The Office of Foreign Assets Control (OFAC) administers several sanctions programs that restrict (and in many cases prohibit) transactions involving foreign nations, entities, and individuals. OFAC also shares responsibility for enforcing federal laws such as the Bank Secrecy Act (BSA) that impose criminal penalties for anti-money laundering (AML) noncompliance and other statutory violations. Violations of OFAC’s regulations and the statutes it enforces can trigger substantial penalties—including criminal penalties in some cases—and mitigating or avoiding these penalties requires a strategic and proactive defense.
For entities that are subject to OFAC compliance (both in the U.S. and abroad), understanding what it takes to maintain an effective compliance program is critical. It is important to understand the consequences of noncompliance as well. This will allow for informed decision-making; and, in the event of an OFAC enforcement action, it will facilitate the execution of a strategic defense.
10 Examples of OFAC Violations
When can OFAC (or the U.S. Department of Justice (DOJ)) pursue enforcement action? Here are 10 examples of potential OFAC violations in 2023:
1. Doing Business with Specially Designated Nationals (SDNs)
OFAC sanctions prohibit U.S. financial institutions and other entities from doing business with Specially Designated Nationals (SDNs). The SDN List is perhaps OFAC’s most well-known sanctions program, and it is also perhaps the sanctions program that is most often violated.
As OFAC explains, SDNs’ assets are blocked, “and U.S. persons are generally prohibited from dealing with them.” When financial institutions and other entities do not have adequate protections in place to avoid doing business with SDNs, even inadvertent violations can lead to substantial penalties.
2. Other Sanctions Program Violations
Along with the SDN list, OFAC administers several other sanctions programs. These include country-based and sector-based sanctions programs, as well as secondary sanctions that apply to entities and individuals that are affiliated with SDNs.
Violations of these OFAC sanctions programs can have consequences similar to doing business with SDNs. Depending on the circumstances involved, these consequences can include civil monetary penalties (CMP), criminal fines, and even federal imprisonment—as discussed in greater detail below.
3. General and Specific License Violations
OFAC issues general and specific licenses that allow financial institutions and other entities to execute transactions that would otherwise be prohibited under its sanctions programs. This includes (but is not limited to) transactions involving SDNs’ blocked assets. However, OFAC’s general and specific licenses are extremely limiting, and exceeding the scope of a general or specific license can also result in an OFAC violation.
4. Recordkeeping and Reporting Violations
OFAC’s regulations establish several recordkeeping requirements for financial institutions and other entities. Financial institutions and other entities must also report transactions to OFAC in many cases. Recordkeeping and reporting violations will trigger CMP in most cases, although intentionally or willfully keeping false records or submitting fraudulent reports has the potential to trigger criminal prosecution.
5. Failure to Voluntarily Self-Disclose
When a financial institution or other entity commits a sanctions violation (or has concerns about an apparent sanctions violation), voluntarily self-disclosure can significantly mitigate the risks involved. OFAC’s Economic Sanctions Enforcement Guidelines (the “Guidelines”) encourage voluntary self-disclosure, and failure to self-disclose an apparent violation can substantially increase the penalties that are on the table.
To qualify as a voluntary self-disclosure, an entity’s report to OFAC must not be materially incomplete, and it must not include any false or misleading information. Submitting a materially incomplete, false, or misleading disclosure to OFAC is a violation that has the potential to trigger civil or criminal enforcement action as well.
6. Bank Secrecy Act (BSA) Violations
The Bank Secrecy Act (BSA) establishes anti-money laundering (AML) and other compliance obligations for financial institutions. Other businesses may have reporting requirements under the BSA as well. AML and reporting violations under the BSA can lead to OFAC enforcement action, as well as the potential for civil or criminal litigation with the DOJ.
7. Trading with the Enemy Act (TWEA) Violations
The Trading with the Enemy Act (TWEA) is another federal statute that falls within OFAC’s enforcement jurisdiction and includes provisions for both civil and criminal enforcement. As its name suggests, the TWEA prohibits transactions involving certain foreign entities; and while these prohibitions will overlap with OFAC’s sanctions in some cases, an effective OFAC sanctions compliance program isn’t necessarily enough to avoid TWEA violations.
