Customer Due Diligence (CDD) requirements for financial institutions. This regulation, however, became effective almost two years later, in May 2018, giving financial institutions ample time to prepare for the new requirements.
As Sanctions are usually enacted in response to a crisis or human rights violation, they are created in a much more volatile environment than their AML counterparts. Due to the frequent use of Executive Orders, which trigger new regulations issued by OFAC or other agencies,sanctions law and regulations often change much more quickly than AML law and regulations, giving rise to more complex compliance challenges, and less time for compliance departments to get prepare.
OFAC changes to sanctions regulations in June 2018
06/28/2018: Removal of the Sudan Regulations
06/28/2018: Publication of Global Magnitsky Regulations
06/27/2018: Revocation of JCPOA-Related General Licenses, Amendment of the Iranian Transactions and Sanctions Regulations
06/18/2018: Publication of Amended Rough Diamonds Control Regulations
06/04/2018: Issuance of Ukraine/Russia-related License
For example, last month alone, OFAC published the following changes in regulations on its website. These become effective after the date of publication in the Federal Register, which is typically in less than 30 days.
As such, sanctions requirements not only differ from AML requirements, but also require a compliance team to keep abreast of continual change in order to avoid getting into trouble with the regulator.
- A Broader Scope
Not only are the legal instruments more numerous when it comes to sanctions, but their scope is more far reaching.
As is strictly defined by regulations, AML typically applies to “covered” entities, which includes financial institutions and other sectors particularly vulnerable to money laundering such as casinos and precious metal dealers. If the industry is not listed, the regulatory rules do not apply.
|Scope||Applies to all individuals and companies from all sectors||Typically applies to “covered” entities defined by AML regulations.|
With sanctions, all U.S. persons must comply with the laws and regulations. This includes all U.S. citizens and permanent resident aliens regardless of where they are located, all persons and entities within the U.S., all U.S. incorporated entities and their foreign branches. In the cases of certain OFAC programs, foreign subsidiaries owned or controlled by U.S. companies also must comply. Certain programs also require foreign persons in possession of U.S.-origin goods to comply.
This broad scope can create serious compliance challenges when dealing with sanctions,not only for limited industries, but individuals and all kinds of companies.
- Fuzzy Guidance vs Prescriptive Rules
Sanctions guidance is also much harder to come by than advice on how to comply with BSA/AML rules.
For the most part, AML rules are prescriptive in nature. Often times, they will delineate exactly what is should be included in an AML program, going so far as to list the specific elements required, such as: Customer Identification Program (CIP), Customer Due Diligence (CDD), a designated AML officer, ongoing AML training, and periodic independent reviews.
|Guidance/Rules||Usually do not describe the process required to achieve compliance (exception: NYDFS Part 504)||Prescriptive – require an AML program with specific elements.|
Sanctions compliance can be more challenging. With few exceptions, such as New York Department of Financial Services (NYDFS)’s Part 504 Rule, sanctions do not typically describe the process required to achieve compliance.
When it comes to sanctions, compliance teams must seek out alternative ways to make sure that their company is fully compliant.
- Not the Same Focus and Targets
In addition to a broader scope, sanctions also focus on different behaviors and target alternate interests.
Typically, sanctions will focus on who (or where) you are whereas AML will focus on what you are doing. In other words, AML laws will target the proceeds of crime, while sanctions will target the property interests of sanctioned parties (i.e. through blocking of property/freezing of assets/prohibition of dealing with or provision of financial services to sanctions targets).
Example: Julio Suarez who lives in Venezuela owns a laundry front business that he uses to launder money, which he makes from his drug farm.
|Focus & Targets||Focuses on who (or where) you are and will target property interests of sanctioned parties||Focuses on what you are doing and the proceeds of crime from illicit activity|
AML rules would focus on the money laundered through Julio’s laundry business, and if Julio were your client and your company suspected unusual activity, you would have to file a Suspicious Transaction or Suspicious Activity Report (STR or SAR) with the relevant regulator.
Sanctions rules would target Julio himself, and/or his country, and potentially freeze his assets. For example, he personally may be included on OFAC’s Specially Designated Nationals (SDN) List or fall under Venezuela’s sanctions regime that targets certain industries. Your company would have to be aware of the specific sanctions regimes that would apply to Julio and then cease business with him.
Though this can seem simple enough, fulfilling sanctions requirements can become complicated seeing as Julio Suarez may be a common name.Your business could have many customers with the name Julio Suarez and you may not be sure if your business’ client is the same Julio Suarez who has been designated, or perhaps your team is uncertain whether or not Julio falls under Venezuela’s targeted sanctions regime.
- Real-Time vs. Post Facto Screening
In addition to different targets, sanctions and AML emphasize varying types of transaction monitoring.
|Screening/Monitoring||Emphasize real-time screening||Generally post-facto monitoring of transactions|
With the exception of client-onboarding and KYC, AML compliance generally consists of post-facto monitoring of suspicious transactions based on defined scenarios and complex behavioral typologies.
FinCEN, uses a threshold of $5,000 (or $2,000 for MSBs) for reporting suspicious transaction that could involve potential money laundering or terrorist financing.
On the flip-side, sanctions monitoring emphasizes real-time screening of transactions to make sure a client is not violating a sanctions regime or that a client has not been placed on a watch list, such as OFAC’s SDN List.
Sanctions lists with designated persons and entities are constantly changing. Further, there is no minimum dollar threshold – any transaction is a violation. This makes the operationalization of real-time compliance a less than straight forward task.
- Harsher Liability
Lastly, but certainly not least, sanctions have harsher compliance standards than AML.
AML requirements incorporate risk-based compliance measures for violations and U.S. criminal laws typically require a wrongful (or wilful) state of mind as an element of any violation.
|Harsher Liability||Principle of strict liability||Typically based on willfulness|
In contrast, OFAC sanctions rules employ a principle of strict liability. This means that a individual or company will be held accountable for violating sanctions even if there was no wrongful state of mind. OFAC emphasizes that individuals and entities will be held accountable regardless of the dollar value of the transaction at issue.
In other words, in our scenario above, if a financial institution processes a bank transfer for Julio Suarez involving drug proceeds, and there were no red flags of money laundering or no indicators of an unusual transaction, the government is likely to take this into account. However, if Julio was designated as an SDN, and the financial institution processed a transaction for him, without knowing he was designated, the financial institution can face OFAC penalties even if it didn’t “know” about the violation.