A Guide to Anti-Money Laundering for Crypto Firms
And How To Avoid Them
International sanctions are a vital part of the global fight against money laundering and the financing of terrorism. In the United States, economic sanctions are implemented by the Treasury’s Office of Foreign Assets Control (OFAC) which maintains sanctions lists of individuals, entities, and countries currently subject to sanction.
In order to achieve regulatory compliance with the US’ Bank Secrecy Act (BSA), banks, financial institutions and other obligated firms must deploy sanctions screening measures as part of their AML/CFT programs in order to ensure they are not doing business with sanctioned criminals or terrorists or state-sponsors of criminality and terrorism. OFAC sanctions represent a significant AML consideration and firms that fail to comply face potentially severe financial and legal penalties: in 2019, OFAC imposed a record number of compliance fines on a range of international businesses, amounting to almost $1.3 billion. With that in mind, it is important that firms doing business in the US understand how the OFAC sanctions list works, the potential fines they face for noncompliance, and how to effectively screen their customers against the list in order to avoid penalties.
OFAC has been performing its role of administering and enforcing US sanctions since 1950 when it was founded to impose embargoes on Chinese and North Korean assets. Today, the US uses economic sanctions to achieve its diplomatic and humanitarian objectives around the world and indexes the names of entities and individuals that are targeted for sanctions on its Blocked Persons and Specially Designated Nationals (SDN) list.
OFAC also maintains the Consolidated List, which indexes all non-SDN sanctions (although some Consolidated List data may also appear on the SDN list). Other OFAC sanctions lists include the Sectoral Sanctions Identifications List (which is targeted at Russia), the Foreign Sanctions Evaders List, and the Non-SDN Palestinian Legislative Council List.
OFAC sanctions prohibit firms within US jurisdiction from conducting transactions, and doing business, with the entities and individuals included on the sanctions lists. In practice, this means that firms must screen new customers against the sanctions lists whenever they start a new business relationship and continue to check the list periodically throughout that relationship.
OFAC Sanctions Penalties: Breaches of OFAC Sanctions can lead to serious financial and criminal consequences. Noncompliance fines can reach up to $20 million depending on the severity of the breach, while additional fines may be imposed in conjunction with OFAC sanctions breaches, including fines in excess of $1 million for breaches of the Foreign Narcotics Kingpin Designation Act.
In addition to noncompliance fines, OFAC sanctions breaches may also be punishable by prison terms of up to 30 years.
OFAC sanctions screening is a significant compliance challenge and firms must consider several unique factors when integrating screening measures into their AML programs:
Sanctions changes: The OFAC sanctions list changes regularly as target names are updated, added and withdrawn. This means that firms must monitor not only the OFAC list but official government publications and relevant announcements regarding new sanctions – and adjust their internal screening process to manage any changes.
Naming issues: The sanctions screening process should accommodate the diverse naming conventions that characterize targets on the OFAC list. Those conventions may involve regional spelling differences, missing vowels, and contractions, along the use of non-Latinate characters. The screening process should also account for targets that use aliases or alternative names to avoid detection.
Noise and false positives: Targets on the OFAC sanctions list may lack sufficient identifying features leading to the possibility of multiple hits or even false positives during the screening process. The potential for administrative noise and false positive identifications means that firms must acquire as much unique identifying information as possible on their customers during the due diligence process.
OFAC has the authority to issue general licenses to firms that permit transactions and trade with sanctioned entities under certain circumstances. Firms must apply to OFAC for a general license or, if a general license is not available, must submit a written request for a specific license and accompany that request with all necessary information.
Banks and financial institutions must consider the specific challenges of OFAC sanctions compliance when developing and implementing their internal AML programs. Financial Action Task Force (FATF) and BSA guidelines require firms to put risk-based AML/CFT programs in place to meet their compliance responsibilities. Accordingly, a suitable OFAC sanctions compliant program should feature robust and up to date OFAC sanctions screening tools, along with the following measures:
- Customer due diligence: Effective sanctions enforcement requires firms to know who they are doing business with which means establishing each customer’s identity during onboarding. Firms must collect and verify a range of identifying information including customer names, addresses, and dates of birth and support that verification with official documents such as passports. Customer’s that present a higher risk (such as those from high risk jurisdictions) should be subject to enhanced due diligence measures involving a greater level of scrutiny.
- Transaction monitoring: Customers may attempt to evade AML/CFT measures in order to do business with OFAC sanctions targets. To prevent this, firms must monitor customer transactions on an ongoing basis for indications that sanctions breaches have occurred. Sanctions evasion may not be immediately evident: firms should be vigilant for certain behaviors such as unusual transaction patterns, transactions with high risk jurisdictions, or structured attempts to transfer funds in amounts just below reporting thresholds.
- Politically exposed persons: Customers that are politically exposed persons (PEP), along with their associates and relatives, may pose an elevated AML risk and be in positions that allow them to evade sanctions controls. With that in mind, firms should establish their customers’ PEP status by monitoring elections and news sources on an ongoing basis.
- Adverse media monitoring: Sanctions targets may often be associated with adverse and negative news media reports. With that in mind, firms should monitor for adverse media stories that involve their customers and that reveal association with sanctions targets. Firms should include both traditional screen and print media along with internet-based sources.
OFAC sanctions compliance requires firms to collect and analyze vast amounts of data from a variety of sources. Since managing that data manually would be unfeasible and inevitably lead to potentially costly human errors, firms should seek to integrate suitable smart technology tools to help them achieve regulatory compliance.
Automated smart technology not only adds speed and efficiency to OFAC compliance but can help reduce the burden of remediating the administrative noise and false positives that sanctions screening so often generates. Similarly, smart technology adds depth to an AML response: firms can use artificial intelligence and machine learning systems to manage unstructured data, detect patterns in their customers’ transactional behavior, and generate alerts when customers deviate from established risk profiles.
Our Sanctions Screening Tool Updates In Minutes and Screens Against 1,000s of Global Government Regulatory and Law Enforcement Watchlists and Over 100 International and National Sanctions Lists.
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2022 IVXS UK Limited (trading as ComplyAdvantage).