OFAC Sanctions Guidelines

    Overview

    The Office of Foreign Assets Control (OFAC), a division of the U.S. Department of the Treasury, administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals. These sanctions target foreign countries, regimes, terrorists, international narcotics traffickers, and those engaged in activities related to the proliferation of weapons of mass destruction, among others. Businesses operating internationally must understand and comply with OFAC regulations to avoid legal and financial penalties.

    Regulation Summary

    Timeline
    • Establishment: OFAC was formally established in December 1950, following the Chinese intervention in the Korean War, to administer economic sanctions programs.
    • Ongoing Updates: Sanctions programs are continually updated to address emerging global threats and foreign policy objectives.
    What Businesses Are Affected
    • Financial Institutions: Banks and other financial entities must ensure they do not process transactions involving sanctioned individuals or entities.
    • Exporters and Importers: Companies involved in international trade must verify that their business partners are not on OFAC's sanctions lists.
    • Insurance Companies: Insurers need to ensure they are not underwriting policies for sanctioned parties.
    • Technology Firms: Companies offering digital services or products internationally must prevent access by sanctioned countries or individuals.
    Exemptions
    • General Licenses: OFAC may issue general licenses authorizing certain transactions that would otherwise be prohibited, such as specific humanitarian activities.
    • Specific Licenses: Businesses can apply for specific licenses to conduct transactions that are otherwise restricted, evaluated on a case-by-case basis.
    Responsibilities for Businesses
    • Risk Assessment: Conduct regular assessments to identify potential OFAC-related risks in operations, customers, and transactions.
    • Compliance Programs: Develop and maintain robust sanctions compliance programs tailored to the company's risk profile.
    • Screening Processes: Implement effective screening procedures to ensure no dealings with sanctioned parties.
    • Training: Provide ongoing training for employees on OFAC regulations and internal compliance procedures.
    • Reporting: Promptly report any suspected violations to OFAC.
    Specific Responsibilities for Website Owners
    • Access Restrictions: Implement measures to prevent access to services or products from sanctioned countries or individuals.
    • User Screening: Use tools to screen users against OFAC's sanctions lists before allowing access to certain services.
    • Disclosure: Clearly communicate in terms of service or user agreements that transactions with sanctioned parties are prohibited.
    • Monitoring: Continuously monitor user activities to detect and prevent prohibited transactions.
    Additional Requirements
    • 50% Rule: Entities owned 50% or more, directly or indirectly, by one or more blocked persons are also considered blocked, even if not explicitly listed by OFAC.
    • Secondary Sanctions: Non-U.S. entities may face sanctions for conducting business with sanctioned parties, even if no U.S. nexus exists
    Individual Rights
    • Not a Privacy Regulation: OFAC guidelines do not grant specific data subject rights.
    • Data Protection: Businesses should protect personal data collected during compliance processes, aligning with applicable data protection laws.
    Enforcement
    • Civil Penalties: OFAC can impose fines for violations, with amounts varying based on the specific sanctions program. Under the International Emergency Economic Powers Act (IEEPA), civil penalties can reach up to $356,579 per violation.
    • Criminal Penalties: Willful violations can lead to criminal charges, including fines of up to $1 million per violation and/or up to 20 years of imprisonment.
    • Compliance Expectations: OFAC expects organizations to maintain effective sanctions compliance programs and may consider the adequacy of these programs when determining enforcement actions.
    illustration of contact means

    Questions?

    If you would like to learn more, our compliance experts are happy to support you.

    Leave us a Message
    support@clym.io
    +1 980 446 8535 +1 866 275 2596