8. International Emergency Economic Powers Act (IEEPA) Violations
The International Emergency Economic Powers Act (IEEPA) also includes both civil and criminal penalties for violations. Matters falling within OFAC’s enforcement jurisdiction can trigger the IEEPA’s requirements and prohibitions as well; and, here too, allegations of intentionally or willfully violating the law (or acting with willful ignorance of the law’s requirements) can lead to prosecution by the DOJ.
9. Antiterrorism and Effective Death Penalty Act (AEDPA)
The Antiterrorism and Effective Death Penalty Act (AEDPA) serves as the basis for certain OFAC sanctions. As a result, violations of these sanctions can lead to both OFAC enforcement action and federal criminal enforcement. Federal enforcement efforts have sought to expand the AEDPA’s reach in recent years, and entities and individuals can find themselves facing charges under the statute in a wide range of circumstances.
10. Other Statutory Violations
Along with the BSA, TWEA, IEEPA, and AEDPA, various other statutory violations can trigger OFAC enforcement action as well. These include violations of the Foreign Narcotics Kingpin Designation Act (FNKDA) and Clean Diamond Trade Act (CDTA), among others. As with the other statutes discussed above, regardless of whether violations implicate OFAC sanctions, they can lead to investigations and enforcement action by OFAC; and, when warranted, criminal prosecution may follow.
Fines and Other Penalties for OFAC Violations in 2023
OFAC violations can trigger a wide range of fines and other penalties. When OFAC pursues enforcement actions directly, it is limited to seeking CMP and imposing administrative remedies. However, when the DOJ pursues criminal charges for statutory violations, both fines and prison time can be on the table. Here is an overview of some of the potential fines and other penalties for OFAC violations in 2023:
Economic Sanctions Enforcement
OFAC has the authority to directly impose penalties for sanctions violations. It imposes penalties in accordance with the Guidelines, which consider the egregiousness of the violation, voluntary self-disclosure (if any), and other mitigating and aggravating factors when determining the base penalty amount. OFAC can then adjust this base penalty amount as warranted during settlement negotiations.
Civil Monetary Penalties
Along with civil monetary penalties for OFAC sanctions violations, targeted entities and individuals can face CMP for statutory violations as well. These penalties are adjusted periodically for inflation, and are set at the following figures as of 2023:
- Bank Secrecy Act (BSA): Varying civil monetary penalties depending on the violation(s) at issue.
- Trading with the Enemy Act (TWEA): Maximum CMP of $105.083.
- International Emergency Economic Powers Act (IEEPA): Maximum CMP of $356,579 or twice the value of the underlying transaction.
- Antiterrorism and Effective Death Penalty Act (AEDPA): Maximum CMP of $94,127 or twice the value of the assets at issue.
- Foreign Narcotics Kingpin Designation Act (FNKDA): Maximum CMP of $1,771,754.
- Clean Diamond Trade Act (CDTA): Maximum CMP of $16,108.
To clarify, these civil monetary penalties apply on a per-violation basis. In OFAC enforcement cases, it is not unusual for hundreds, thousands, or even tens of thousands of violations to be at issue. As a result, targeted entities’ penalty liability can be substantial; and, when it is not possible to avoid CMP entirely, targeted entities will need to focus their defense efforts on negotiating a favorable settlement with OFAC.
Criminal Fines and Imprisonment
Entities charged with intentional or willful violations of the statutes listed above can face substantial criminal fines in DOJ litigation—often in the hundreds of thousands of dollars, and in the millions of dollars in some cases. Here, too, facing multiple charges or multiple counts can increase entities’ penalty exposure significantly.
Individuals charged with criminal violations of the BSA, TWEA, and the other statutes listed above can face both fines and prison time. Prison sentences vary widely, with the maximum sentences reaching 20 years, if not more, for certain violations. Entities and individuals charged under these statutes can face additional charges for mail fraud, wire fraud, money laundering, and other federal white-collar crimes as well, and these charges can further enhance the risks of facing criminal prosecution for OFAC-related violations.
Contact the OFAC Compliance and Defense Attorneys at The Criminal Defense Firm
At The Criminal Defense Firm, we represent financial institutions, businesses, and individuals in all OFAC compliance and enforcement matters. This includes civil and criminal enforcement matters involving both OFAC and the DOJ. If you need to speak with outside counsel about a pending OFAC investigation or enforcement action, we encourage you to call 866-603-4540 or contact us online promptly to arrange a confidential initial consultation with one of our senior attorneys.